(RHSA-2010:0155) Moderate: java-1.4.2-ibm security and bug fix update
2010-03-17T04:00:00
ID RHSA-2010:0155 Type redhat Reporter RedHat Modified 2017-09-08T11:54:15
Description
The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit.
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handle session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. (CVE-2009-3555)
This update disables renegotiation in the non-default IBM JSSE2 provider
for the Java Secure Socket Extension (JSSE) component. The default JSSE
provider is not updated with this fix. Refer to the IBMJSSE2 Provider
Reference Guide, linked to in the References, for instructions on how to
configure the IBM Java 2 Runtime Environment to use the JSSE2 provider by
default.
When using the JSSE2 provider, unsafe renegotiation can be re-enabled using
the com.ibm.jsse2.renegotiate property. Refer to the following
Knowledgebase article for details:
http://kbase.redhat.com/faq/docs/DOC-20491
This update also fixes the following bug:
the libjaasauth.so file was missing from the java-1.4.2-ibm packages for
the Intel Itanium architecture (.ia64.rpm). This update adds the file to
the packages for the Itanium architecture, which resolves this issue.
(BZ#572577)
All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain the IBM 1.4.2 SR13-FP4 Java release. All running
instances of IBM Java must be restarted for this update to take effect.
{"id": "RHSA-2010:0155", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2010:0155) Moderate: java-1.4.2-ibm security and bug fix update", "description": "The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update disables renegotiation in the non-default IBM JSSE2 provider\nfor the Java Secure Socket Extension (JSSE) component. The default JSSE\nprovider is not updated with this fix. Refer to the IBMJSSE2 Provider\nReference Guide, linked to in the References, for instructions on how to\nconfigure the IBM Java 2 Runtime Environment to use the JSSE2 provider by\ndefault.\n\nWhen using the JSSE2 provider, unsafe renegotiation can be re-enabled using\nthe com.ibm.jsse2.renegotiate property. Refer to the following\nKnowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nThis update also fixes the following bug:\n\n* the libjaasauth.so file was missing from the java-1.4.2-ibm packages for\nthe Intel Itanium architecture (.ia64.rpm). This update adds the file to\nthe packages for the Itanium architecture, which resolves this issue.\n(BZ#572577)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain the IBM 1.4.2 SR13-FP4 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.", "published": "2010-03-17T04:00:00", "modified": "2017-09-08T11:54:15", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0155", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2009-3555"], "lastseen": "2017-09-09T07:20:33", "history": [{"bulletin": {"id": "RHSA-2010:0155", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2010:0155) Moderate: java-1.4.2-ibm security and bug fix update", "description": "The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update disables renegotiation in the non-default IBM JSSE2 provider\nfor the Java Secure Socket Extension (JSSE) component. The default JSSE\nprovider is not updated with this fix. Refer to the IBMJSSE2 Provider\nReference Guide, linked to in the References, for instructions on how to\nconfigure the IBM Java 2 Runtime Environment to use the JSSE2 provider by\ndefault.\n\nWhen using the JSSE2 provider, unsafe renegotiation can be re-enabled using\nthe com.ibm.jsse2.renegotiate property. Refer to the following\nKnowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nThis update also fixes the following bug:\n\n* the libjaasauth.so file was missing from the java-1.4.2-ibm packages for\nthe Intel Itanium architecture (.ia64.rpm). This update adds the file to\nthe packages for the Itanium architecture, which resolves this issue.\n(BZ#572577)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain the IBM 1.4.2 SR13-FP4 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.", "published": "2010-03-17T04:00:00", "modified": "2016-04-04T18:37:25", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0155", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2009-3555"], "lastseen": "2016-09-04T11:17:46", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-plugin-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-plugin", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}]}, "lastseen": "2016-09-04T11:17:46", "differentElements": ["modified"], "edition": 1}, {"bulletin": {"id": "RHSA-2010:0155", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2010:0155) Moderate: java-1.4.2-ibm security and bug fix update", "description": "The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update disables renegotiation in the non-default IBM JSSE2 provider\nfor the Java Secure Socket Extension (JSSE) component. The default JSSE\nprovider is not updated with this fix. Refer to the IBMJSSE2 Provider\nReference Guide, linked to in the References, for instructions on how to\nconfigure the IBM Java 2 Runtime Environment to use the JSSE2 provider by\ndefault.\n\nWhen using the JSSE2 provider, unsafe renegotiation can be re-enabled using\nthe com.ibm.jsse2.renegotiate property. Refer to the following\nKnowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nThis update also fixes the following bug:\n\n* the libjaasauth.so file was missing from the java-1.4.2-ibm packages for\nthe Intel Itanium architecture (.ia64.rpm). This update adds the file to\nthe packages for the Itanium architecture, which resolves this issue.\n(BZ#572577)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain the IBM 1.4.2 SR13-FP4 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.", "published": "2010-03-17T04:00:00", "modified": "2017-07-18T19:35:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0155", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2009-3555"], "lastseen": "2017-07-18T18:49:16", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-plugin-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-plugin", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.i386.rpm", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "operator": "lt", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390.rpm", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "operator": "lt", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5"}]}, "lastseen": "2017-07-18T18:49:16", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "RHSA-2010:0155", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2010:0155) Moderate: java-1.4.2-ibm security and bug fix update", "description": "The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update disables renegotiation in the non-default IBM JSSE2 provider\nfor the Java Secure Socket Extension (JSSE) component. The default JSSE\nprovider is not updated with this fix. Refer to the IBMJSSE2 Provider\nReference Guide, linked to in the References, for instructions on how to\nconfigure the IBM Java 2 Runtime Environment to use the JSSE2 provider by\ndefault.\n\nWhen using the JSSE2 provider, unsafe renegotiation can be re-enabled using\nthe com.ibm.jsse2.renegotiate property. Refer to the following\nKnowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nThis update also fixes the following bug:\n\n* the libjaasauth.so file was missing from the java-1.4.2-ibm packages for\nthe Intel Itanium architecture (.ia64.rpm). This update adds the file to\nthe packages for the Itanium architecture, which resolves this issue.\n(BZ#572577)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain the IBM 1.4.2 SR13-FP4 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.", "published": "2010-03-17T04:00:00", "modified": "2017-07-25T00:01:36", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/", "score": 5.8}, "href": "https://access.redhat.com/errata/RHSA-2010:0155", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2009-3555"], "lastseen": "2017-07-26T08:57:04", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-plugin", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-plugin-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}]}, "lastseen": "2017-07-26T08:57:04", "differentElements": ["affectedPackage", "modified"], "edition": 3}, {"bulletin": {"id": "RHSA-2010:0155", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2010:0155) Moderate: java-1.4.2-ibm security and bug fix update", "description": "The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update disables renegotiation in the non-default IBM JSSE2 provider\nfor the Java Secure Socket Extension (JSSE) component. The default JSSE\nprovider is not updated with this fix. Refer to the IBMJSSE2 Provider\nReference Guide, linked to in the References, for instructions on how to\nconfigure the IBM Java 2 Runtime Environment to use the JSSE2 provider by\ndefault.