[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS)
2011-04-26T00:00:00
ID SECURITYVULNS:DOC:26212 Type securityvulns Reporter Securityvulns Modified 2011-04-26T00:00:00
Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02794777
Version: 1
HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information
Disclosure, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-04-19
Last Updated: 2011-04-19
Potential Security Impact: Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure, Denial of Servce (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with Insight Control for Linux (IC-Linux). The vulnerabilities could be exploited remotely to allow unauthorized elevation
of privilege, execution of arbitrary code, encryption downgrade, information disclosure, and Denial of Service (DoS).
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Insight Control for Linux (IC-Linux) prior to v6.3
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score
CVE-2010-3864 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2010-4180 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-0539 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-1535 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made Insight Control for Linux (IC-Linux) v6.3 or subsequent available to resolve the vulnerabilities.
The product kit is also available here: http://www.hp.com/go/ice-lx
HISTORY
Version:1 (rev.1) 19 April 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's
patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters
of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software
products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this
Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this
information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the
information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and
fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any
kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime
cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document
is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United
States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
{"id": "SECURITYVULNS:DOC:26212", "bulletinFamily": "software", "title": "[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS)", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c02794777\r\nVersion: 1\r\n\r\nHPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information\r\nDisclosure, Denial of Service (DoS)\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2011-04-19\r\nLast Updated: 2011-04-19\r\n\r\nPotential Security Impact: Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure, Denial of Servce (DoS)\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with Insight Control for Linux (IC-Linux). The vulnerabilities could be exploited remotely to allow unauthorized elevation\r\nof privilege, execution of arbitrary code, encryption downgrade, information disclosure, and Denial of Service (DoS).\r\n\r\nReferences: CVE-2010-3864, CVE-2010-4180, CVE-2011-0014, CVE-2011-0539, CVE-2011-1535 (privilege elevation)\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nInsight Control for Linux (IC-Linux) prior to v6.3\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2010-3864 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\r\nCVE-2010-4180 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\r\nCVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2011-0539 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\nCVE-2011-1535 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made Insight Control for Linux (IC-Linux) v6.3 or subsequent available to resolve the vulnerabilities.\r\n\r\nThe product kit is available here:\r\n\r\nhttp://h18004.www1.hp.com/products/servers/management/insightcontrol_linux2/index.html\r\n\r\nThe product kit is also available here: http://www.hp.com/go/ice-lx\r\n\r\nHISTORY\r\nVersion:1 (rev.1) 19 April 2011 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's\r\npatch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber's choice for Business: sign-in.\r\nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.\r\n\r\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing & Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software\r\nproducts to provide customers with current secure solutions.\r\n\r\n"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this\r\nBulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this\r\ninformation is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the\r\ninformation provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and\r\nfitness for a particular purpose, title and non-infringement."\r\n\r\nCopyright 2011 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any\r\nkind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime\r\ncost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document\r\nis subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United\r\nStates and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAk2tjMAACgkQ4B86/C0qfVl2pgCgwXGSztItJz2iVYtrtl3ojJOY\r\nzlUAn2Tq9aUUHLrw2Ei3r7UGhWTooHh0\r\n=d+fD\r\n-----END PGP SIGNATURE-----", "published": "2011-04-26T00:00:00", "modified": "2011-04-26T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26212", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2011-0539", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-1535", "CVE-2010-3864"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:40", "edition": 1, "viewCount": 50, "enchantments": {"score": {"value": 7.3, "vector": "NONE", "modified": "2018-08-31T11:10:40", "rev": 2}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11435", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:VULN:11624"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0539", "UB:CVE-2010-3864", "UB:CVE-2011-0014", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2011-0014", "CVE-2010-3864", "CVE-2011-0539", "CVE-2010-4180", "CVE-2011-1535"]}, {"type": "f5", "idList": ["SOL15013", "F5:K12566", "SOL12566", "F5:K12543", "F5:K10534046", "SOL12543"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831330", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310863070", "OPENVAS:68997", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310870609", "OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:862721", "OPENVAS:136141256231068997", "OPENVAS:103064", "OPENVAS:862920", "OPENVAS:862631", "OPENVAS:862849", "OPENVAS:863499", "OPENVAS:1361412562310862849", "OPENVAS:840589", "OPENVAS:1361412562310103064", "OPENVAS:840540", "OPENVAS:835251", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862920", "OPENVAS:863070", "OPENVAS:1361412562310863060", "OPENVAS:870609", "OPENVAS:862737", "OPENVAS:831330", "OPENVAS:68921", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310122167"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:C9F3119737F", "FEDORA:C42A8110D0A", "FEDORA:144BA1104EC", "FEDORA:D404110F950", "FEDORA:564D5110A27", "FEDORA:9DFF1E720F", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2125.NASL", "OPENSSL_1_0_0D.NASL", "FEDORA_2011-1273.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "5782.PRM", "801053.PRM", "FEDORA_2010-17847.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "FEDORA_2011-5876.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "FEDORA_2011-5878.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-5865.NASL", "OPENSSH_58.NASL", "REDHAT-RHSA-2011-0677.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "5784.PRM", "FEDORA_2011-1255.NASL", "UBUNTU_USN-1064-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-3864"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0677", "ELSA-2010-0979"]}, {"type": "ubuntu", "idList": ["USN-1064-1", "USN-1018-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2162-1:98AFD"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}], "modified": "2018-08-31T11:10:40", "rev": 2}, "vulnersScore": 7.3}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}
{"securityvulns": [{"id": "SECURITYVULNS:VULN:11624", "bulletinFamily": "software", "title": "HP Insight Control multiple security vulnerabilities", "description": "Privilege escalation, code execution, information leakage, DoS.", "published": "2011-04-26T00:00:00", "modified": "2011-04-26T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11624", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:26212"], "cvelist": ["CVE-2011-0539", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-1535", "CVE-2010-3864"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:42", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "64ea630366c71e3ddfe1896595e749e3"}, {"key": "cvss", "hash": "774fce555a963c00be305187dd6dff95"}, {"key": "description", "hash": "88ff99eca10d80657e42cb1b800491d8"}, {"key": "href", "hash": "64fbb2ac28a708b518a10367f466fa33"}, {"key": "modified", "hash": "b5b4000f2335f17e8ee77af4e377d59f"}, {"key": "published", "hash": "b5b4000f2335f17e8ee77af4e377d59f"}, {"key": "references", "hash": "705a1eb34777f73d36182091d08ed158"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "4aa4d3de3a270e0e6ab07acc48440043"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "910795a188f33dee297b81cf0f41d9e9fb3e611de3b4cae3c9bae2564f8058a6", "viewCount": 1, "enchantments": {"score": {"value": 7.4, "vector": "NONE", "modified": "2018-08-31T11:09:42", "rev": 2}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25720", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:VULN:11435"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0014", "UB:CVE-2010-3864", "UB:CVE-2011-0539", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2011-0014", "CVE-2010-3864", "CVE-2011-1535", "CVE-2011-0539", "CVE-2010-4180"]}, {"type": "f5", "idList": ["SOL12566", "F5:K10534046", "SOL15013", "SOL12543", "F5:K12566", "F5:K12543"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103064", "OPENVAS:840540", "OPENVAS:68997", "OPENVAS:863070", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310835251", "OPENVAS:831330", "OPENVAS:1361412562310863060", "OPENVAS:1361412562310862737", "OPENVAS:136141256231068921", "OPENVAS:68921", "OPENVAS:136141256231068997", "OPENVAS:1361412562310122167", "OPENVAS:1361412562310863070", "OPENVAS:862737", "OPENVAS:835251", "OPENVAS:1361412562310862849", "OPENVAS:862721", "OPENVAS:862849", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310862920", "OPENVAS:863060", "OPENVAS:862920", "OPENVAS:840589", "OPENVAS:863499", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310870609", "OPENVAS:870609", "OPENVAS:862631", "OPENVAS:1361412562310840589", "OPENVAS:103064"]}, {"type": "fedora", "idList": ["FEDORA:144BA1104EC", "FEDORA:C42A8110D0A", "FEDORA:B31D6110781", "FEDORA:C9F3119737F", "FEDORA:C8F7F110906", "FEDORA:D404110F950", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28"]}, {"type": "nessus", "idList": ["OPENSSL_1_0_0D.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2125.NASL", "801053.PRM", "UBUNTU_USN-1064-1.NASL", "REDHAT-RHSA-2011-0677.NASL", "5782.PRM", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "FEDORA_2011-5878.NASL", "DEBIAN_DSA-2162.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "FEDORA_2011-1255.NASL", "FEDORA_2011-5876.NASL", "5784.PRM", "FEDORA_2011-5865.NASL", "OPENSSH_58.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2010-17847.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-3864"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-0677"]}, {"type": "redhat", "idList": ["RHSA-2010:0888", "RHSA-2011:0677"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}], "modified": "2018-08-31T11:09:42", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "SECURITYVULNS:DOC:25720", "bulletinFamily": "software", "title": "[SECURITY] [DSA 2162-1] openssl security update", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2162-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nFebruary 14, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : openssl\r\nVulnerability : invalid memory access\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2011-0014\r\n\r\nNeel Mehta discovered that an incorrectly formatted ClientHello handshake\r\nmessage could cause OpenSSL to parse past the end of the message. This\r\nallows an attacker to crash an application using OpenSSL by triggering\r\nan invalid memory access. Additionally, some applications may be vulnerable\r\nto expose contents of a parsed OCSP nonce extension.\r\n\r\nPackages in the oldstable distribution (lenny) are not affected by this\r\nproblem.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 0.9.8o-4squeeze1.\r\n\r\nFor the testing distribution (wheezy), this problem has been fixed in\r\nversion 0.9.8o-5.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 0.9.8o-5.\r\n\r\nWe recommend that you upgrade your invalid memory access packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAk1ZSLMACgkQHYflSXNkfP/lFQCdHOFzHNLNcV79TnnwuV+jHymQ\r\n8AAAoKcDqWF8dfRDLrH4dHcIGzG8OuY6\r\n=L15y\r\n-----END PGP SIGNATURE-----", "published": "2011-02-15T00:00:00", "modified": "2011-02-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25720", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2011-0014"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:39", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "f624b305a2a1e24250a3007f9058e19e"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "d9496966380c2ff5bad6a91841a5727f"}, {"key": "href", "hash": "4e1026ea419955714bfb47fc1ba79774"}, {"key": "modified", "hash": "64631cf9c55723292bc993feead019fa"}, {"key": "published", "hash": "64631cf9c55723292bc993feead019fa"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a49ebb2e1a771348dfa0039e0d589df6"}, {"key": "title", "hash": "6ec0c8dfe4ca9ebb4caadeebef3c85ae"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "595809315a35fe0df2a5e249c4df099daecb857f9939156bd1925f65d87445aa", "viewCount": 10, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2018-08-31T11:10:39", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-0014"]}, {"type": "cve", "idList": ["CVE-2011-0014"]}, {"type": "f5", "idList": ["F5:K10534046"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD", "DEBIAN:BSA-060:0BDFE"]}, {"type": "fedora", "idList": ["FEDORA:C42A8110D0A", "FEDORA:6B3FC110D28", "FEDORA:144BA1104EC", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:C9F3119737F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11754"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "nessus", "idList": ["OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL", "FEDORA_2011-1255.