\n\nWhen using the JSSE2 provider, unsafe renegotiation can be re-enabled using\nthe com.ibm.jsse2.renegotiate property. Refer to the following\nKnowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nThis update also fixes the following bug:\n\n* the libjaasauth.so file was missing from the java-1.4.2-ibm packages for\nthe Intel Itanium architecture (.ia64.rpm). This update adds the file to\nthe packages for the Itanium architecture, which resolves this issue.\n(BZ#572577)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain the IBM 1.4.2 SR13-FP4 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.", "published": "2010-03-17T04:00:00", "modified": "2017-07-28T19:00:59", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/", "score": 5.8}, "href": "https://access.redhat.com/errata/RHSA-2010:0155", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2009-3555"], "lastseen": "2017-08-01T10:57:40", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}]}, "lastseen": "2017-08-01T10:57:40", "differentElements": ["affectedPackage", "modified"], "edition": 4}], "viewCount": 1, "enchantments": {"vulnersScore": 6.3}, "enchantments_done": [], "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-plugin", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-plugin-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-javacomm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-jdbc", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm-devel", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm-demo", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "java-1.4.2-ibm-src", "packageVersion": "1.4.2.13.4-1jpp.1.el5", "packageFilename": "java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5.ia64.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}
{"result": {"cve": [{"id": "CVE-2009-3555", "type": "cve", "title": "CVE-2009-3555", "description": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.", "published": "2009-11-09T12:30:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-09-19T13:36:39"}], "openssl": [{"id": "OPENSSL:CVE-2009-3555", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2009-3555)", "description": "Implement RFC5746 to address vulnerabilities in SSL/TLS renegotiation.", "published": "2009-11-05T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.openssl.org/news/vulnerabilities.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-09-26T17:22:35"}], "f5": [{"id": "F5:K10737", "type": "f5", "title": "SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541", "description": "", "published": "2009-11-06T03:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K10737", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-06-08T10:18:58"}, {"id": "SOL10737", "type": "f5", "title": "SOL10737 - SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541", "description": "A Man in the Middle attack allows an attacker to inject an arbitrary amount of chosen plain text into the application protocol stream data during a secure session renegotiation that uses SSL version 3.x or TLS version 1.x. This may provide an attacker the ability to perform arbitrary actions on affected websites with user's credentials. This vulnerability does not allow one to decrypt the intercepted network communication.\n\nInformation about this advisory is available at the following locations:\n\n**Note**: These links take you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.\n\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555>\n\n**Note**: F5 thanks Marsh Ray, who originally identified and reported this vulnerability.\n\nThe IETF has adopted as [RFC5746: Transport Layer Security (TLS) Renegotiation Indication Extension](<http://tools.ietf.org/html/rfc5746>) a new extension to the TLS standard that addresses this issue. F5 Product Development has implemented this new extension beginning in BIG-IP versions 10.2.3 and 11.0.0.\n\n**Important**: When session renegotiation is disabled, some browsers may log an informational message that appears similar to the following example to the console, when connecting to F5 products:\n\nServer does not support RFC 5746, see CVE-2009-3555\n\nAlthough the message implies that the F5 product to which the browser is connecting is vulnerable to this attack, all vulnerable F5 Products have been patched to disable SSL/TLS renegotiation, and some have been further enhanced to allow explicit control over renegotiation, thus mitigating this attack. For more information regarding completed and planned updates related to this vulnerability, refer to the following table. Note that ID 223836 specifically addresses this error message.\n\nF5 Product Development is tracking this issue as follows:\n\nCR / ID | Description | Affected products | Included in \n---|---|---|--- \nCR132165 / \n \nID 213305 | Introduce the **<disable|enable>** parameter to the **[SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>)** iRule command to control on a per-connection basis how TMM should respond to SSL 3.0/TLS 1.0 renegotiation requests. \n\n\n**Important**: Client-side session renegotiation is still enabled, by default, in versions prior to 10.1.0. In these versions, you must apply an iRule using the **SSL::renegotiate disable **command to each virtual server configuration you wish to protect from this vulnerability. Refer to the mitigation section, following, for more information.\n\n**Note**: For more information, refer to the DevCentral wiki page for the **[SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>)** iRule command.\n\n| LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 9.3.1 HF8 \nBIG-IP 9.4.8 HF2 \nBIG-IP 10.0.1 HF3 \nBIG-IP 10.1.0 and later \nEnterprise Manager 2.0 \nEngineering Hotfix available for: \nEnterprise Manager 1.8 \nCR132166 / \n \nID 213306 | Patch OpenSSL to disable midstream session renegotiation. This patch protects the Configuration utility and iControl against this vulnerability. | LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 9.3.1 HF8 \nBIG-IP 9.4.8 HF2 \nBIG-IP 10.0.1 HF3 \nBIG-IP 10.1.0 and later \nEnterprise Manager 2.0 \nEnterprise Manager 1.8 HF1 \nCR132167 / \n \nID 213307 | Enable midstream session renegotiation for the **big3d **and **gtmd**. This CR is a companion to CR132166, re-enabling mid-stream session renegotiation for the **big3d **and **gtmd** processes, which maintain long-lived iQuery-over-SSL connections that are renegotiated daily. These connections are mutually authenticated using 2-way SSL authentication prior to exchanging application traffic and, thus, are not vulnerable to the man-in-the-middle attacks described in this Solution. | LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 9.3.1 HF8 \nBIG-IP 9.4.8 HF2 \nBIG-IP 10.0.1 HF3 \nBIG-IP 10.1.0 and later \nEnterprise Manager 2.0 \nEnterprise Manager 1.8 HF1 \nCR132170 / \n \nID 213308 | Introduce a Client SSL / ServerSSL profile option to control whether midstream session renegotiation is allowed. In versions 10.1.0 - 10.2.2, the default setting for the Client SSL profile is **disabled**, and the default setting for the Server SSL profile is **enabled**. **Note**: BIG-IP versions 10.2.3 and later support the Renegotiation Indication Extension. For more information, refer to SOL13512: Change in Behavior: The BIG-IP SSL profiles support the TLS Renegotiation Indication Extension. \n| LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM | BIG-IP 10.1.0 and later \n \nCR132172 / \n \nID 223836 | Implement [RFC5746: Transport Layer Security (TLS) Renegotiation Indication Extension](<http://tools.ietf.org/html/rfc5746>), an extension to the TLS standard for secure midstream session renegotiation. **Note**: For more information, refer to SOL13512: Change in Behavior: The BIG-IP SSL profiles support the TLS Renegotiation Indication Extension. \n| LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 10.2.3 \nBIG-IP 11.0.0 and later \n \nCR132177 / \nID 295760\n\nand\n\nCR132177-1 / \nID 294172\n\n| Patch OpenSSL to disable midstream session renegotiation. | FirePass | \n\nFirePass 7.0.0 and later \nFirePass 6.1.0 HF1 * \nFirePass 6.0.3 hotfix-132177-1 \nFirePass 6.0.2 hotfix-132177-1 \nFirePass 5.5.2 hotfix-132177-1 \nFirePass 5.5.1 hotfix-132177-1 \nFirePass 5.5 hotfix-132177-1 \n \nImportant: For version 6.1.0, the \nfix for this ID was not included in \nHF3 or HF4. Install the latest \ncumulative hotfix. \n \nID 37053 | Patch or upgrade Apache Tomcat to disable session renegotiation. | ARX | ARX 6.2.0 \n \n \nIf a named hotfix has been issued for your software version, you may download the referenced hotfix or later versions of the hotfix from the F5 [Downloads](<http://downloads.f5.com/esd/index.jsp>) site.\n\nIf an engineering hotfix has been issued for your software version, you should contact [F5 Technical Support](<http://www.f5.com/training-support/customer-support/contact/>), and reference this Solution number and the associated CR number to request the hotfix.\n\nFor a list of the latest available hotfixes, refer to SOL9502: BIG-IP hotfix matrix.\n\nFor information about the F5 hotfix policy, refer to SOL4918: Overview of the F5 critical issue hotfix policy.\n\nFor information about how to manage F5 product hotfixes, refer to SOL6845: Managing F5 product hotfixes.\n\nFor information about installing version 10.x hotfixes, refer to SOL10025: Managing BIG-IP product hotfixes (10.x).\n\n**Mitigation steps for BIG-IP LTM, ASM, PSM, Link Controller, WebAccelerator, or WOM SSL virtual servers**\n\nYou can use the Client SSL profile Renegotiation setting or an iRule to disable client-side session renegotiation for virtual servers. Refer to the following section that applies to your version:\n\n**Note**: Applications that require session renegotiation are inherently vulnerable to the attack. Only removal of the renegotiation requirement in the application itself will eliminate the vulnerability. If session renegotiation is disabled by any of the vulnerability mitigation steps described later, without modifying the application, client connections will be dropped. For example, IE 5.0 clients accessing applications which use SGC (Server Gated Cryptography) certificates are known to require renegotiation, and their connections would be disrupted by such a configuration.\n\n**Important**: Any mitigation action that re-enables session re-negotiation on patched vulnerable versions may re-expose your F5 system to this vulnerability. In some cases, iRule logic can be used to control this behavior. Refer to the following sections for details regarding your product and version.\n\n**BIG-IP versions 10.1.0 and later**\n\nBIG-IP versions 10.2.3 and later support the Renegotiation Indication Extension. SSL Renegotiation setting is **Enabled,** by default, in the SSL profiles, however, the system requires secure renegotiation of SSL connections. For more information, refer to SOL13512: Change in Behavior: The BIG-IP SSL profiles support the TLS Renegotiation Indication Extension.\n\nIn BIG-IP version 10.1.0, the Renegotiation setting was added to the BIG-IP Client session and Server SSL profiles as a result of ID 213308 (formerly CR132180). In versions 10.1.0 - 10.2.2, the Renegotiation setting is **Disabled **by default in the Client SSL profile. Virtual servers using a Client SSL profile with the Renegotiation setting configured to **Disabled **are protected from this vulnerability.\n\nIf necessary, you can selectively enable renegotiation using the **SSL::renegotiate** iRules command on a virtual server that has renegotiation disabled in its Client SSL profile. For example, an iRule similar to the following enables renegotiation only for clients within a single Class C subnet:\n\nwhen CLIENTSSL_HANDSHAKE priority 1 { \nif { [IP::addr [IP::client_addr] equals 192.168.222.0/24] }{ \nSSL::renegotiate enable \n} \n}\n\n**Note**: For more information, refer to the DevCentral wiki page for the [SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>) iRule command. A separate DevCentral login is required to access this content; you will be redirected to authenticate or register (if necessary).\n\n**BIG-IP versions 9.3.1 HF8, 9.4.8 HF2, 10.0.1 HF3, and 10.1.0 through 10.2.x**\n\nTo mitigate the vulnerability, a BIG-IP system administrator may apply iRules similar to the following to each SSL virtual server. This sample iRule uses the **SSL::renegotiate** command to disable client-side session renegotiation, which prevents the BIG-IP system from processing a secondary session renegotiation request:\n\nwhen CLIENTSSL_HANDSHAKE priority 1 { \nSSL::renegotiate disable \n}\n\nThe **<enable|disable>**parameter was added to the **SSL::renegotiate** command in versions 9.3.1 HF8, 9.4.8 HF2, 10.0.1 HF3, 10.1.x, and 10.2.0 as a result of ID 213305 (formerly CR132165). In versions prior to 10.1.0, all virtual servers with a Client SSL profile applied will, by default, still accept session renegotiation.\n\n**Note**: For more information, refer to the DevCentral wiki page for the [SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>) iRule command. A separate DevCentral login is required to access this content; you will be redirected to authenticate or register (if necessary).\n\n**BIG-IP versions 9.4.x, 9.3.x prior to 9.3.1 HF8, and 10.0.x prior to 10.0.1 HF3**\n\nTo mitigate the vulnerability in versions that do not include the **SSL::renegotiate** command, apply an iRule similar to the following to each SSL virtual server. The iRule resets the connection if client-side SSL renegotiation is attempted.\n\nwhen CLIENT_ACCEPTED { \n# initialize TLS/SSL handshake count for this connection \nset sslhandshakecount 0 \n} \nwhen CLIENTSSL_HANDSHAKE priority 1 { \n# a handshake just occurred \nincr sslhandshakecount \n# is this the first handshake in this connection? \nif { $sslhandshakecount > 1 } { \n# log (rate limited) the event (to /var/log/ltm) \nlog \"\\\\[VS [IP::local_addr]:[TCP::local_port] client [IP::remote_addr]:[TCP::remote_port]\\\\]:TLS/SSL renegotiation\" \n# if not, close the clientside connection \nreject \n} \n} \n\n\n**Note**: This example was provided by F5 DevCentral poster Lupo. The original post is available at the following location:\n\n[mitigating the TLS client-initiated renegotiation MITM attack](<http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=86456&view=topic>)\n\nA separate DevCentral login is required to access this content; you will be redirected to authenticate or register (if necessary).\n", "published": "2009-11-05T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-05-30T21:02:08"}], "cert": [{"id": "VU:120541", "type": "cert", "title": "SSL and TLS protocols renegotiation vulnerability", "description": "### Overview\n\nA vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction.\n\n### Description\n\nThe Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are commonly used to provide authentication, encryption, integrity, and non-repudiation services to network applications such as HTTP, IMAP, POP3, LDAP. A vulnerability in the way SSL and TLS protocols allow renegotiation requests may allow an attacker to inject plaintext into an application protocol stream. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. According to the [Network Working Group](<https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt>): \n\n_The server treats the client's initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent client data._ \n \nThis issue affects SSL version 3.0 and newer and TLS version 1.0 and newer. \n \n--- \n \n### Impact\n\nA remote, unauthenticated attacker may be able to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream. This could allow and attacker to issue HTTP requests, or take action impersonating the user, among other consequences. \n \n--- \n \n### Solution\n\nUsers should contact vendors for specific patch information. \n \n--- \n \n### Systems Affected \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nBarracuda Networks| | 05 Nov 2009| 17 Dec 2009 \nDebian GNU/Linux| | 05 Nov 2009| 11 Nov 2009 \nGnuTLS| | 05 Nov 2009| 11 Nov 2009 \nHewlett-Packard Company| | 05 Nov 2009| 17 Dec 2009 \nIBM Corporation| | 05 Nov 2009| 11 Nov 2009 \nMcAfee| | 05 Nov 2009| 11 Nov 2009 \nSun Microsystems, Inc.| | 05 Nov 2009| 06 Nov 2009 \nCryptlib| | 05 Nov 2009| 11 Nov 2009 \nForce10 Networks, Inc.| | 05 Nov 2009| 22 Jul 2011 \nlibgcrypt| | 05 Nov 2009| 11 Nov 2009 \nRedback Networks, Inc.