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "UBUNTU_USN-1064-1.NASL", "FEDORA_2011-5865.NASL", "FEDORA_2011-5876.NASL", "5782.PRM", "801053.PRM", "SLACKWARE_SSA_2011-041-04.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:68921", "OPENVAS:840589", "OPENVAS:1361412562310863070", "OPENVAS:831330", "OPENVAS:1361412562310122167", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310831330", "OPENVAS:136141256231068921", "OPENVAS:1361412562310863060", "OPENVAS:863060"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4747", "ELSA-2011-0677", "ELSA-2019-4581", "ELSA-2021-9150", "ELSA-2015-3022", "ELSA-2016-3621"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "vmware", "idList": ["VMSA-2012-0013.2", "VMSA-2012-0013"]}], "modified": "2018-08-31T11:10:39", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "SECURITYVULNS:VULN:11435", "bulletinFamily": "software", "title": "OpenSSL DoS", "description": "Uninitialized memory reference on ClientHello request parsing.", "published": "2011-02-15T00:00:00", "modified": "2011-02-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11435", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:25720"], "cvelist": ["CVE-2011-0014"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:40", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "f624b305a2a1e24250a3007f9058e19e"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "576aebda68cc53c927d8f68fd5d4e8f8"}, {"key": "href", "hash": "a43879613aafd2d6337b9b4941624f94"}, {"key": "modified", "hash": "64631cf9c55723292bc993feead019fa"}, {"key": "published", "hash": "64631cf9c55723292bc993feead019fa"}, {"key": "references", "hash": "ea8f48f81bb6287fa4b4b88ece68e9a5"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "34319176bfb1ef918514f8cbab42ea37"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "ceed03f6f88256a2618b4868054b37f4971d3692507a627b535b15471791e0d0", "viewCount": 2, "enchantments": {"score": {"value": 5.4, "vector": "NONE", "modified": "2018-08-31T11:09:40", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-0014"]}, {"type": "cve", "idList": ["CVE-2011-0014"]}, {"type": "f5", "idList": ["F5:K10534046"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014"]}, {"type": "openvas", "idList": ["OPENVAS:870609", "OPENVAS:1361412562310122167", "OPENVAS:840589", "OPENVAS:1361412562310870609", "OPENVAS:1361412562310863060", "OPENVAS:136141256231068997", "OPENVAS:136141256231068921", "OPENVAS:1361412562310840589", "OPENVAS:863060", "OPENVAS:68997"]}, {"type": "fedora", "idList": ["FEDORA:144BA1104EC", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28", "FEDORA:C42A8110D0A", "FEDORA:C9F3119737F", "FEDORA:9DFF1E720F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:26596"]}, {"type": "nessus", "idList": ["FEDORA_2011-1255.NASL", "OPENSSL_1_0_0D.NASL", "5782.PRM", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "REDHAT-RHSA-2011-0677.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "801053.PRM", "SLACKWARE_SSA_2011-041-04.NASL"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "debian", "idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-9150", "ELSA-2015-3022", "ELSA-2019-4747", "ELSA-2011-0677", "ELSA-2016-3621", "ELSA-2019-4581"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "vmware", "idList": ["VMSA-2012-0013.2", "VMSA-2012-0013"]}], "modified": "2018-08-31T11:09:40", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "SECURITYVULNS:VULN:11264", "bulletinFamily": "software", "title": "OpenSSL buffer overflow", "description": "Race conditions with buffer overflow.", "published": "2010-11-19T00:00:00", "modified": "2010-11-19T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11264", "reporter": "CVE", "references": [], "cvelist": ["CVE-2010-3864"], "type": "securityvulns", "lastseen": "2021-06-08T19:08:11", "history": [{"bulletin": {"affectedSoftware": [{"name": "OpenSSL", "operator": "eq", "version": "0.9"}, {"name": "OpenSSL", "operator": "eq", "version": "1.0"}], "bulletinFamily": "software", "cvelist": ["CVE-2010-3864"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Race conditions with buffer overflow.", "edition": 1, "enchantments": {"dependencies": {"modified": "2018-08-31T11:09:39", "references": [{"idList": ["FEDORA:5429A1108EB", "FEDORA:6B3FC110D28", "FEDORA:7EA761108D8", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:D404110F950"], "type": "fedora"}, {"idList": ["SSA-2010-326-01"], "type": "slackware"}, {"idList": ["CVE-2010-3864"], "type": "cve"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12566", "SOL12566"], "type": "f5"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["RHSA-2010:0888"], "type": "redhat"}, {"idList": ["OPENVAS:136141256231068703", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:136141256231068704", "OPENVAS:831251", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:840540"], "type": "openvas"}, {"idList": ["ELSA-2019-4581", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17827.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "UBUNTU_USN-1018-1.NASL", "FEDORA_2010-17826.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL"], "type": "nessus"}, {"idList": ["OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2018-08-31T11:09:39", "rev": 2, "value": 7.7, "vector": "NONE"}}, "hash": "c3b93fc175fff5b2b946816b53d1f3be0279b112f16647fda2792b4ebce72930", "hashmap": [{"hash": "4e52259d9d83e3322d3fe18ba0d32516", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "eeb237e95373e1262b787f6918a79819", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "6ee17bdf4a7da206068fe02847a4aed5", "key": "reporter"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "5832714f8328260614f2b14a6ec3b693", "key": "published"}, {"hash": "eca2075c06267bd363f322dc7f333483", "key": "cvelist"}, {"hash": "4ed4c74965c69fbd2e596f43a205cfaf", "key": "title"}, {"hash": "5832714f8328260614f2b14a6ec3b693", "key": "modified"}, {"hash": "5efb73493641a1766e579d4f4807068c", "key": "affectedSoftware"}, {"hash": "d54751dd75af2ea0147b462b3e001cd0", "key": "type"}], "history": [], "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11264", "id": "SECURITYVULNS:VULN:11264", "immutableFields": [], "lastseen": "2018-08-31T11:09:39", "modified": "2010-11-19T00:00:00", "objectVersion": "1.5", "published": "2010-11-19T00:00:00", "references": [], "reporter": "CVE", "title": "OpenSSL buffer overflow", "type": "securityvulns", "viewCount": 4}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2018-08-31T11:09:39"}], "edition": 2, "hashmap": [{"key": "affectedSoftware", "hash": "a9a0a9ff0a89eb8ed0828d5252cd8cf3"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "eca2075c06267bd363f322dc7f333483"}, {"key": "cvss", "hash": "774fce555a963c00be305187dd6dff95"}, {"key": "description", "hash": "4e52259d9d83e3322d3fe18ba0d32516"}, {"key": "href", "hash": "eeb237e95373e1262b787f6918a79819"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "5832714f8328260614f2b14a6ec3b693"}, {"key": "published", "hash": "5832714f8328260614f2b14a6ec3b693"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "6ee17bdf4a7da206068fe02847a4aed5"}, {"key": "title", "hash": "4ed4c74965c69fbd2e596f43a205cfaf"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "202e3c6889b3db835230b2ba27ec701e73c22cd288206913c474cf420d7e4ebf", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864"]}, {"type": "cve", "idList": ["CVE-2010-3864"]}, {"type": "f5", "idList": ["SOL12566", "F5:K12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-3864"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:7EA761108D8", "FEDORA:D404110F950", "FEDORA:5429A1108EB", "FEDORA:9DFF1E720F", "FEDORA:C8F7F110906", "FEDORA:6B3FC110D28", "FEDORA:564D5110A27"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "FEDORA_2010-17827.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "REDHAT-RHSA-2010-0888.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310862631", "OPENVAS:1361412562310831251", "OPENVAS:136141256231068703", "OPENVAS:862631", "OPENVAS:68703", "OPENVAS:831251", "OPENVAS:840540", "OPENVAS:136141256231068704", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310840540"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4747", "ELSA-2010-0979", "ELSA-2015-3022", "ELSA-2019-4581", "ELSA-2011-0677"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:26596"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}], "modified": "2021-06-08T19:08:11", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2021-06-08T19:08:11", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [{"name": "openssl", "operator": "eq", "version": "1.0"}, {"name": "openssl", "operator": "eq", "version": "0.9"}], "immutableFields": [], "scheme": null, "cvss2": {}, "cvss3": {}}], "ubuntucve": [{"id": "UB:CVE-2011-0539", "hash": "6eaaffe9353af45a73e5b4d034d89758", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-0539", "description": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when\ngenerating legacy certificates using the -t command-line option in\nssh-keygen, does not initialize the nonce field, which might allow remote\nattackers to obtain sensitive stack memory contents or make it easier to\nconduct hash collision attacks.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | only version 5.6 and 5.7\n", "published": "2011-02-10T00:00:00", "modified": "2011-02-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-0539", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539", "http://www.openssh.com/txt/legacy-cert.adv", "https://nvd.nist.gov/vuln/detail/CVE-2011-0539", "https://launchpad.net/bugs/cve/CVE-2011-0539", "https://security-tracker.debian.org/tracker/CVE-2011-0539"], "cvelist": ["CVE-2011-0539"], "immutableFields": [], "lastseen": "2021-07-31T01:46:19", "history": [{"bulletin": {"id": "UB:CVE-2011-0539", "hash": "e220ff47eae58e95866652acc801b0fb", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-0539", "description": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when\ngenerating legacy certificates using the -t command-line option in\nssh-keygen, does not initialize the nonce field, which might allow remote\nattackers to obtain sensitive stack memory contents or make it easier to\nconduct hash collision attacks.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | only version 5.6 and 5.7\n", "published": "2011-02-10T00:00:00", "modified": "2011-02-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-0539", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539", "http://www.openssh.com/txt/legacy-cert.adv", "https://nvd.nist.gov/vuln/detail/CVE-2011-0539", "https://launchpad.net/bugs/cve/CVE-2011-0539", "https://security-tracker.debian.org/tracker/CVE-2011-0539"], "cvelist": ["CVE-2011-0539"], "immutableFields": [], "lastseen": "2021-07-01T00:49:43", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0539"]}, {"type": "f5", "idList": ["SOL15013"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103064", "OPENVAS:103064"]}, {"type": "nessus", "idList": ["OPENSSH_58.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"]}], "modified": "2021-07-01T00:49:43", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2021-07-01T00:49:43", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.8p1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssh"}], "bugs": []}, "lastseen": "2021-07-01T00:49:43", "differentElements": ["cvss2"], "edition": 1}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0539"]}, {"type": "f5", "idList": ["SOL15013"]}, {"type": "openvas", "idList": ["OPENVAS:103064", "OPENVAS:1361412562310103064"]}, {"type": "nessus", "idList": ["OPENSSH_58.NASL", "5784.PRM"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:26212"]}], "modified": "2021-07-31T01:46:19", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2021-07-31T01:46:19", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.8p1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssh"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}, {"id": "UB:CVE-2010-3864", "hash": "9207ca5d2f3c4521df4775203998a410", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2010-3864", "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o,\n1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on\na TLS server, might allow remote attackers to execute arbitrary code via\nclient data that triggers a heap-based buffer overflow, related to (1) the\nTLS server name extension and (2) elliptic curve cryptography.", "published": "2010-11-17T00:00:00", "modified": "2010-11-17T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2010-3864", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864", "https://ubuntu.com/security/notices/USN-1018-1", "https://nvd.nist.gov/vuln/detail/CVE-2010-3864", "https://launchpad.net/bugs/cve/CVE-2010-3864", "https://security-tracker.debian.org/tracker/CVE-2010-3864"], "cvelist": ["CVE-2010-3864"], "immutableFields": [], "lastseen": "2021-07-31T01:48:53", "history": [{"bulletin": {"id": "UB:CVE-2010-3864", "hash": "0231df15ae0cd7206d8e9eb3b0440a43", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2010-3864", "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o,\n1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on\na TLS server, might allow remote attackers to execute arbitrary code via\nclient data that triggers a heap-based buffer overflow, related to (1) the\nTLS server name extension and (2) elliptic curve cryptography.", "published": "2010-11-17T00:00:00", "modified": "2010-11-17T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2010-3864", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864", "https://ubuntu.com/security/notices/USN-1018-1", "https://nvd.nist.gov/vuln/detail/CVE-2010-3864", "https://launchpad.net/bugs/cve/CVE-2010-3864", "https://security-tracker.debian.org/tracker/CVE-2010-3864"], "cvelist": ["CVE-2010-3864"], "immutableFields": [], "lastseen": "2021-07-01T00:51:24", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-3864"]}, {"type": "f5", "idList": ["SOL12566", "F5:K12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-3864"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "REDHAT-RHSA-2010-0888.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17827.NASL", "FEDORA_2010-17847.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:68704", "OPENVAS:862721", "OPENVAS:831251", "OPENVAS:840540", "OPENVAS:136141256231068703", "OPENVAS:1361412562310862631"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:7EA761108D8", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:5429A1108EB", "FEDORA:D404110F950", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-3022", "ELSA-2010-0979", "ELSA-2019-4581", "ELSA-2011-0677", "ELSA-2019-4747"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}], "modified": "2021-07-01T00:51:24", "rev": 2}, "score": {"value": 7.8, "vector": "NONE", "modified": "2021-07-01T00:51:24", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssl"}], "bugs": []}, "lastseen": "2021-07-01T00:51:24", "differentElements": ["cvss2"], "edition": 1}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12566", "SOL12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-3864"]}, {"type": "fedora", "idList": ["FEDORA:9DFF1E720F", "FEDORA:D404110F950", "FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:564D5110A27", "FEDORA:5429A1108EB", "FEDORA:7EA761108D8"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:26596"]}, {"type": "nessus", "idList": ["FEDORA_2010-17827.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "5968.PRM", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "800790.PRM", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL", "FEDORA_2010-17847.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "5924.PRM", "SLACKWARE_SSA_2010-326-01.NASL", "VMWARE_VMSA-2011-0003.NASL", "DEBIAN_DSA-2125.NASL", "MACOSX_10_6_8.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "GENTOO_GLSA-201110-01.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "REDHAT-RHSA-2010-0888.NASL", "FEDORA_2010-17826.NASL", "ADOBE_FMS_4_0_2.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "openvas", "idList": ["OPENVAS:68704", "OPENVAS:1361412562310103454", "OPENVAS:862568", "OPENVAS:1361412562310100751", "OPENVAS:862737", "OPENVAS:863499", "OPENVAS:862721", "OPENVAS:68673", "OPENVAS:136141256231068673", "OPENVAS:1361412562310122262", "OPENVAS:136141256231068703", "OPENVAS:1361412562310835251", "OPENVAS:103454", "OPENVAS:1361412562310862849", "OPENVAS:840540", "OPENVAS:862849", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862568", "OPENVAS:68703", "OPENVAS:902466", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310831251", "OPENVAS:862920", "OPENVAS:862631", "OPENVAS:1361412562310862631", "OPENVAS:831251", "OPENVAS:1361412562310902466", "OPENVAS:1361412562310862737", "OPENVAS:136141256231068704", "OPENVAS:835251", "OPENVAS:862566", "OPENVAS:136141256231070764", "OPENVAS:1361412562310862721", "OPENVAS:70764", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862566"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2019-4581", "ELSA-2015-3022", "ELSA-2019-4747", "ELSA-2011-0677"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}], "modified": "2021-07-31T01:48:53", "rev": 2}, "score": {"value": 7.8, "vector": "NONE", "modified": "2021-07-31T01:48:53", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssl"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}, {"id": "UB:CVE-2010-4180", "hash": "63d827a5c6d0c7eef91dc21735d2660c", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2010-4180", "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when\nSSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly\nprevent modification of the ciphersuite in the session cache, which allows\nremote attackers to force the downgrade to an unintended cipher via vectors\ninvolving sniffing network traffic to discover a session identifier.", "published": "2010-12-06T00:00:00", "modified": "2010-12-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2010-4180", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180", "http://openssl.org/news/secadv_20101202.txt", "https://ubuntu.com/security/notices/USN-1029-1", "https://nvd.nist.gov/vuln/detail/CVE-2010-4180", "https://launchpad.net/bugs/cve/CVE-2010-4180", "https://security-tracker.debian.org/tracker/CVE-2010-4180"], "cvelist": ["CVE-2010-4180"], "immutableFields": [], "lastseen": "2021-07-31T01:48:28", "history": [{"bulletin": {"id": "UB:CVE-2010-4180", "hash": "d61308650d05f755eb4b1c6ff7f679ae", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2010-4180", "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when\nSSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly\nprevent modification of the ciphersuite in the session cache, which allows\nremote attackers to force the downgrade to an unintended cipher via vectors\ninvolving sniffing network traffic to discover a session identifier.", "published": "2010-12-06T00:00:00", "modified": "2010-12-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2010-4180", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180", "http://openssl.org/news/secadv_20101202.txt", "https://ubuntu.com/security/notices/USN-1029-1", "https://nvd.nist.gov/vuln/detail/CVE-2010-4180", "https://launchpad.net/bugs/cve/CVE-2010-4180", "https://security-tracker.debian.org/tracker/CVE-2010-4180"], "cvelist": ["CVE-2010-4180"], "immutableFields": [], "lastseen": "2021-07-01T00:51:06", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-4180"]}, {"type": "f5", "idList": ["F5:K12543", "SOL12543", "SOL12853", "F5:K12853"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0977/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870370", "OPENVAS:880636", "OPENVAS:1361412562310122287", "OPENVAS:68671", "OPENVAS:136141256231068671", "OPENVAS:1361412562310840550", "OPENVAS:862721", "OPENVAS:1361412562310831275", "OPENVAS:831275", "OPENVAS:1361412562310880636"]}, {"type": "redhat", "idList": ["RHSA-2010:0979", "RHSA-2010:0977", "RHSA-2010:0978"]}, {"type": "nessus", "idList": ["SUSE9_12701.NASL", "SUSE_OPENSSL-7463.NASL", "REDHAT-RHSA-2010-0979.NASL", "FEDORA_2010-18736.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "MANDRIVA_MDVSA-2010-248.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"]}, {"type": "fedora", "idList": ["FEDORA:564D5110A27", "FEDORA:B31D6110781", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11284", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:25258"]}, {"type": "centos", "idList": ["CESA-2010:0977", "CESA-2010:0978"]}, {"type": "slackware", "idList": ["SSA-2010-340-01"]}, {"type": "ubuntu", "idList": ["USN-1029-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2141-1:4DDA2"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0845-1", "SUSE-SU-2011:0847-1"]}], "modified": "2021-07-01T00:51:06", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-07-01T00:51:06", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "0.9.8q, 0.9.8o-4", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssl"}], "bugs": []}, "lastseen": "2021-07-01T00:51:06", "differentElements": ["cvss2"], "edition": 1}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-4180"]}, {"type": "f5", "idList": ["SOL12543", "F5:K12543", "SOL12853", "F5:K12853"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0977/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/"]}, {"type": "nessus", "idList": ["SUSE_LIBCURL4-8618.NASL", "OPENSUSE-2012-76.NASL", "REDHAT-RHSA-2010-0977.NASL", "ORACLELINUX_ELSA-2010-0977.NASL", "FEDORA_2010-18736.NASL", "OPENSSL_1_0_0C.NASL", "SUSE_COMPAT-OPENSSL097G-7644.NASL", "UBUNTU_USN-1029-1.NASL", "REDHAT-RHSA-2010-0979.NASL", "SLACKWARE_SSA_2010-340-01.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "5720.PRM", "REDHAT-RHSA-2010-0978.NASL", "SOLARIS10_146857-01.NASL", "801055.PRM", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_4_COMPAT-OPENSSL097G-110721.NASL", "ORACLELINUX_ELSA-2010-0978.NASL", "SL_20101213_OPENSSL_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SUSE_11_4_CURL-120124.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "CENTOS_RHSA-2010-0978.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "FEDORA_2010-18765.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "CENTOS_RHSA-2010-0977.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE9_12701.NASL", "DEBIAN_DSA-2141.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL"]}, {"type": "redhat", "idList": ["RHSA-2010:0977", "RHSA-2010:0978", "RHSA-2010:0979"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863499", "OPENVAS:1361412562310122287", "OPENVAS:840550", "OPENVAS:1361412562310881366", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310880636", "OPENVAS:880636", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310880460", "OPENVAS:870370", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310122262", "OPENVAS:881366", "OPENVAS:862920", "OPENVAS:863499", "OPENVAS:1361412562310835251", "OPENVAS:136141256231068671", "OPENVAS:831275", "OPENVAS:862721", "OPENVAS:1361412562310840550", "OPENVAS:862849", "OPENVAS:68671", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310862737", "OPENVAS:880460", "OPENVAS:1361412562310870372", "OPENVAS:870372", "OPENVAS:1361412562310831275", "OPENVAS:862737", "OPENVAS:835251"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0978", "ELSA-2010-0977", "ELSA-2010-0979"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11284", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:25258"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2141-1:4DDA2"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:9DFF1E720F", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906"]}, {"type": "centos", "idList": ["CESA-2010:0977", "CESA-2010:0978"]}, {"type": "slackware", "idList": ["SSA-2010-340-01"]}, {"type": "ubuntu", "idList": ["USN-1029-1"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0845-1", "SUSE-SU-2011:0847-1"]}], "modified": "2021-07-31T01:48:28", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-07-31T01:48:28", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "0.9.8q, 0.9.8o-4", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssl"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}, {"id": "UB:CVE-2011-0014", "hash": "0f46c2d920deb1a86543d006ab75a803", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-0014", "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c\nallows remote attackers to cause a denial of service (crash), and possibly\nobtain sensitive information in applications that use OpenSSL, via a\nmalformed ClientHello handshake message that triggers an out-of-bounds\nmemory access, aka \"OCSP stapling vulnerability.\"\n\n#### Bugs\n\n * <https://bugs.edge.launchpad.net/ubuntu/+source/openssl/+bug/718208>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | code/OCSP option is not present in karmic and earlier\n", "published": "2011-02-09T00:00:00", "modified": "2011-02-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-0014", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014", "http://www.openssl.org/news/secadv_20110208.txt", "https://ubuntu.com/security/notices/USN-1064-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-0014", "https://launchpad.net/bugs/cve/CVE-2011-0014", "https://security-tracker.debian.org/tracker/CVE-2011-0014"], "cvelist": ["CVE-2011-0014"], "immutableFields": [], "lastseen": "2021-07-31T01:46:28", "history": [{"bulletin": {"id": "UB:CVE-2011-0014", "hash": "c521cbb2d57b2e0d68e8350628207b1e", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-0014", "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c\nallows remote attackers to cause a denial of service (crash), and possibly\nobtain sensitive information in applications that use OpenSSL, via a\nmalformed ClientHello handshake message that triggers an out-of-bounds\nmemory access, aka \"OCSP stapling vulnerability.\"\n\n#### Bugs\n\n * <https://bugs.edge.launchpad.net/ubuntu/+source/openssl/+bug/718208>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | code/OCSP option is not present in karmic and earlier\n", "published": "2011-02-09T00:00:00", "modified": "2011-02-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-0014", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014", "http://www.openssl.org/news/secadv_20110208.txt", "https://ubuntu.com/security/notices/USN-1064-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-0014", "https://launchpad.net/bugs/cve/CVE-2011-0014", "https://security-tracker.debian.org/tracker/CVE-2011-0014"], "cvelist": ["CVE-2011-0014"], "immutableFields": [], "lastseen": "2021-07-02T03:21:44", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0014"]}, {"type": "f5", "idList": ["F5:K10534046"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11435"]}, {"type": "nessus", "idList": ["SL_20110519_OPENSSL_ON_SL6_X.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-5865.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL", "FEDORA_2011-1255.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-5876.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SLACKWARE_SSA_2011-041-04.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863060", "OPENVAS:136141256231068997", "OPENVAS:136141256231068921", "OPENVAS:68921", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310840589", "OPENVAS:863070", "OPENVAS:840589", "OPENVAS:1361412562310831330", "OPENVAS:870609"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "fedora", "idList": ["FEDORA:9DFF1E720F", "FEDORA:144BA1104EC", "FEDORA:564D5110A27", "FEDORA:C42A8110D0A", "FEDORA:6B3FC110D28", "FEDORA:C9F3119737F"]}, {"type": "debian", "idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-9150", "ELSA-2015-3022", "ELSA-2016-3621", "ELSA-2019-4581", "ELSA-2011-0677", "ELSA-2019-4747"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "vmware", "idList": ["VMSA-2012-0013", "VMSA-2012-0013.2"]}], "modified": "2021-07-02T03:21:44", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-07-02T03:21:44", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.0.0d,0.9.8r", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssl"}], "bugs": ["https://bugs.edge.launchpad.net/ubuntu/+source/openssl/+bug/718208"]}, "lastseen": "2021-07-02T03:21:44", "differentElements": ["cvss2"], "edition": 1}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0014"]}, {"type": "f5", "idList": ["F5:K10534046"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014"]}, {"type": "fedora", "idList": ["FEDORA:C42A8110D0A", "FEDORA:C9F3119737F", "FEDORA:144BA1104EC", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28", "FEDORA:9DFF1E720F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25720", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11435"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD", "DEBIAN:BSA-060:0BDFE"]}, {"type": "nessus", "idList": ["FEDORA_2011-1273.NASL", "MACOSX_10_6_8.