| | 05 Nov 2009| 11 Nov 2009 \nSafeNet| | 05 Nov 2009| 19 Nov 2009 \n3com Inc| | 05 Nov 2009| 05 Nov 2009 \nACCESS| | 05 Nov 2009| 05 Nov 2009 \nAlcatel-Lucent| | 05 Nov 2009| 05 Nov 2009 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23120541 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | N/A | N/A \n \n### References\n\n * <http://extendedsubset.com/?p=8>\n * <http://www.links.org/?p=780>\n * <http://www.links.org/?p=786>\n * <http://www.links.org/?p=789>\n * <http://blogs.iss.net/archive/sslmitmiscsrf.html>\n * <http://www.ietf.org/mail-archive/web/tls/current/msg03948.html>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=533125>\n * <http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html>\n * <http://cvs.openssl.org/chngview?cn=18790>\n * <http://www.links.org/files/no-renegotiation-2.patch>\n * <http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html>\n * <https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt>\n * <http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html>\n\n### Credit\n\nThanks to Marsh Ray of PhoneFactor for reporting this vulnerability. This issue was also independently discovered and publicly disclosed by Martin Rex of SAP.\n\nThis document was written by Chris Taschner.\n\n### Other Information\n\n * CVE IDs: [CVE-2009-3555](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555>)\n * Date Public: 05 Nov 2009\n * Date First Published: 11 Nov 2009\n * Date Last Updated: 22 Jul 2011\n * Document Revision: 35\n\n", "published": "2009-11-11T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.kb.cert.org/vuls/id/120541", "cvelist": ["CVE-2009-3555", "CVE-2009-3555"], "lastseen": "2016-02-03T09:13:26"}], "openvas": [{"id": "OPENVAS:900247", "type": "openvas", "title": "Remote Code Execution Vulnerabilities in SChannel (980436)", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS10-049.", "published": "2010-08-11T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=900247", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-07-02T21:09:51"}, {"id": "OPENVAS:830893", "type": "openvas", "title": "Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)", "description": "Check for the Version of mandriva-release", "published": "2010-02-19T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=830893", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-12-18T10:57:54"}, {"id": "OPENVAS:861798", "type": "openvas", "title": "Fedora Update for nss FEDORA-2010-3905", "description": "Check for the Version of nss", "published": "2010-03-31T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=861798", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-12-21T11:33:22"}, {"id": "OPENVAS:66270", "type": "openvas", "title": "Slackware Advisory SSA:2009-320-01 openssl ", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-320-01.", "published": "2012-09-11T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66270", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-07-24T12:51:05"}, {"id": "OPENVAS:880611", "type": "openvas", "title": "CentOS Update for nspr CESA-2010:0165 centos5 i386", "description": "Check for the Version of nspr", "published": "2011-08-09T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880611", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-07-25T10:55:36"}, {"id": "OPENVAS:66583", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-13250 (proftpd)", "description": "The remote host is missing an update to proftpd\nannounced via advisory FEDORA-2009-13250.", "published": "2009-12-30T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66583", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-07-25T10:55:58"}, {"id": "OPENVAS:880612", "type": "openvas", "title": "CentOS Update for openssl097a CESA-2010:0164 centos5 i386", "description": "Check for the Version of openssl097a", "published": "2011-08-09T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880612", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-07-25T10:55:56"}, {"id": "OPENVAS:1361412562310870236", "type": "openvas", "title": "RedHat Update for openssl097a RHSA-2010:0164-01", "description": "Check for the Version of openssl097a", "published": "2010-03-31T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870236", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-01-02T10:54:34"}, {"id": "OPENVAS:136141256231066270", "type": "openvas", "title": "Slackware Advisory SSA:2009-320-01 openssl ", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-320-01.", "published": "2012-09-11T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066270", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-04-06T11:19:41"}, {"id": "OPENVAS:1361412562310830893", "type": "openvas", "title": "Mandriva Update for mandriva-release MDVA-2010:069 (mandriva-release)", "description": "Check for the Version of mandriva-release", "published": "2010-02-19T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830893", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-01-08T12:53:43"}], "nessus": [{"id": "UBUNTU_USN-990-2.NASL", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : apache2 vulnerability (USN-990-2)", "description": "USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555.\nUSN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue.\n\nAfter updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegotiate. This update introduces the new SSLInsecureRenegotiation directive for Apache that may be used to re-enable insecure renegotiations with unpatched web browsers. For more information, please refer to:\nhttp://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotia tion\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2010-09-22T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=49644", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:38:53"}, {"id": "FEDORA_2009-13250.NASL", "type": "nessus", "title": "Fedora 12 : proftpd-1.3.2c-1.fc12 (2009-13250)", "description": "This update addresses CVE-2009-3555 (SSL/TLS renegotiation vulnerability), mitigating the problem by refusing all client-initiated SSL/TLS session renegotiations. This update to the latest maintenance release also fixes a number of bugs recorded in the proftpd bug tracker: - SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324) - Failed database transaction can cause mod_quotatab to loop (bug 3228) - Segfault in mod_wrap (bug 3332) - <Directory> sections can have <Limit> problems (bug 3337) - mod_wrap2 segfaults when a valid user retries the USER command (bug 3341) - mod_auth_file handles 'getgroups' request incorrectly (bug 3347) - Segfault caused by scrubbing zero- length portion of memory (bug 3350) Finally, the behaviour of the MLSD FTP command (used in many modern FTP clients to list directories) is fixed for the case when the FTP server's configuration disallows its usage (using a <Limit> clause) in some but not all places (#544002).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-12-28T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=43604", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:43:00"}, {"id": "SUSE_11_0_LIBFREEBL3-100407.NASL", "type": "nessus", "title": "openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)", "description": "Mozilla NSS was updated to version 3.12.6.\n\nThis fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling (CVE-2009-3555).", "published": "2010-04-13T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=45492", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:39:41"}, {"id": "FEDORA_2010-1127.NASL", "type": "nessus", "title": "Fedora 12 : nss-3.12.5-8.fc12 (2010-1127)", "description": "Update to 3.12.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2010-07-01T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=47232", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:45:11"}, {"id": "UBUNTU_USN-927-4.NASL", "type": "nessus", "title": "Ubuntu 8.04 LTS : nss vulnerability (USN-927-4)", "description": "USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 8.04 LTS.\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2010-06-30T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=47159", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:37:38"}, {"id": "SOLARIS10_145102-01.NASL", "type": "nessus", "title": "Solaris 10 (sparc) : 145102-01", "description": "SunOS 5.10: wanboot patch.