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "VMWARE_VMSA-2012-0013.NASL", "FEDORA_2011-5865.NASL", "FEDORA_2011-1255.NASL", "GENTOO_GLSA-201110-01.NASL", "FEDORA_2011-5878.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "UBUNTU_USN-1064-1.NASL", "VMWARE_ESXI_5_0_BUILD_912577_REMOTE.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "OPENSSL_1_0_0D.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "800790.PRM", "FEDORA_2011-5876.NASL", "5782.PRM", "MANDRIVA_MDVSA-2011-028.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "HPSMH_7_0_0_24.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "REDHAT-RHSA-2011-0677.NASL", "5968.PRM", "801053.PRM"]}, {"type": "openvas", "idList": ["OPENVAS:68921", "OPENVAS:862920", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310863499", "OPENVAS:68997", "OPENVAS:1361412562310902466", "OPENVAS:863060", "OPENVAS:831330", "OPENVAS:70764", "OPENVAS:1361412562310862920", "OPENVAS:863499", "OPENVAS:840589", "OPENVAS:870609", "OPENVAS:136141256231070764", "OPENVAS:103558", "OPENVAS:136141256231068997", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310103558", "OPENVAS:1361412562310863060", "OPENVAS:863070", "OPENVAS:902466", "OPENVAS:862849", "OPENVAS:1361412562310870609", "OPENVAS:1361412562310122167", "OPENVAS:136141256231068921"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4747", "ELSA-2021-9150", "ELSA-2016-3621", "ELSA-2015-3022", "ELSA-2011-0677", "ELSA-2019-4581"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "vmware", "idList": ["VMSA-2012-0013", "VMSA-2012-0013.2"]}], "modified": "2021-07-31T01:46:28", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-07-31T01:46:28", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.0.0d,0.9.8r", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssl"}], "bugs": ["https://bugs.edge.launchpad.net/ubuntu/+source/openssl/+bug/718208"], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}], "cve": [{"id": "CVE-2011-0539", "bulletinFamily": "NVD", "title": "CVE-2011-0539", "description": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.", "published": "2011-02-10T18:00:00", "modified": "2017-08-17T01:33:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0539", "reporter": "secalert@redhat.com", "references": ["http://secunia.com/advisories/44269", "http://www.openssh.com/txt/legacy-cert.adv", "http://secunia.com/advisories/43181", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163", "http://www.securitytracker.com/id?1025028", "http://www.openwall.com/lists/oss-security/2011/02/04/2", "http://www.vupen.com/english/advisories/2011/0284", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.securityfocus.com/bid/46155", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"], "cvelist": ["CVE-2011-0539"], "type": "cve", "lastseen": "2021-04-22T23:19:31", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.6"}, {"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openbsd:openssh:5.6", "cpe:/a:openbsd:openssh:5.7"], "cpe23": ["cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2011-0539"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-264"], "description": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:01:22", "references": [{"idList": ["OPENSSH_58.NASL"], "type": "nessus"}, {"idList": ["SOL15013"], "type": "f5"}, {"idList": ["OPENVAS:1361412562310103064", "OPENVAS:103064"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2020-09-21T14:01:22", "rev": 2, "value": 6.0, "vector": "NONE"}}, "hash": "9e59a7c8fcb9737f19dbda173e7c65505ab72de41d45dbd6665692b485fabed8", "hashmap": [{"hash": "f3c647e89fba3c0a4f2a517d4341b970", "key": "affectedSoftware"}, {"hash": "2cf13683885aa7b0ea5a410a4be7d5dc", "key": "modified"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "4d656f77320c6d14c350425c913d3f45", "key": "cpe23"}, {"hash": "aa81a8c865d4a8286e7c4171ea02b482", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "3cfd155dd35af5697b25e7c4724139f2", "key": "cvelist"}, {"hash": "144e7b4f997e1a1627a5b3f757dc0ae6", "key": "references"}, {"hash": "384aecd324176d223c57c247670b6c20", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "02fc42fbf494d903d8e77a05bdf2c182", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "ccbb58b5bf0762d811ce8978458d7c7a", "key": "description"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "0bf21431c68d462ba7848f1e8acdefe6", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0539", "id": "CVE-2011-0539", "lastseen": "2020-09-21T14:01:22", "modified": "2017-08-17T01:33:00", "objectVersion": "1.3", "published": "2011-02-10T18:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.openssh.com/txt/legacy-cert.adv", "http://secunia.com/advisories/43181", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163", "http://www.securitytracker.com/id?1025028", "http://www.openwall.com/lists/oss-security/2011/02/04/2", "http://www.vupen.com/english/advisories/2011/0284", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.securityfocus.com/bid/46155", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"], "reporter": "cve@mitre.org", "title": "CVE-2011-0539", "type": "cve", "viewCount": 15}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T14:01:22"}, {"bulletin": {"affectedSoftware": [{"name": "openbsd openssh", "operator": "eq", "version": "5.6"}, {"name": "openbsd openssh", "operator": "eq", "version": "5.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openbsd:openssh:5.6", "cpe:/a:openbsd:openssh:5.7"], "cpe23": ["cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"], "cvelist": ["CVE-2011-0539"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-264"], "description": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:11:05", "references": [{"idList": ["OPENSSH_58.NASL"], "type": "nessus"}, {"idList": ["SOL15013"], "type": "f5"}, {"idList": ["OPENVAS:1361412562310103064", "OPENVAS:103064"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2019-05-29T18:11:05", "rev": 2, "value": 6.0, "vector": "NONE"}}, "hash": "247c5f46509ec0caae46b319bfaf1de89303c2c18af83f718da844f3b39ef0db", "hashmap": [{"hash": "2cf13683885aa7b0ea5a410a4be7d5dc", "key": "modified"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "4d656f77320c6d14c350425c913d3f45", "key": "cpe23"}, {"hash": "aa81a8c865d4a8286e7c4171ea02b482", "key": "cpe"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "f664026ccb7661b2ddfb94b45d178497", "key": "affectedSoftware"}, {"hash": "3cfd155dd35af5697b25e7c4724139f2", "key": "cvelist"}, {"hash": "144e7b4f997e1a1627a5b3f757dc0ae6", "key": "references"}, {"hash": "384aecd324176d223c57c247670b6c20", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "02fc42fbf494d903d8e77a05bdf2c182", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "ccbb58b5bf0762d811ce8978458d7c7a", "key": "description"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "0bf21431c68d462ba7848f1e8acdefe6", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0539", "id": "CVE-2011-0539", "lastseen": "2019-05-29T18:11:05", "modified": "2017-08-17T01:33:00", "objectVersion": "1.3", "published": "2011-02-10T18:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.openssh.com/txt/legacy-cert.adv", "http://secunia.com/advisories/43181", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163", "http://www.securitytracker.com/id?1025028", "http://www.openwall.com/lists/oss-security/2011/02/04/2", "http://www.vupen.com/english/advisories/2011/0284", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.securityfocus.com/bid/46155", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"], "reporter": "cve@mitre.org", "title": "CVE-2011-0539", "type": "cve", "viewCount": 14}, "differentElements": ["affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:11:05"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.6"}, {"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openbsd:openssh:5.6", "cpe:/a:openbsd:openssh:5.7"], "cpe23": ["cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-0539"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-264"], "description": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T11:39:24", "references": [{"idList": ["OPENSSH_58.NASL"], "type": "nessus"}, {"idList": ["SOL15013"], "type": "f5"}, {"idList": ["OPENVAS:1361412562310103064", "OPENVAS:103064"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2020-10-03T11:39:24", "rev": 2, "value": 6.0, "vector": "NONE"}}, "extraReferences": [], "hash": "f075c533d498f524d4983c4b32e36464198bae9a6d29806b250fea3160c9d137", "hashmap": [{"hash": "f3c647e89fba3c0a4f2a517d4341b970", "key": "affectedSoftware"}, {"hash": "2cf13683885aa7b0ea5a410a4be7d5dc", "key": "modified"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "4d656f77320c6d14c350425c913d3f45", "key": "cpe23"}, {"hash": "aa81a8c865d4a8286e7c4171ea02b482", "key": "cpe"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "3cfd155dd35af5697b25e7c4724139f2", "key": "cvelist"}, {"hash": "144e7b4f997e1a1627a5b3f757dc0ae6", "key": "references"}, {"hash": "384aecd324176d223c57c247670b6c20", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "02fc42fbf494d903d8e77a05bdf2c182", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "59dee5e6672ac8ef5f1d003a702828bb", "key": "cpeConfiguration"}, {"hash": "ccbb58b5bf0762d811ce8978458d7c7a", "key": "description"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "0bf21431c68d462ba7848f1e8acdefe6", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0539", "id": "CVE-2011-0539", "lastseen": "2020-10-03T11:39:24", "modified": "2017-08-17T01:33:00", "objectVersion": "1.3", "published": "2011-02-10T18:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.openssh.com/txt/legacy-cert.adv", "http://secunia.com/advisories/43181", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163", "http://www.securitytracker.com/id?1025028", "http://www.openwall.com/lists/oss-security/2011/02/04/2", "http://www.vupen.com/english/advisories/2011/0284", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.securityfocus.com/bid/46155", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"], "reporter": "cve@mitre.org", "title": "CVE-2011-0539", "type": "cve", "viewCount": 19}, "differentElements": ["extraReferences"], "edition": 3, "lastseen": "2020-10-03T11:39:24"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.6"}, {"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openbsd:openssh:5.6", "cpe:/a:openbsd:openssh:5.7"], "cpe23": ["cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-0539"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-264"], "description": "The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.", "edition": 4, "enchantments": {"dependencies": {"modified": "2021-02-02T05:50:58", "references": [{"idList": ["OPENSSH_58.NASL"], "type": "nessus"}, {"idList": ["SOL15013"], "type": "f5"}, {"idList": ["OPENVAS:1361412562310103064", "OPENVAS:103064"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2021-02-02T05:50:58", "rev": 2, "value": 6.0, "vector": "NONE"}}, "extraReferences": [{"name": "SSRT100413", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "43181", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43181"}, {"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", "refsource": "CONFIRM", "tags": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"}, {"name": "1025028", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1025028"}, {"name": "http://www.openssh.com/txt/legacy-cert.adv", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.openssh.com/txt/legacy-cert.adv"}, {"name": "46155", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/46155"}, {"name": "44269", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/44269"}, {"name": "openssh-certificate-info-disclosure(65163)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163"}, {"name": "[oss-security] 20110204 Re: [vendor-sec] OpenSSH security advisory: legacy certificate signing in 5.6/5.7", "refsource": "MLIST", "tags": [], "url": "http://www.openwall.com/lists/oss-security/2011/02/04/2"}, {"name": "ADV-2011-0284", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0284"}], "hash": "7b24b42e486bcc24eb0e12c3b4dd699224afbcdbbdfa7a85e2230ca4d8901428", "hashmap": [{"hash": "f3c647e89fba3c0a4f2a517d4341b970", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "2cf13683885aa7b0ea5a410a4be7d5dc", "key": "modified"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "4d656f77320c6d14c350425c913d3f45", "key": "cpe23"}, {"hash": "aa81a8c865d4a8286e7c4171ea02b482", "key": "cpe"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "ea9a9393cf02e8c02b2539f5d51629cb", "key": "extraReferences"}, {"hash": "3cfd155dd35af5697b25e7c4724139f2", "key": "cvelist"}, {"hash": "144e7b4f997e1a1627a5b3f757dc0ae6", "key": "references"}, {"hash": "384aecd324176d223c57c247670b6c20", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "02fc42fbf494d903d8e77a05bdf2c182", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "59dee5e6672ac8ef5f1d003a702828bb", "key": "cpeConfiguration"}, {"hash": "ccbb58b5bf0762d811ce8978458d7c7a", "key": "description"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "0bf21431c68d462ba7848f1e8acdefe6", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0539", "id": "CVE-2011-0539", "immutableFields": [], "lastseen": "2021-02-02T05:50:58", "modified": "2017-08-17T01:33:00", "objectVersion": "1.5", "published": "2011-02-10T18:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.openssh.com/txt/legacy-cert.adv", "http://secunia.com/advisories/43181", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163", "http://www.securitytracker.com/id?1025028", "http://www.openwall.com/lists/oss-security/2011/02/04/2", "http://www.vupen.com/english/advisories/2011/0284", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.securityfocus.com/bid/46155", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"], "reporter": "cve@mitre.org", "title": "CVE-2011-0539", "type": "cve", "viewCount": 