\nDate this patch was last updated by Sun : Jun/18/10", "published": "2018-03-12T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=107577", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-03-15T14:57:55"}, {"id": "AIX_SSL_ADVISORY.NASL", "type": "nessus", "title": "AIX OpenSSL Advisory : ssl_advisory.asc", "description": "The version of OpenSSL running on the remote host is affected by the following vulnerabilities :\n\n - A vulnerability in the way SSL and TLS protocols allow renegotiation requests may allow an attacker to inject plaintext into an application protocol stream. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source.\n\n - A remote, unauthenticated attacker may be able to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream. This could allow an attacker to issue HTTP requests or take action impersonating the user, among other consequences.\n\nPlease note that the recommended fixes will disable all session renegotiation.", "published": "2014-04-16T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73566", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:35:59"}, {"id": "HPSMH_6_1_0_102.NASL", "type": "nessus", "title": "HP System Management Homepage < 6.1.0.102 / 6.1.0-103 Multiple Vulnerabilities", "description": "According to the web server banner, the version of HP System Management Homepage (SMH) running on the remote host is potentially affected by the following vulnerabilities :\n\n - Session renegotiations are not handled properly, which could be exploited to insert arbitrary plaintext by a man-in-the-middle. (CVE-2009-3555)\n\n - An unspecified vulnerability in version 2.0.18 of the Namazu component, used by the Windows version of SMH.", "published": "2010-05-19T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=46677", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:44:27"}, {"id": "SSL_RENEGOTIATION.NASL", "type": "nessus", "title": "SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection", "description": "The remote service encrypts traffic using TLS / SSL but allows a client to insecurely renegotiate the connection after the initial handshake.\nAn unauthenticated, remote attacker may be able to leverage this issue to inject an arbitrary amount of plaintext into the beginning of the application protocol stream, which could facilitate man-in-the-middle attacks if the service assumes that the sessions before and after renegotiation are from the same 'client' and merges them at the application layer.", "published": "2009-11-24T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42880", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-06-13T08:38:35"}, {"id": "SUSE_11_1_LIBFREEBL3-100407.NASL", "type": "nessus", "title": "openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)", "description": "Mozilla NSS was updated to version 3.12.6.\n\nThis fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling (CVE-2009-3555).", "published": "2010-04-13T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=45494", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-29T13:42:31"}], "oraclelinux": [{"id": "ELSA-2010-0165", "type": "oraclelinux", "title": "nss security update", "description": "nspr:\n[4.8.4-1]\n- Update to NSPR 4.8.4\nnss:\n[3.12.6-1.0.1.el5_4]\n- Update clean.gif in the nss-3.12.6-stripped.tar.bz2 tarball\n[3.12.6-1]\n- Update to 3.12.6\n[3.12.5.99-1.2]\n- Fix an unsatified tools runtime dependency\n[3.12.5.99-1.1]\n- Preserve file attributes and include some test cleanup\n[3.12.5.99-1]\n- Update to NSS_3_12_6_RC1\n[3.12.3.99.3-1.el5_3.4]\n- CVE-2009-3555 (bug 543536) ", "published": "2010-03-25T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0165.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-09-04T11:16:09"}, {"id": "ELSA-2010-0164", "type": "oraclelinux", "title": "openssl097a security update", "description": "[0.9.7a-9.2]\n- CVE-2009-3555 - support the secure renegotiation RFC (#533125) ", "published": "2010-03-25T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0164.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-09-04T11:16:37"}, {"id": "ELSA-2010-0167", "type": "oraclelinux", "title": "gnutls security update", "description": "[1.0.20-4.0.1.el4_8.7]\n- Bump release to resolve ULN up2date issue\n[1.0.20-4.7]\n- fix crash in the gnutls-cli tool needed for testing\n[1.0.20-4.5]\n- fix safe renegotiation in SSL3 protocol\n[1.0.20-4.4]\n- implement safe renegotiation - CVE-2009-3555 (#533125) ", "published": "2010-03-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0167.html", "cvelist": ["CVE-2010-0731", "CVE-2009-3555"], "lastseen": "2016-09-04T11:16:51"}], "redhat": [{"id": "RHSA-2010:0164", "type": "redhat", "title": "(RHSA-2010:0164) Moderate: openssl097a security update", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthis flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nAll openssl097a users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to take\neffect, all services linked to the openssl097a library must be restarted,\nor the system rebooted.", "published": "2010-03-25T04:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0164", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-09-09T07:19:33"}, {"id": "RHSA-2010:0165", "type": "redhat", "title": "(RHSA-2010:0165) Moderate: nss security update", "description": "Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv2, SSLv3, TLS,\nand other security standards.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI\noperating system facilities. These facilities include threads, thread\nsynchronization, normal file and network I/O, interval timing, calendar\ntime, basic memory management (malloc and free), and shared library\nlinking.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthis flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nUsers of Red Hat Certificate System 7.3 and 8.0 should review the following\nKnowledgebase article before installing this update:\nhttp://kbase.redhat.com/faq/docs/DOC-28439\n\nAll users of NSS are advised to upgrade to these updated packages, which\nupdate NSS to version 3.12.6. This erratum also updates the NSPR packages\nto the version required by NSS 3.12.6. All running applications using the\nNSS library must be restarted for this update to take effect.", "published": "2010-03-25T04:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0165", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-09-09T07:19:19"}, {"id": "RHSA-2010:0167", "type": "redhat", "title": "(RHSA-2010:0167) Moderate: gnutls security update", "description": "The GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS).\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA flaw was found in the way GnuTLS extracted serial numbers from X.509\ncertificates. On 64-bit big endian platforms, this flaw could cause the\ncertificate revocation list (CRL) check to be bypassed; cause various\nGnuTLS utilities to crash; or, possibly, execute arbitrary code.\n(CVE-2010-0731)\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all applications linked to the GnuTLS library must be restarted, or\nthe system rebooted.", "published": "2010-03-25T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0167", "cvelist": ["CVE-2009-3555", "CVE-2010-0731"], "lastseen": "2017-09-09T07:19:25"}, {"id": "RHSA-2010:0166", "type": "redhat", "title": "(RHSA-2010:0166) Moderate: gnutls security update", "description": "The GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS).\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nDan Kaminsky found that browsers could accept certificates with MD2 hash\nsignatures, even though MD2 is no longer considered a cryptographically\nstrong algorithm. This could make it easier for an attacker to create a\nmalicious certificate that would be treated as trusted by a browser. GnuTLS\nnow disables the use of the MD2 algorithm inside signatures by default.\n(CVE-2009-2409)\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all applications linked to the GnuTLS library must be restarted, or\nthe system rebooted.", "published": "2010-03-25T04:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0166", "cvelist": ["CVE-2009-2409", "CVE-2009-3555"], "lastseen": "2017-09-09T07:20:10"}], "cisco": [{"id": "CISCO-SA-20091105-CVE-2009-3555", "type": "cisco", "title": "Transport Layer Security Renegotiation Remote Man-in-the-Middle Attack Vulnerability", "description": "Multiple Transport Layer Security (TLS) implementations contain a vulnerability when renegotiating a TLS session that could allow an unauthenticated, remote attacker to conduct a man-in-the-middle attack.\n\nThe vulnerability exists during a TLS renegotiation process. If an attacker can intercept traffic from a client to a TLS server, the attacker could stage a rogue TLS server to intercept that traffic and appear to authenticate the client to what the client thinks is the desired TLS server. The attacker is then able to authenticate to the legitimate TLS server and thus stage a man-in-the-middle attack. However, the attacker would not be able to view the contents of the session and would only be able to inject data or requests into it.\n\nProof-of-concept code that exploits this vulnerability is publicly available.\n\nOpenSSL has confirmed this vulnerability in a changelog and released updated software.\n\nTo exploit this vulnerability, the attacker must be able to intercept traffic from a TLS client to a TLS server. In many cases, this may require the attacker to have access to a network that is adjacent to the targeted user's system. Another possibility would be for the attacker to have access to a network that is adjacent to a legitimate TLS server.\n\nThis vulnerability is likely to affect multiple implementations of TLS.", "published": "2009-11-05T19:53:52", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20091105-CVE-2009-3555", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-04-07T12:12:51"}, {"id": "CISCO-SA-20091109-TLS", "type": "cisco", "title": "Transport Layer Security Renegotiation Vulnerability", "description": "", "published": "2009-11-09T13:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20091109-tls", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-09-26T15:34:09"}], "centos": [{"id": "CESA-2010:0165", "type": "centos", "title": "nspr, nss security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0165\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv2, SSLv3, TLS,\nand other security standards.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI\noperating system facilities. These facilities include threads, thread\nsynchronization, normal file and network I/O, interval timing, calendar\ntime, basic memory management (malloc and free), and shared library\nlinking.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthis flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nUsers of Red Hat Certificate System 7.3 and 8.0 should review the following\nKnowledgebase article before installing this update:\nhttp://kbase.redhat.com/faq/docs/DOC-28439\n\nAll users of NSS are advised to upgrade to these updated packages, which\nupdate NSS to version 3.12.6. This erratum also updates the NSPR packages\nto the version required by NSS 3.12.6. All running applications using the\nNSS library must be restarted for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016601.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016602.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016607.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016608.html\n\n**Affected packages:**\nnspr\nnspr-devel\nnss\nnss-devel\nnss-pkcs11-devel\nnss-tools\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2010-0165.html", "published": "2010-03-28T16:36:50", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016602.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-03T18:24:29"}, {"id": "CESA-2010:0164", "type": "centos", "title": "openssl097a security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0164\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthis flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nAll openssl097a users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to take\neffect, all services linked to the openssl097a library must be restarted,\nor the system rebooted.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016595.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016596.html\n\n**Affected packages:**\nopenssl097a\n\n**Upstream details at:**\n", "published": "2010-03-27T18:44:36", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016595.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-10-03T18:26:37"}, {"id": "CESA-2010:0166", "type": "centos", "title": "gnutls security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0166\n\n\nThe GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS).\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nDan Kaminsky found that browsers could accept certificates with MD2 hash\nsignatures, even though MD2 is no longer considered a cryptographically\nstrong algorithm. This could make it easier for an attacker to create a\nmalicious certificate that would be treated as trusted by a browser. GnuTLS\nnow disables the use of the MD2 algorithm inside signatures by default.\n(CVE-2009-2409)\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all applications linked to the GnuTLS library must be restarted, or\nthe system rebooted.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016587.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016588.html\n\n**Affected packages:**\ngnutls\ngnutls-devel\ngnutls-utils\n\n**Upstream details at:**\n", "published": "2010-03-26T22:48:08", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016587.html", "cvelist": ["CVE-2009-2409", "CVE-2009-3555"], "lastseen": "2017-10-03T18:25:48"}], "ubuntu": [{"id": "USN-927-5", "type": "ubuntu", "title": "nspr update", "description": "USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS.\n\nOriginal advisory details:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds support for the new new renegotiation extension and will use it when the server supports it.", "published": "2010-06-29T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/927-5/", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-03-29T18:19:46"}, {"id": "USN-927-6", "type": "ubuntu", "title": "NSS vulnerability", "description": "USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 9.04.\n\nOriginal advisory details:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds support for the new new renegotiation extension and will use it when the server supports it.", "published": "2010-07-23T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/927-6/", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-03-29T18:17:07"}, {"id": "USN-927-1", "type": "ubuntu", "title": "NSS vulnerability", "description": "Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds support for the new new renegotiation extension and will use it when the server supports it.", "published": "2010-04-09T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/927-1/", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-03-29T18:17:37"}, {"id": "USN-990-2", "type": "ubuntu", "title": "Apache vulnerability", "description": "USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue.\n\nAfter updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegotiate. This update introduces the new SSLInsecureRenegotiation directive for Apache that may be used to re-enable insecure renegotiations with unpatched web browsers. For more information, please refer to: <http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation>\n\nOriginal advisory details:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it.", "published": "2010-09-21T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/990-2/", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-03-29T18:19:52"}, {"id": "USN-990-1", "type": "ubuntu", "title": "OpenSSL vulnerability", "description": "Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it.\n\nATTENTION: After applying this update, a patched server will allow both patched and unpatched clients to connect, but unpatched clients will not be able to renegotiate. For more information, please refer to the following: <http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html#SECURE_RENEGOTIATION>", "published": "2010-09-21T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/990-1/", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-03-29T18:20:56"}, {"id": "USN-927-4", "type": "ubuntu", "title": "nss vulnerability", "description": "USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 8.04 LTS.\n\nOriginal advisory details:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds support for the new new renegotiation extension and will use it when the server supports it.", "published": "2010-06-29T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/927-4/", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-03-29T18:18:37"}], "nginx": [{"id": "NGINX:CVE-2009-3555", "type": "nginx", "title": "The renegotiation vulnerability in SSL protocol", "description": "The renegotiation vulnerability in SSL protocol\nSeverity: major\nCVE-2009-3555\nNot vulnerable: 0.8.23+, 0.7.64+\nVulnerable: 0.1.0-0.8.22", "published": "2009-11-09T12:30:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://nginx.org/en/security_advisories.