20}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 4, "lastseen": "2021-02-02T05:50:58"}], "edition": 5, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "f3c647e89fba3c0a4f2a517d4341b970"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "aa81a8c865d4a8286e7c4171ea02b482"}, {"key": "cpe23", "hash": "4d656f77320c6d14c350425c913d3f45"}, {"key": "cpeConfiguration", "hash": "02a91b2780064d81b4258ddb8b62340e"}, {"key": "cvelist", "hash": "3cfd155dd35af5697b25e7c4724139f2"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "f30109dfdbfbf783c0b61792a6b2c20a"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "fa12e087f68642fcaefafba0d4583885"}, {"key": "description", "hash": "ccbb58b5bf0762d811ce8978458d7c7a"}, {"key": "extraReferences", "hash": "ea9a9393cf02e8c02b2539f5d51629cb"}, {"key": "href", "hash": "0bf21431c68d462ba7848f1e8acdefe6"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "2cf13683885aa7b0ea5a410a4be7d5dc"}, {"key": "published", "hash": "02fc42fbf494d903d8e77a05bdf2c182"}, {"key": "references", "hash": "144e7b4f997e1a1627a5b3f757dc0ae6"}, {"key": "reporter", "hash": "0af63656781e575c5eddac3fecf2a03b"}, {"key": "title", "hash": "384aecd324176d223c57c247670b6c20"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "a7884aa2be2a269c836fddbb2e1ddc80eaeacce06a8ac4b0c060306308d8a292", "viewCount": 36, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-0539"]}, {"type": "f5", "idList": ["SOL15013"]}, {"type": "nessus", "idList": ["OPENSSH_58.NASL", "5784.PRM"]}, {"type": "openvas", "idList": ["OPENVAS:103064", "OPENVAS:1361412562310103064"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:26212"]}], "modified": "2021-04-22T23:19:31", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2021-04-22T23:19:31", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:openbsd:openssh:5.6", "cpe:/a:openbsd:openssh:5.7"], "affectedSoftware": [{"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.6"}, {"cpeName": "openbsd:openssh", "name": "openbsd openssh", "operator": "eq", "version": "5.7"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"], "cwe": ["CWE-264"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "SSRT100413", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "43181", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43181"}, {"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", "refsource": "CONFIRM", "tags": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"}, {"name": "1025028", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1025028"}, {"name": "http://www.openssh.com/txt/legacy-cert.adv", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.openssh.com/txt/legacy-cert.adv"}, {"name": "46155", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/46155"}, {"name": "44269", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/44269"}, {"name": "openssh-certificate-info-disclosure(65163)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65163"}, {"name": "[oss-security] 20110204 Re: [vendor-sec] OpenSSH security advisory: legacy certificate signing in 5.6/5.7", "refsource": "MLIST", "tags": [], "url": "http://www.openwall.com/lists/oss-security/2011/02/04/2"}, {"name": "ADV-2011-0284", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0284"}], "immutableFields": []}, {"id": "CVE-2011-1535", "bulletinFamily": "NVD", "title": "CVE-2011-1535", "description": "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.", "published": "2011-04-29T22:55:00", "modified": "2017-08-17T01:34:00", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1535", "reporter": "hp-security-alert@hp.com", "references": ["http://secunia.com/advisories/44269", "http://securitytracker.com/id?1025413", "http://www.securityfocus.com/bid/47716", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"], "cvelist": ["CVE-2011-1535"], "type": "cve", "lastseen": "2021-04-22T23:19:35", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.1"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.0"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "le", "version": "*"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.11"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:hp:insight_control_for_linux:6.1", "cpe:/a:hp:insight_control_for_linux:2.11", "cpe:/a:hp:insight_control_for_linux:2.10", "cpe:/a:hp:insight_control_for_linux:6.2", "cpe:/a:hp:insight_control_for_linux:2.10.01", "cpe:/a:hp:insight_control_for_linux:2.00", "cpe:/a:hp:insight_control_for_linux:6.0", "cpe:/a:hp:insight_control_for_linux:2.00.01"], "cpe23": ["cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "versionEndIncluding": "6.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-1535"], "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-noinfo"], "description": "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-11-29T23:05:18", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2020-11-29T23:05:18", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "8ae9330c99c51936fa575623177e11f3593ff2ed59f94dacf9c27047b9308216", "hashmap": [{"hash": "2bf448254759ff316c6309143b02a6ca", "key": "cvelist"}, {"hash": "4af7f7666646129d582fff6abba5120e", "key": "references"}, {"hash": "d1d4e507809dfa66a7c5d69db2a5faf6", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "3beb102e899a741bbfc6666bcc345eef", "key": "modified"}, {"hash": "d21ac811d9123f8b274b461d7e2281ad", "key": "cvss"}, {"hash": "b0363390c0c687c1281590fe775b0faa", "key": "cpe"}, {"hash": "6f0a52a4ebf11e42ffcac13918092a5e", "key": "title"}, {"hash": "30a3232538ee85f3d33c82f13a0a39b2", "key": "cpeConfiguration"}, {"hash": "2584a724ec58da9cadf68019c13266f9", "key": "description"}, {"hash": "4c479918cf5f5324994461527ae3743a", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "50f2b2f23e12ed87cdec965b38fa2d24", "key": "affectedSoftware"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0f90ad64b105ac591100fa94737f54a", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f1efe6d1155f63601d0e6987b233fce5", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1535", "id": "CVE-2011-1535", "lastseen": "2020-11-29T23:05:18", "modified": "2017-08-17T01:34:00", "objectVersion": "1.3", "published": "2011-04-29T22:55:00", "references": ["http://secunia.com/advisories/44269", "http://securitytracker.com/id?1025413", "http://www.securityfocus.com/bid/47716", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"], "reporter": "cve@mitre.org", "title": "CVE-2011-1535", "type": "cve", "viewCount": 2}, "differentElements": ["affectedSoftware"], "edition": 4, "lastseen": "2020-11-29T23:05:18"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.1"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.0"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "le", "version": "6.2"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.11"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:hp:insight_control_for_linux:6.1", "cpe:/a:hp:insight_control_for_linux:2.11", "cpe:/a:hp:insight_control_for_linux:2.10", "cpe:/a:hp:insight_control_for_linux:6.2", "cpe:/a:hp:insight_control_for_linux:2.10.01", "cpe:/a:hp:insight_control_for_linux:2.00", "cpe:/a:hp:insight_control_for_linux:6.0", "cpe:/a:hp:insight_control_for_linux:2.00.01"], "cpe23": ["cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "versionEndIncluding": "6.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-1535"], "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-noinfo"], "description": "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-12-09T19:39:06", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2020-12-09T19:39:06", "rev": 2, "value": 5.5, "vector": "NONE"}}, "extraReferences": [], "hash": "dc93eeadbcc757602df0526f6467cdee8642b81c9209e0c43847372381a36028", "hashmap": [{"hash": "2bf448254759ff316c6309143b02a6ca", "key": "cvelist"}, {"hash": "4af7f7666646129d582fff6abba5120e", "key": "references"}, {"hash": "d1d4e507809dfa66a7c5d69db2a5faf6", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "3beb102e899a741bbfc6666bcc345eef", "key": "modified"}, {"hash": "d21ac811d9123f8b274b461d7e2281ad", "key": "cvss"}, {"hash": "b0363390c0c687c1281590fe775b0faa", "key": "cpe"}, {"hash": "6f0a52a4ebf11e42ffcac13918092a5e", "key": "title"}, {"hash": "30a3232538ee85f3d33c82f13a0a39b2", "key": "cpeConfiguration"}, {"hash": "25844ace7cb6e6ba02189fa866c6b95c", "key": "affectedSoftware"}, {"hash": "2584a724ec58da9cadf68019c13266f9", "key": "description"}, {"hash": "4c479918cf5f5324994461527ae3743a", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0f90ad64b105ac591100fa94737f54a", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f1efe6d1155f63601d0e6987b233fce5", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1535", "id": "CVE-2011-1535", "lastseen": "2020-12-09T19:39:06", "modified": "2017-08-17T01:34:00", "objectVersion": "1.3", "published": "2011-04-29T22:55:00", "references": ["http://secunia.com/advisories/44269", "http://securitytracker.com/id?1025413", "http://www.securityfocus.com/bid/47716", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"], "reporter": "cve@mitre.org", "title": "CVE-2011-1535", "type": "cve", "viewCount": 2}, "differentElements": ["extraReferences"], "edition": 5, "lastseen": "2020-12-09T19:39:06"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.1"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.0"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "le", "version": "6.2"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.11"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:hp:insight_control_for_linux:6.1", "cpe:/a:hp:insight_control_for_linux:2.11", "cpe:/a:hp:insight_control_for_linux:2.10", "cpe:/a:hp:insight_control_for_linux:6.2", "cpe:/a:hp:insight_control_for_linux:2.10.01", "cpe:/a:hp:insight_control_for_linux:2.00", "cpe:/a:hp:insight_control_for_linux:6.0", "cpe:/a:hp:insight_control_for_linux:2.00.01"], "cpe23": ["cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2011-1535"], "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-noinfo"], "description": "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:01:24", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2020-09-21T14:01:24", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "f1ad301bea7edec1b2957b756ec036c79fdc486810af250aa1baa288704333e1", "hashmap": [{"hash": "2bf448254759ff316c6309143b02a6ca", "key": "cvelist"}, {"hash": "4af7f7666646129d582fff6abba5120e", "key": "references"}, {"hash": "d1d4e507809dfa66a7c5d69db2a5faf6", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "3beb102e899a741bbfc6666bcc345eef", "key": "modified"}, {"hash": "d21ac811d9123f8b274b461d7e2281ad", "key": "cvss"}, {"hash": "b0363390c0c687c1281590fe775b0faa", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "6f0a52a4ebf11e42ffcac13918092a5e", "key": "title"}, {"hash": "25844ace7cb6e6ba02189fa866c6b95c", "key": "affectedSoftware"}, {"hash": "2584a724ec58da9cadf68019c13266f9", "key": "description"}, {"hash": "4c479918cf5f5324994461527ae3743a", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0f90ad64b105ac591100fa94737f54a", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f1efe6d1155f63601d0e6987b233fce5", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1535", "id": "CVE-2011-1535", "lastseen": "2020-09-21T14:01:24", "modified": "2017-08-17T01:34:00", "objectVersion": "1.3", "published": "2011-04-29T22:55:00", "references": ["http://secunia.com/advisories/44269", "http://securitytracker.com/id?1025413", "http://www.securityfocus.com/bid/47716", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"], "reporter": "cve@mitre.org", "title": "CVE-2011-1535", "type": "cve", "viewCount": 0}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T14:01:24"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.1"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.0"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "le", "version": "6.2"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.11"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:hp:insight_control_for_linux:6.1", "cpe:/a:hp:insight_control_for_linux:2.11", "cpe:/a:hp:insight_control_for_linux:2.10", "cpe:/a:hp:insight_control_for_linux:6.2", "cpe:/a:hp:insight_control_for_linux:2.10.01", "cpe:/a:hp:insight_control_for_linux:2.00", "cpe:/a:hp:insight_control_for_linux:6.0", "cpe:/a:hp:insight_control_for_linux:2.00.01"], "cpe23": ["cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "versionEndIncluding": "6.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-1535"], "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-noinfo"], "description": "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.", "edition": 6, "enchantments": {"dependencies": {"modified": "2021-02-02T05:51:01", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2021-02-02T05:51:01", "rev": 2, "value": 5.5, "vector": "NONE"}}, "extraReferences": [{"name": "1025413", "refsource": "SECTRACK", "tags": [], "url": "http://securitytracker.com/id?1025413"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": ["Vendor Advisory"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "hp-insight-unspec-priv-esc(66867)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"}, {"name": "44269", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44269"}, {"name": "47716", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/47716"}], "hash": "264304fdc6bb859832f0df58b3f67ab2ca394a62f9721ff5a1ea27723a7f27d1", "hashmap": [{"hash": "2bf448254759ff316c6309143b02a6ca", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "4af7f7666646129d582fff6abba5120e", "key": "references"}, {"hash": "d1d4e507809dfa66a7c5d69db2a5faf6", "key": "cvss2"}, {"hash": "77b4fc19e7a0004a358664a0861ae2d0", "key": "extraReferences"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "3beb102e899a741bbfc6666bcc345eef", "key": "modified"}, {"hash": "d21ac811d9123f8b274b461d7e2281ad", "key": "cvss"}, {"hash": "b0363390c0c687c1281590fe775b0faa", "key": "cpe"}, {"hash": "6f0a52a4ebf11e42ffcac13918092a5e", "key": "title"}, {"hash": "30a3232538ee85f3d33c82f13a0a39b2", "key": "cpeConfiguration"}, {"hash": "25844ace7cb6e6ba02189fa866c6b95c", "key": "affectedSoftware"}, {"hash": "2584a724ec58da9cadf68019c13266f9", "key": "description"}, {"hash": "4c479918cf5f5324994461527ae3743a", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0f90ad64b105ac591100fa94737f54a", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f1efe6d1155f63601d0e6987b233fce5", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1535", "id": "CVE-2011-1535", "immutableFields": [], "lastseen": "2021-02-02T05:51:01", "modified": "2017-08-17T01:34:00", "objectVersion": "1.5", "published": "2011-04-29T22:55:00", "references": ["http://secunia.com/advisories/44269", "http://securitytracker.com/id?1025413", "http://www.securityfocus.com/bid/47716", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"], "reporter": "cve@mitre.org", "title": "CVE-2011-1535", "type": "cve", "viewCount": 5}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 6, "lastseen": "2021-02-02T05:51:01"}, {"bulletin": {"affectedSoftware": [{"name": "hp insight_control_for_linux", "operator": "eq", "version": "2.11"}, {"name": "hp insight_control_for_linux", "operator": "eq", "version": "6.0"}, {"name": "hp insight_control_for_linux", "operator": "eq", "version": "2.00"}, {"name": "hp insight_control_for_linux", "operator": "le", "version": "6.2"}, {"name": "hp insight_control_for_linux", "operator": "eq", "version": "6.1"}, {"name": "hp insight_control_for_linux", "operator": "eq", "version": "2.10.01"}, {"name": "hp insight_control_for_linux", "operator": "eq", "version": "2.00.01"}, {"name": "hp insight_control_for_linux", "operator": "eq", "version": "2.10"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:hp:insight_control_for_linux:6.1", "cpe:/a:hp:insight_control_for_linux:2.11", "cpe:/a:hp:insight_control_for_linux:2.10", "cpe:/a:hp:insight_control_for_linux:2.10.01", "cpe:/a:hp:insight_control_for_linux:2.00", "cpe:/a:hp:insight_control_for_linux:6.0", "cpe:/a:hp:insight_control_for_linux:2.00.01"], "cpe23": ["cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*"], "cvelist": ["CVE-2011-1535"], "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-noinfo"], "description": "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:11:10", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}], "rev": 2}, "score": {"modified": "2019-05-29T18:11:10", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "d54d6a14802911e185e1cef07d1145c5a2acaaf1f5a7d40a1b33581ab619d386", "hashmap": [{"hash": "2bf448254759ff316c6309143b02a6ca", "key": "cvelist"}, {"hash": "9eb7576020fc7d76cb8f4c7832bd293b", "key": "cpe23"}, {"hash": "4af7f7666646129d582fff6abba5120e", "key": "references"}, {"hash": "d1d4e507809dfa66a7c5d69db2a5faf6", "key": "cvss2"}, {"hash": "3beb102e899a741bbfc6666bcc345eef", "key": "modified"}, {"hash": "d21ac811d9123f8b274b461d7e2281ad", "key": "cvss"}, {"hash": "6f0a52a4ebf11e42ffcac13918092a5e", "key": "title"}, {"hash": "49f8ef94038a6e0a98bbe4223f94ed87", "key": "cpe"}, {"hash": "2584a724ec58da9cadf68019c13266f9", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "cea779b92be52ddd26cf94afbe6cf02d", "key": "affectedSoftware"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0f90ad64b105ac591100fa94737f54a", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f1efe6d1155f63601d0e6987b233fce5", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1535", "id": "CVE-2011-1535", "lastseen": "2019-05-29T18:11:10", "modified": "2017-08-17T01:34:00", "objectVersion": "1.3", "published": "2011-04-29T22:55:00", "references": ["http://secunia.com/advisories/44269", "http://securitytracker.com/id?1025413", "http://www.securityfocus.com/bid/47716", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"], "reporter": "cve@mitre.org", "title": "CVE-2011-1535", "type": "cve", "viewCount": 0}, "differentElements": ["cpe23", "cpe", "affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:11:10"}], "edition": 7, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "25844ace7cb6e6ba02189fa866c6b95c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "b0363390c0c687c1281590fe775b0faa"}, {"key": "cpe23", "hash": "4c479918cf5f5324994461527ae3743a"}, {"key": "cpeConfiguration", "hash": "83687e0be24bcb7f8eb863835ae89164"}, {"key": "cvelist", "hash": "2bf448254759ff316c6309143b02a6ca"}, {"key": "cvss", "hash": "d21ac811d9123f8b274b461d7e2281ad"}, {"key": "cvss2", "hash": "d1d4e507809dfa66a7c5d69db2a5faf6"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "d370d473ba1bd1721d669ef98e2aeebb"}, {"key": "description", "hash": "2584a724ec58da9cadf68019c13266f9"}, {"key": "extraReferences", "hash": "77b4fc19e7a0004a358664a0861ae2d0"}, {"key": "href", "hash": "f1efe6d1155f63601d0e6987b233fce5"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "3beb102e899a741bbfc6666bcc345eef"}, {"key": "published", "hash": "b0f90ad64b105ac591100fa94737f54a"}, {"key": "references", "hash": "4af7f7666646129d582fff6abba5120e"}, {"key": "reporter", "hash": "c124c7458216e88f424b310b050ede72"}, {"key": "title", "hash": "6f0a52a4ebf11e42ffcac13918092a5e"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3b511ac6d7a953b2a27feb9f1671fd38e4a0bc0e71cd4d3a31e85e1787ed41e5", "viewCount": 10, "enchantments": {"dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:26212"]}], "modified": "2021-04-22T23:19:35", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-04-22T23:19:35", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:hp:insight_control_for_linux:6.1", "cpe:/a:hp:insight_control_for_linux:2.11", "cpe:/a:hp:insight_control_for_linux:2.10", "cpe:/a:hp:insight_control_for_linux:6.2", "cpe:/a:hp:insight_control_for_linux:2.10.01", "cpe:/a:hp:insight_control_for_linux:2.00", "cpe:/a:hp:insight_control_for_linux:6.0", "cpe:/a:hp:insight_control_for_linux:2.00.01"], "affectedSoftware": [{"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.1"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "6.0"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.10.01"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "le", "version": "6.2"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.11"}, {"cpeName": "hp:insight_control_for_linux", "name": "hp insight control for linux", "operator": "eq", "version": "2.00"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.2:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.10.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:2.00.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:insight_control_for_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "1025413", "refsource": "SECTRACK", "tags": [], "url": "http://securitytracker.com/id?1025413"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": ["Vendor Advisory"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "hp-insight-unspec-priv-esc(66867)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"}, {"name": "44269", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44269"}, {"name": "47716", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/47716"}], "immutableFields": []}, {"id": "CVE-2010-3864", "bulletinFamily": "NVD", "title": "CVE-2010-3864", "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.", "published": "2010-11-17T16:00:00", "modified": "2018-10-10T20:05:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3864", "reporter": "secalert@redhat.com", "references": ["http://secunia.com/advisories/44269", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html", "http://secunia.com/advisories/42352", "https://rhn.redhat.com/errata/RHSA-2010-0888.html", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/42309", "http://openssl.org/news/secadv_20101116.txt", "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc", "http://secunia.com/advisories/42241", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43312", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html", "http://secunia.com/advisories/42243", "http://marc.info/?l=bugtraq&m=132828103218869&w=2", "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition", "http://www.vupen.com/english/advisories/2010/3041", "http://www.adobe.com/support/security/bulletins/apsb11-11.html", "http://secunia.com/advisories/57353", "http://www.vupen.com/english/advisories/2010/3121", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html", "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "http://secunia.com/advisories/42336", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://secunia.com/advisories/42397", "http://secunia.com/advisories/42413", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "http://securitytracker.com/id?1024743", "http://www.vupen.com/english/advisories/2010/3097", "https://bugzilla.redhat.com/show_bug.cgi?id=649304", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html", "http://www.debian.org/security/2010/dsa-2125", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.vupen.com/english/advisories/2010/3077"], "cvelist": ["CVE-2010-3864"], "type": "cve", "lastseen": "2021-04-21T20:54:23", "history": [{"bulletin": {"affectedSoftware": [{"name": "openssl openssl", "operator": "eq", "version": "1.0.0"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8n"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8m"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8g"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8k"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8h"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8o"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8l"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8i"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8f"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8j"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8l"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"], "cvelist": ["CVE-2010-3864"], "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-362"], "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:10:31", "references": [{"idList": ["SSA-2010-326-01"], "type": "slackware"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12566", "SOL12566"], "type": "f5"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["RHSA-2010:0888"], "type": "redhat"}, {"idList": ["OPENVAS:136141256231068703", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:831251", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:840540"], "type": "openvas"}, {"idList": ["ELSA-2019-4581", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["REDHAT-RHSA-2010-0888.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17847.NASL", "FEDORA_2010-17827.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "FEDORA_2010-17826.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL"], "type": "nessus"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2019-05-29T18:10:31", "rev": 2, "value": 8.0, "vector": "NONE"}}, "hash": "8f945478c6914b84694c3cba971a6d39c3699e7e079dac42d00447426effbd61", "hashmap": [{"hash": "43d2e75eac69ca89fd97d281cf84a3fa", "key": "cvss2"}, {"hash": "951f4add04f53cc6083a6504c511794b", "key": "cwe"}, {"hash": "ed80408f65b06df34ed6dfdb743af507", "key": "cvss"}, {"hash": "cf834d427659e8238bc28e57a349233d", "key": "title"}, {"hash": "4ea89ea46e8685f3bb16a16972c216ed", "key": "modified"}, {"hash": "97da249b644de8edadd09438a01b5a5a", "key": "affectedSoftware"}, {"hash": "173715bc64e816aad7334a0ff5df9163", "key": "description"}, {"hash": "63588cb926bf40128b160eafd7760a54", "key": "cpe23"}, {"hash": "15db4c9e5d2d4b82d6bf6306434fceb3", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "94f0b9a084f091d65c0e576e59c4d0f2", "key": "published"}, {"hash": "64f2895f845b30f9f0f642c1b0154f25", "key": "cpe"}, {"hash": "eca2075c06267bd363f322dc7f333483", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0ad1f255f68b69e3ba13b50a5d714af", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3864", "id": "CVE-2010-3864", "lastseen": "2019-05-29T18:10:31", "modified": "2018-10-10T20:05:00", "objectVersion": "1.3", "published": "2010-11-17T16:00:00", "references": ["http://secunia.com/advisories/44269", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html", "http://secunia.com/advisories/42352", "https://rhn.redhat.com/errata/RHSA-2010-0888.html", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/42309", "http://openssl.org/news/secadv_20101116.txt", "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc", "http://secunia.com/advisories/42241", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43312", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html", "http://secunia.com/advisories/42243", "http://marc.info/?l=bugtraq&m=132828103218869&w=2", "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition", "http://www.vupen.com/english/advisories/2010/3041", "http://www.adobe.com/support/security/bulletins/apsb11-11.html", "http://secunia.com/advisories/57353", "http://www.vupen.com/english/advisories/2010/3121", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html", "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "http://secunia.com/advisories/42336", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://secunia.com/advisories/42397", "http://secunia.com/advisories/42413", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "http://securitytracker.com/id?1024743", "http://www.vupen.com/english/advisories/2010/3097", "https://bugzilla.redhat.com/show_bug.cgi?id=649304", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html", "http://www.debian.org/security/2010/dsa-2125", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.vupen.com/english/advisories/2010/3077"], "reporter": "cve@mitre.org", "title": "CVE-2010-3864", "type": "cve", "viewCount": 46}, "differentElements": ["affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:10:31"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8l"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2010-3864"], "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-362"], "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T11:57:30", "references": [{"idList": ["FEDORA:5429A1108EB", "FEDORA:6B3FC110D28", "FEDORA:7EA761108D8", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:D404110F950"], "type": "fedora"}, {"idList": ["SSA-2010-326-01"], "type": "slackware"}, {"idList": ["REDHAT-RHSA-2010-0888.