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-09-26T17:22:32"}], "hackerone": [{"id": "H1:5617", "type": "hackerone", "title": "Slack: TLS1/SSLv3 Renegotiation Vulnerability", "description": "URL: http://www.slack.com\r\n\r\nVulnerability description\r\nA flaw in the design of the TLS v. 1/SSL v. 3 (TLS/SSL) handshake process was discovered in 2009, and RFC 5746 (Feb. 2010) was released to update the protocol specification. Since then, most system manufacturers have released patches to fix this flaw. Still, as of June 2011 approximately half of the systems using TLS/SSL on the Internet have not implemented the patches needed to close this security hole. This vulnerability affects the secure transport of HTTP, IMAP, SMTP, and other protocols that rely on TLS/SSL. Industry representatives and security researchers who have looked into the problem note that sites with the TLS patch may still be vulnerable to this attack, known as the TLS renegotiation Man-In-The-Middle attack (TLS Renego MITM). DigiCert is taking a proactive approach to this problem by contacting its customers to advise them of this potential vulnerability in their systems. At some point in the future, connectivity problems may occur because of server non-compliance with RFC 5746.\r\n\r\nA vulnerability in the way SSL and TLS protocols allow renegotiation requests may allow an attacker to inject plaintext into an application protocol stream. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. This issue affects SSL version 3.0 and newer and TLS version 1.0 and newer.\r\nThis vulnerability affects Web Server. \r\nDiscovered by: TLS1_SSL3_Renegotiation. \r\n\r\nAttack details\r\nJust to provide you with a brief overview, the typical TLS/SSL handshake process involves the following:\r\n\r\nclient hello (highest TLS/SSL version supported, random number, suggested ciphers, suggested compression methods and, if the client is attempting renegotiation, previous session ID)\r\nserver hello (TLS/SSL version, random number, cipher suite and compression chosen and, if server is attempting renegotiation, previous session ID)\r\nserver sends TLS/SSL certificate\r\nserver hello done\r\n\r\nclient key exchange (preMasterSecret exchange and MasterSecret calculation)\r\nclient change cipher spec\r\nclient finished (hash and MAC of previous handshake messages)\r\n\r\nserver change cipher spec\r\nserver finished\r\n\r\nGET /secure HTTP/1.1\\r\\n...\r\n\r\n(For more information, see Wikipedia's article on TLS handshakes).\r\n\r\nUsing the TLS Renego MITM vulnerability, an attacker can either form a TLS connection to the server first, before the client (for example, on a compromised machine in response to the client\u2019s attempt at connection) or can use session renegotiation to effectuate the attack. Even mutual certificate-based client authentication connections are vulnerable to the TLS Renego MITM attack. More details on how various attack scenarios play out are provided in RFC 5746 and related discussions provided here and here.\r\n\r\n\r\n\r\nThe impact of this vulnerability\r\nA remote, unauthenticated attacker may be able to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream. This could allow and attacker to issue HTTP requests, or take action impersonating the user, among other consequences.\r\n\r\nHow to fix this vulnerability\r\n\r\nThe TLS/SSL specification in RFC 5746 applies to both full handshakes and session resumption handshakes. Because pre-existing TLS/SSL specifications required systems to ignore a ClientHello extension if they did not understand it, RFC 5746 specifies that the ClientHello either contain an empty \u201crenegotiation_info\" extension or a Signaling Cipher Suite Value (SCSV) as a pseudo cipher suite with the same semantics as an empty \"renegotiation_info\" extension. When a client receives the ServerHello, it must check to see if the server supports the \"renegotiation_info\" extension. Assuming that secure renegotiation is supported per RFC 5746, then for TLS renegotiation, the client can send the \"renegotiation_info\" extension. If the server does not respond in accordance with RFC 5746, the client MUST abort the renegotiation handshake. Similarly, if a client does not respond in accordance with RFC 5746, then the server MUST abort the renegotiation handshake.\r\n\r\nFor backward compatibility, a compliant client will be configurable for either allowing insecure renegotiation or aborting an attempt to renegotiate. However, because some TLS servers do not support renegotiation at all there will be a transition period where problems will be encountered. From a server side, if the server does not receive the \"renegotiation_info\" extension or the SCSV, then RFC 5746 specifies that the \u201csecure_renegotiation\u201d flag be set to FALSE. Thereafter, if a ClientHello for renegotiation contains an empty \u201crenegotiation_info\" extension or the SCSV, then the server MUST abort the handshake.\r\n\r\nWeb references\r\nTLS1/SSLv3 Renegotiation Vulnerability \r\nCVE-2009-3555 \r\nVU#120541 \r\n", "published": "2014-04-02T13:01:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackerone.com/reports/5617", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-04-19T17:34:08"}], "seebug": [{"id": "SSV:15088", "type": "seebug", "title": "ProFTPD TLS\u4f1a\u8bdd\u91cd\u534f\u5546\u660e\u6587\u6570\u636e\u6ce8\u5165\u6f0f\u6d1e", "description": "CVE ID: CVE-2009-3555\r\n\r\nProFTPD\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801FTP\u670d\u52a1\u7a0b\u5e8f\u3002\r\n\r\nProFTPD\u7684\u6a21\u5757mod_tls\u5b58\u5728OpenSSL\u7684\u4f1a\u8bdd\u53ef\u91cd\u65b0\u534f\u5546\u9009\u9879\u7684\u6f0f\u6d1e\uff0c\u5bfc\u81f4\u653b\u51fb\u8005\u53ef\u4ee5\u5728\u4f1a\u8bdd\u6570\u636e\u6d41\u4e2d\u63d2\u5165\u660e\u6587\u6570\u636e\uff0c\u64cd\u7eb5\u6570\u636e\u4ea4\u4e92\u3002\n\nProFTPD Project ProFTPD 1.3.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nProFTPD Project\r\n---------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c", "published": "2009-12-15T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-15088", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-11-19T18:25:52"}, {"id": "SSV:18637", "type": "seebug", "title": "TLS Renegotiation Vulnerability PoC Exploit", "description": "No description provided by source.", "published": "2009-12-21T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-18637", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-11-19T18:22:14"}, {"id": "SSV:67231", "type": "seebug", "title": "TLS Renegotiation Vulnerability PoC", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-67231", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-11-19T15:57:49"}, {"id": "SSV:12600", "type": "seebug", "title": "Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability", "description": "No description provided by source.", "published": "2009-11-10T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-12600", "cvelist": ["CVE-2009-3555"], "lastseen": "2017-11-19T18:30:52"}], "exploitdb": [{"id": "EDB-ID:10071", "type": "exploitdb", "title": "Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability", "description": "Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability. CVE-2009-3555. Remote exploits for multiple platform", "published": "2009-11-10T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/10071/", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-02-01T11:51:16"}, {"id": "EDB-ID:10579", "type": "exploitdb", "title": "TLS Renegotiation Vulnerability PoC", "description": "TLS Renegotiation Vulnerability PoC Exploit. CVE-2009-3555. Remote exploits for multiple platform", "published": "2009-12-21T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/10579/", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-02-01T12:46:47"}], "packetstorm": [{"id": "PACKETSTORM:84112", "type": "packetstorm", "title": "TLS Renegotiation Exploit", "description": "", "published": "2009-12-21T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "https://packetstormsecurity.com/files/84112/TLS-Renegotiation-Exploit.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-12-05T22:15:34"}], "slackware": [{"id": "SSA-2009-320-01", "type": "slackware", "title": "openssl", "description": "New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\nand -current to fix a security issue.