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17847.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "FEDORA_2010-17827.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL"], "type": "nessus"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12566", "SOL12566"], "type": "f5"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["RHSA-2010:0888"], "type": "redhat"}, {"idList": ["ELSA-2019-4581", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["OPENVAS:136141256231068703", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:862721", "OPENVAS:831251", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:840540"], "type": "openvas"}, {"idList": ["OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2020-10-03T11:57:30", "rev": 2, "value": 8.0, "vector": "NONE"}}, "extraReferences": [], "hash": "c10dd8052f5b9ba28a25d86f72b952df7f3b271dbe2797fd4f11bda8ebd34319", "hashmap": [{"hash": "43d2e75eac69ca89fd97d281cf84a3fa", "key": "cvss2"}, {"hash": "1a410aea8d756d7c048cb6a5d3618be1", "key": "affectedSoftware"}, {"hash": "951f4add04f53cc6083a6504c511794b", "key": "cwe"}, {"hash": "ed80408f65b06df34ed6dfdb743af507", "key": "cvss"}, {"hash": "cf834d427659e8238bc28e57a349233d", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "4ea89ea46e8685f3bb16a16972c216ed", "key": "modified"}, {"hash": "173715bc64e816aad7334a0ff5df9163", "key": "description"}, {"hash": "63588cb926bf40128b160eafd7760a54", "key": "cpe23"}, {"hash": "15db4c9e5d2d4b82d6bf6306434fceb3", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "771658cb5ebb771b4bdbc1361d001958", "key": "cpeConfiguration"}, {"hash": "94f0b9a084f091d65c0e576e59c4d0f2", "key": "published"}, {"hash": "64f2895f845b30f9f0f642c1b0154f25", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "eca2075c06267bd363f322dc7f333483", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0ad1f255f68b69e3ba13b50a5d714af", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3864", "id": "CVE-2010-3864", "lastseen": "2020-10-03T11:57:30", "modified": "2018-10-10T20:05:00", "objectVersion": "1.3", "published": "2010-11-17T16:00:00", "references": ["http://secunia.com/advisories/44269", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html", "http://secunia.com/advisories/42352", "https://rhn.redhat.com/errata/RHSA-2010-0888.html", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/42309", "http://openssl.org/news/secadv_20101116.txt", "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc", "http://secunia.com/advisories/42241", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43312", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html", "http://secunia.com/advisories/42243", "http://marc.info/?l=bugtraq&m=132828103218869&w=2", "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition", "http://www.vupen.com/english/advisories/2010/3041", "http://www.adobe.com/support/security/bulletins/apsb11-11.html", "http://secunia.com/advisories/57353", "http://www.vupen.com/english/advisories/2010/3121", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html", "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "http://secunia.com/advisories/42336", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://secunia.com/advisories/42397", "http://secunia.com/advisories/42413", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "http://securitytracker.com/id?1024743", "http://www.vupen.com/english/advisories/2010/3097", "https://bugzilla.redhat.com/show_bug.cgi?id=649304", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html", "http://www.debian.org/security/2010/dsa-2125", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.vupen.com/english/advisories/2010/3077"], "reporter": "cve@mitre.org", "title": "CVE-2010-3864", "type": "cve", "viewCount": 50}, "differentElements": ["extraReferences"], "edition": 3, "lastseen": "2020-10-03T11:57:30"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8l"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2010-3864"], "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-362"], "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T13:56:16", "references": [{"idList": ["SSA-2010-326-01"], "type": "slackware"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12566", "SOL12566"], "type": "f5"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["RHSA-2010:0888"], "type": "redhat"}, {"idList": ["OPENVAS:136141256231068703", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:831251", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:840540"], "type": "openvas"}, {"idList": ["REDHAT-RHSA-2010-0888.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "FEDORA_2010-17827.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "UBUNTU_USN-1018-1.NASL", "FEDORA_2010-17826.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL"], "type": "nessus"}, {"idList": ["ELSA-2019-4581", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2020-09-21T13:56:16", "rev": 2, "value": 8.0, "vector": "NONE"}}, "hash": "a81a469a86208f54370077450d7f1a24f2521ea470f83cf55a8ba9f412cf10b3", "hashmap": [{"hash": "43d2e75eac69ca89fd97d281cf84a3fa", "key": "cvss2"}, {"hash": "1a410aea8d756d7c048cb6a5d3618be1", "key": "affectedSoftware"}, {"hash": "951f4add04f53cc6083a6504c511794b", "key": "cwe"}, {"hash": "ed80408f65b06df34ed6dfdb743af507", "key": "cvss"}, {"hash": "cf834d427659e8238bc28e57a349233d", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "4ea89ea46e8685f3bb16a16972c216ed", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "173715bc64e816aad7334a0ff5df9163", "key": "description"}, {"hash": "63588cb926bf40128b160eafd7760a54", "key": "cpe23"}, {"hash": "15db4c9e5d2d4b82d6bf6306434fceb3", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "94f0b9a084f091d65c0e576e59c4d0f2", "key": "published"}, {"hash": "64f2895f845b30f9f0f642c1b0154f25", "key": "cpe"}, {"hash": "eca2075c06267bd363f322dc7f333483", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0ad1f255f68b69e3ba13b50a5d714af", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3864", "id": "CVE-2010-3864", "lastseen": "2020-09-21T13:56:16", "modified": "2018-10-10T20:05:00", "objectVersion": "1.3", "published": "2010-11-17T16:00:00", "references": ["http://secunia.com/advisories/44269", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html", "http://secunia.com/advisories/42352", "https://rhn.redhat.com/errata/RHSA-2010-0888.html", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/42309", "http://openssl.org/news/secadv_20101116.txt", "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc", "http://secunia.com/advisories/42241", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43312", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html", "http://secunia.com/advisories/42243", "http://marc.info/?l=bugtraq&m=132828103218869&w=2", "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition", "http://www.vupen.com/english/advisories/2010/3041", "http://www.adobe.com/support/security/bulletins/apsb11-11.html", "http://secunia.com/advisories/57353", "http://www.vupen.com/english/advisories/2010/3121", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html", "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "http://secunia.com/advisories/42336", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://secunia.com/advisories/42397", "http://secunia.com/advisories/42413", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "http://securitytracker.com/id?1024743", "http://www.vupen.com/english/advisories/2010/3097", "https://bugzilla.redhat.com/show_bug.cgi?id=649304", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html", "http://www.debian.org/security/2010/dsa-2125", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.vupen.com/english/advisories/2010/3077"], "reporter": "cve@mitre.org", "title": "CVE-2010-3864", "type": "cve", "viewCount": 46}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T13:56:16"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8l"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2010-3864"], "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-362"], "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.", "edition": 4, "enchantments": {"dependencies": {"modified": "2021-02-02T05:45:03", "references": [{"idList": ["OPENVAS:136141256231068703", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:831251", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:840540"], "type": "openvas"}, {"idList": ["FEDORA:5429A1108EB", "FEDORA:6B3FC110D28", "FEDORA:7EA761108D8", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:D404110F950"], "type": "fedora"}, {"idList": ["SSA-2010-326-01"], "type": "slackware"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12566", "SOL12566"], "type": "f5"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["RHSA-2010:0888"], "type": "redhat"}, {"idList": ["REDHAT-RHSA-2010-0888.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17847.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "FEDORA_2010-17827.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL"], "type": "nessus"}, {"idList": ["ELSA-2019-4581", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2021-02-02T05:45:03", "rev": 2, "value": 8.0, "vector": "NONE"}}, "extraReferences": [{"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released", "refsource": "MLIST", "tags": [], "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"}, {"name": "HPSBUX02638", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2"}, {"name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4723"}, {"name": "VU#737740", "refsource": "CERT-VN", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/737740"}, {"name": "SUSE-SR:2010:022", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "SSA:2010-326-01", "refsource": "SLACKWARE", "tags": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793"}, {"name": "ADV-2010-3041", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3041"}, {"name": "ADV-2010-3097", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3097"}, {"name": "ADV-2010-3121", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3121"}, {"name": "FEDORA-2010-17847", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html"}, {"name": "RHSA-2010:0888", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2010-0888.html"}, {"name": "42336", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42336"}, {"name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "42352", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42352"}, {"name": "43312", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/43312"}, {"name": "HPSBGN02740", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=132828103218869&w=2"}, {"name": "FEDORA-2010-17827", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html"}, {"name": "44269", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/44269"}, {"name": "57353", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/57353"}, {"name": "DSA-2125", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2010/dsa-2125"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"}, {"name": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition", "refsource": "CONFIRM", "tags": [], "url": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition"}, {"name": "ADV-2010-3077", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3077"}, {"name": "SSRT100475", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"}, {"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "refsource": "BUGTRAQ", "tags": [], "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"}, {"name": "42397", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42397"}, {"name": "FEDORA-2010-17826", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html"}, {"name": "1024743", "refsource": "SECTRACK", "tags": ["Patch"], "url": "http://securitytracker.com/id?1024743"}, {"name": "FreeBSD-SA-10:10", "refsource": "FREEBSD", "tags": [], "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc"}, {"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released", "refsource": "MLIST", "tags": [], "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"}, {"name": "42243", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42243"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb11-11.