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/openssl-0.9.8k-i486-3_slack13.0.txz: Rebuilt.\n Patched to disable SSL renegotiation.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n (* Security fix *)\npatches/packages/openssl-solibs-0.9.8k-i486-3_slack13.0.txz: Rebuilt.\n Patched to disable SSL renegotiation.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-0.9.8h-i486-4_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-solibs-0.9.8h-i486-4_slack11.0.tgz\n\nUpdated packages for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-0.9.8h-i486-4_slack12.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-solibs-0.9.8h-i486-4_slack12.0.tgz\n\nUpdated packages for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8h-i486-4_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8h-i486-4_slack12.1.tgz\n\nUpdated packages for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8i-i486-4_slack12.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8i-i486-4_slack12.2.tgz\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8k-i486-3_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8k-i486-3_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8k-x86_64-3_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8k-x86_64-3_slack13.0.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.8l-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.8l-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-0.9.8l-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-0.9.8l-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 packages:\n662fa4e1a24aba53e5a05850b27d5c16 openssl-0.9.8h-i486-4_slack11.0.tgz\nb08b28f848b64df600a958268dd6a350 openssl-solibs-0.9.8h-i486-4_slack11.0.tgz\n\nSlackware 12.0 packages:\n6cdad3839394c5d81f56b7812f38e1d2 openssl-0.9.8h-i486-4_slack12.0.tgz\ncd44b602ada795dd60c2e0a5b113a235 openssl-solibs-0.9.8h-i486-4_slack12.0.tgz\n\nSlackware 12.1 packages:\nf07db73dcfc7d0f09796199591805685 openssl-0.9.8h-i486-4_slack12.1.tgz\n8ad915a9a85bf049da8593f3966fa155 openssl-solibs-0.9.8h-i486-4_slack12.1.tgz\n\nSlackware 12.2 packages:\n71e904cdd763254146c3d17cb67dabd9 openssl-0.9.8i-i486-4_slack12.2.tgz\n3350b268966c39f884df46b839cbc216 openssl-solibs-0.9.8i-i486-4_slack12.2.tgz\n\nSlackware 13.0 packages:\nbf569bd9e2b6f6d12feb9926a2f4228c openssl-0.9.8k-i486-3_slack13.0.txz\ne9042a6460ee448bcb32dee4f090be74 openssl-solibs-0.9.8k-i486-3_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n068a889c7120f569be44e7ffde9169d1 openssl-0.9.8k-x86_64-3_slack13.0.txz\n7602b43d1e51a121e1f4a33919be48bf openssl-solibs-0.9.8k-x86_64-3_slack13.0.txz\n\nSlackware -current packages:\n98f992b68c19070a6edeb0d4a6a0f559 openssl-solibs-0.9.8l-i486-1.txz\n\nSlackware x86_64 -current packages:\nc62ac6d683a8ed6f94da8c7555810d81 openssl-solibs-0.9.8l-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-0.9.8k-i486-3_slack13.0.txz openssl-solibs-0.9.8k-i486-3_slack13.0.txz", "published": "2009-11-16T13:42:36", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446", "cvelist": ["CVE-2009-3555"], "lastseen": "2018-02-02T18:11:38"}], "suse": [{"id": "SUSE-SA:2009:057", "type": "suse", "title": "man-in-the-middle attack in openssl", "description": "The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate already sent data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. It is believed that this vulnerability is actively exploited in the wild to get access to HTTPS protected web-sites. Please note that renegotiation will be disabled for any application using openssl by this update and may cause problems in some cases. Additionally this attack is not limited to HTTP.\n#### Solution\nThere is no work-around known. Please install the update. Moblin packages will be released later.", "published": "2009-11-18T09:50:39", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html", "cvelist": ["CVE-2009-3555"], "lastseen": "2016-09-04T12:25:49"}, {"id": "SUSE-SA:2010:020", "type": "suse", "title": "remote denial of service, man in the middle in openssl", "description": "The openSSL library was updated to add support for the new RFC5746 TLS renegotiation feature to address vulnerabilities tracked as CVE-2009-3555, backported from openssl 0.9.8m.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2010-04-06T16:55:06", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00000.html", "cvelist": ["CVE-2009-3245", "CVE-2009-3555"], "lastseen": "2016-09-04T11:30:36"}], "debian": [{"id": "DSA-2141", "type": "debian", "title": "openssl -- SSL/TLS insecure renegotiation protocol design flaw", "description": "DSA-2141 consists of three individual parts, which can be viewed in the mailing list archive: [DSA 2141-1](<https://lists.debian.org/debian-security-announce/2011/msg00001.html>) (openssl), [DSA 2141-2](<https://lists.debian.org/debian-security-announce/2011/msg00002.html>) (nss), [DSA 2141-3](<https://lists.debian.org/debian-security-announce/2011/msg00003.html>) (apache2), and [DSA 2141-4](<https://lists.debian.org/debian-security-announce/2011/msg00006.html>) (lighttpd). This page only covers the first part, openssl.\n\n * [CVE-2009-3555](<https://security-tracker.debian.org/tracker/CVE-2009-3555>)\n\nMarsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension which fixes this issue.\n\nIf openssl is used in a server application, it will by default no longer accept renegotiation from clients that do not support the RFC5746 secure renegotiation extension. A separate advisory will add RFC5746 support for nss, the security library used by the iceweasel web browser. For apache2, there will be an update which allows to re-enable insecure renegotiation.\n\nThis version of openssl is not compatible with older versions of tor. You have to use at least tor version 0.2.1.26-1~lenny+1, which has been included in the point release 5.0.7 of Debian stable.\n\nCurrently we are not aware of other software with similar compatibility problems.\n\n * [CVE-2010-4180](<https://security-tracker.debian.org/tracker/CVE-2010-4180>)\n\nIn addition, this update fixes a flaw that allowed a client to bypass restrictions configured in the server for the used cipher suite.\n\nFor the stable distribution (lenny), this problem has been fixed in version 0.9.8g-15+lenny11.\n\nFor the unstable distribution (sid), and the testing distribution (squeeze), this problem has been fixed in version 0.9.8o-4.\n\nWe recommend that you upgrade your openssl package.\n\nFurther information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: [https://www.debian.org/security/](<../../security/>)", "published": "2011-01-06T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-2141", "cvelist": ["CVE-2010-4180", "CVE-2009-3555"], "lastseen": "2016-09-02T18:31:11"}, {"id": "DSA-2626", "type": "debian", "title": "lighttpd -- several issues", "description": "Several vulnerabilities were discovered in the TLS/SSL protocol. This update addresses these protocol vulnerabilities in lighttpd.\n\n * [CVE-2009-3555](<https://security-tracker.debian.org/tracker/CVE-2009-3555>)\n\nMarsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS and SSLv3 protocols do not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions. This issue is solved in lighttpd by disabling client initiated renegotiation by default. \n\nThose users that do actually need such renegotiations, can reenable them via the new ssl.disable-client-renegotiation parameter.\n\n * [CVE-2012-4929](<https://security-tracker.debian.org/tracker/CVE-2012-4929>)\n\nJuliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed CRIME, allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update disables compression.\n\nFor the stable distribution (squeeze), these problems have been fixed in version 1.4.28-2+squeeze1.2.\n\nFor the testing distribution (wheezy), and the unstable distribution (sid) these problems have been fixed in version 1.4.30-1.\n\nWe recommend that you upgrade your lighttpd packages.", "published": "2013-02-17T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-2626", "cvelist": ["CVE-2012-4929", "CVE-2009-3555"], "lastseen": "2016-09-02T18:27:57"}], "vulnerlab": [{"id": "VULNERLAB:967", "type": "vulnerlab", "title": "Mozilla SeaMonkey - Filter Bypass & Persistent Vulnerability", "description": "", "published": "2014-01-29T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.vulnerability-lab.com/get_content.php?id=967", "cvelist": ["CVE-2013-6674", "CVE-2009-3555"], "lastseen": "2018-03-01T19:13:54"}]}}