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"}, {"name": "http://openssl.org/news/secadv_20101116.txt", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://openssl.org/news/secadv_20101116.txt"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=649304", "refsource": "CONFIRM", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=649304"}, {"name": "42309", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42309"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "refsource": "CONFIRM", "tags": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"}, {"name": "42241", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42241"}, {"name": "42413", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42413"}], "hash": "3914a545ffe149082d49d1e6aa6101fe02b02d5e810031ceb5ead86fe5798947", "hashmap": [{"hash": "43d2e75eac69ca89fd97d281cf84a3fa", "key": "cvss2"}, {"hash": "1a410aea8d756d7c048cb6a5d3618be1", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "951f4add04f53cc6083a6504c511794b", "key": "cwe"}, {"hash": "ed80408f65b06df34ed6dfdb743af507", "key": "cvss"}, {"hash": "cf834d427659e8238bc28e57a349233d", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "4ea89ea46e8685f3bb16a16972c216ed", "key": "modified"}, {"hash": "173715bc64e816aad7334a0ff5df9163", "key": "description"}, {"hash": "63588cb926bf40128b160eafd7760a54", "key": "cpe23"}, {"hash": "15db4c9e5d2d4b82d6bf6306434fceb3", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "3af495188c8656bfcd419269fe26929a", "key": "extraReferences"}, {"hash": "771658cb5ebb771b4bdbc1361d001958", "key": "cpeConfiguration"}, {"hash": "94f0b9a084f091d65c0e576e59c4d0f2", "key": "published"}, {"hash": "64f2895f845b30f9f0f642c1b0154f25", "key": "cpe"}, {"hash": "eca2075c06267bd363f322dc7f333483", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b0ad1f255f68b69e3ba13b50a5d714af", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3864", "id": "CVE-2010-3864", "immutableFields": [], "lastseen": "2021-02-02T05:45:03", "modified": "2018-10-10T20:05:00", "objectVersion": "1.5", "published": "2010-11-17T16:00:00", "references": ["http://secunia.com/advisories/44269", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html", "http://secunia.com/advisories/42352", "https://rhn.redhat.com/errata/RHSA-2010-0888.html", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/42309", "http://openssl.org/news/secadv_20101116.txt", "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc", "http://secunia.com/advisories/42241", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43312", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html", "http://secunia.com/advisories/42243", "http://marc.info/?l=bugtraq&m=132828103218869&w=2", "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition", "http://www.vupen.com/english/advisories/2010/3041", "http://www.adobe.com/support/security/bulletins/apsb11-11.html", "http://secunia.com/advisories/57353", "http://www.vupen.com/english/advisories/2010/3121", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html", "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "http://secunia.com/advisories/42336", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://secunia.com/advisories/42397", "http://secunia.com/advisories/42413", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "http://securitytracker.com/id?1024743", "http://www.vupen.com/english/advisories/2010/3097", "https://bugzilla.redhat.com/show_bug.cgi?id=649304", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html", "http://www.debian.org/security/2010/dsa-2125", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.vupen.com/english/advisories/2010/3077"], "reporter": "cve@mitre.org", "title": "CVE-2010-3864", "type": "cve", "viewCount": 53}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 4, "lastseen": "2021-02-02T05:45:03"}], "edition": 5, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "1a410aea8d756d7c048cb6a5d3618be1"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "64f2895f845b30f9f0f642c1b0154f25"}, {"key": "cpe23", "hash": "63588cb926bf40128b160eafd7760a54"}, {"key": "cpeConfiguration", "hash": "9ab77b640e829fadf4655c4e7af87be0"}, {"key": "cvelist", "hash": "eca2075c06267bd363f322dc7f333483"}, {"key": "cvss", "hash": "ed80408f65b06df34ed6dfdb743af507"}, {"key": "cvss2", "hash": "43d2e75eac69ca89fd97d281cf84a3fa"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "951f4add04f53cc6083a6504c511794b"}, {"key": "description", "hash": "173715bc64e816aad7334a0ff5df9163"}, {"key": "extraReferences", "hash": "3af495188c8656bfcd419269fe26929a"}, {"key": "href", "hash": "b0ad1f255f68b69e3ba13b50a5d714af"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "4ea89ea46e8685f3bb16a16972c216ed"}, {"key": "published", "hash": "94f0b9a084f091d65c0e576e59c4d0f2"}, {"key": "references", "hash": "15db4c9e5d2d4b82d6bf6306434fceb3"}, {"key": "reporter", "hash": "0af63656781e575c5eddac3fecf2a03b"}, {"key": "title", "hash": "cf834d427659e8238bc28e57a349233d"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "e5da0a481ad3c4447a595c2a3df4f29c1e0557469ca3255d7bebb3d074326cfa", "viewCount": 73, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12566", "SOL12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-3864"]}, {"type": "fedora", "idList": ["FEDORA:9DFF1E720F", "FEDORA:D404110F950", "FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:564D5110A27", "FEDORA:5429A1108EB", "FEDORA:7EA761108D8"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:26596"]}, {"type": "nessus", "idList": ["FEDORA_2010-17827.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "5968.PRM", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "800790.PRM", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL", "FEDORA_2010-17847.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "5924.PRM", "SLACKWARE_SSA_2010-326-01.NASL", "VMWARE_VMSA-2011-0003.NASL", "DEBIAN_DSA-2125.NASL", "MACOSX_10_6_8.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "GENTOO_GLSA-201110-01.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "REDHAT-RHSA-2010-0888.NASL", "FEDORA_2010-17826.NASL", "ADOBE_FMS_4_0_2.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "openvas", "idList": ["OPENVAS:68704", "OPENVAS:1361412562310103454", "OPENVAS:862568", "OPENVAS:1361412562310100751", "OPENVAS:862737", "OPENVAS:863499", "OPENVAS:862721", "OPENVAS:68673", "OPENVAS:136141256231068673", "OPENVAS:1361412562310122262", "OPENVAS:136141256231068703", "OPENVAS:1361412562310835251", "OPENVAS:103454", "OPENVAS:1361412562310862849", "OPENVAS:840540", "OPENVAS:862849", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862568", "OPENVAS:68703", "OPENVAS:902466", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310831251", "OPENVAS:862920", "OPENVAS:862631", "OPENVAS:1361412562310862631", "OPENVAS:831251", "OPENVAS:1361412562310902466", "OPENVAS:1361412562310862737", "OPENVAS:136141256231068704", "OPENVAS:835251", "OPENVAS:862566", "OPENVAS:136141256231070764", "OPENVAS:1361412562310862721", "OPENVAS:70764", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862566"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2019-4581", "ELSA-2015-3022", "ELSA-2019-4747", "ELSA-2011-0677"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}], "modified": "2021-04-21T20:54:23", "rev": 2}, "score": {"value": 8.0, "vector": "NONE", "modified": "2021-04-21T20:54:23", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8l"], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}], "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"], "cwe": ["CWE-362"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released", "refsource": "MLIST", "tags": [], "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"}, {"name": "HPSBUX02638", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2"}, {"name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4723"}, {"name": "VU#737740", "refsource": "CERT-VN", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/737740"}, {"name": "SUSE-SR:2010:022", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "SSA:2010-326-01", "refsource": "SLACKWARE", "tags": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793"}, {"name": "ADV-2010-3041", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3041"}, {"name": "ADV-2010-3097", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3097"}, {"name": "ADV-2010-3121", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3121"}, {"name": "FEDORA-2010-17847", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html"}, {"name": "RHSA-2010:0888", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2010-0888.html"}, {"name": "42336", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42336"}, {"name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "42352", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42352"}, {"name": "43312", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/43312"}, {"name": "HPSBGN02740", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=132828103218869&w=2"}, {"name": "FEDORA-2010-17827", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html"}, {"name": "44269", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/44269"}, {"name": "57353", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/57353"}, {"name": "DSA-2125", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2010/dsa-2125"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"}, {"name": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition", "refsource": "CONFIRM", "tags": [], "url": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition"}, {"name": "ADV-2010-3077", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/3077"}, {"name": "SSRT100475", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"}, {"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "refsource": "BUGTRAQ", "tags": [], "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"}, {"name": "42397", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42397"}, {"name": "FEDORA-2010-17826", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html"}, {"name": "1024743", "refsource": "SECTRACK", "tags": ["Patch"], "url": "http://securitytracker.com/id?1024743"}, {"name": "FreeBSD-SA-10:10", "refsource": "FREEBSD", "tags": [], "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc"}, {"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released", "refsource": "MLIST", "tags": [], "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"}, {"name": "42243", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42243"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb11-11.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"}, {"name": "http://openssl.org/news/secadv_20101116.txt", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://openssl.org/news/secadv_20101116.txt"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=649304", "refsource": "CONFIRM", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=649304"}, {"name": "42309", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42309"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "refsource": "CONFIRM", "tags": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"}, {"name": "42241", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42241"}, {"name": "42413", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/42413"}], "immutableFields": []}, {"id": "CVE-2010-4180", "bulletinFamily": "NVD", "title": "CVE-2010-4180", "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.", "published": "2010-12-06T21:05:00", "modified": "2017-09-19T01:31:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4180", "reporter": "secalert@redhat.com", "references": ["http://secunia.com/advisories/44269", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "http://www.vupen.com/english/advisories/2010/3120", "http://secunia.com/advisories/42473", "http://ubuntu.com/usn/usn-1029-1", "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "http://www.vupen.com/english/advisories/2011/0076", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/43170", "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "http://www.vupen.com/english/advisories/2010/3122", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html", "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "http://secunia.com/advisories/42811", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html", "http://secunia.com/advisories/43172", "http://www.vupen.com/english/advisories/2011/0032", "http://secunia.com/advisories/42469", "http://secunia.com/advisories/43173", "http://www.securitytracker.com/id?1024822", "http://www.vupen.com/english/advisories/2010/3134", "http://osvdb.org/69565", "http://secunia.com/advisories/42620", "http://secunia.com/advisories/43169", "http://www.vupen.com/english/advisories/2010/3188", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248", "http://www.vupen.com/english/advisories/2011/0268", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "http://www.securityfocus.com/archive/1/522176", "http://secunia.com/advisories/42571", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.redhat.com/support/errata/RHSA-2010-0979.html", "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "http://secunia.com/advisories/42493", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://www.debian.org/security/2011/dsa-2141", "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.redhat.com/support/errata/RHSA-2010-0977.html", "http://secunia.com/advisories/42877", "http://secunia.com/advisories/43171", "http://www.redhat.com/support/errata/RHSA-2010-0978.html", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.securityfocus.com/bid/45164", "http://cvs.openssl.org/chngview?cn=20131", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471", "http://openssl.org/news/secadv_20101202.txt", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"], "cvelist": ["CVE-2010-4180"], "type": "cve", "lastseen": "2021-04-21T20:54:24", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.1c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "le", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.2b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.4"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7a"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "versionEndIncluding": "0.9.8p", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2010-4180"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-Other"], "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.", "edition": 6, "enchantments": {"dependencies": {"modified": "2021-02-02T05:45:04", "references": [{"idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"], "type": "suse"}, {"idList": ["USN-1029-1"], "type": "ubuntu"}, {"idList": ["FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27"], "type": "fedora"}, {"idList": ["SSA-2010-340-01"], "type": "slackware"}, {"idList": ["SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-2141-1:4DDA2"], "type": "debian"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"], "type": "oraclelinux"}, {"idList": ["SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "FEDORA_2010-18736.NASL", "REDHAT-RHSA-2010-0979.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SOLARIS10_146857-01.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL"], "type": "nessus"}, {"idList": ["OPENSSL:CVE-2010-4180"], "type": "openssl"}, {"idList": ["CESA-2010:0978", "CESA-2010:0977"], "type": "centos"}, {"idList": ["RHSA-2010:0978", "RHSA-2010:0977", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["OPENVAS:831275", "OPENVAS:1361412562310862721", "OPENVAS:870370", "OPENVAS:68671", "OPENVAS:136141256231068671", "OPENVAS:840550", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310831275", "OPENVAS:1361412562310840550"], "type": "openvas"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["F5:K12853", "SOL12853", "F5:K12543", "SOL12543"], "type": "f5"}], "rev": 2}, "score": {"modified": "2021-02-02T05:45:04", "rev": 2, "value": 5.9, "vector": "NONE"}}, "extraReferences": [{"name": "HPSBUX02638", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2"}, {"name": "43173", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43173"}, {"name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4723"}, {"name": "RHSA-2010:0978", "refsource": "REDHAT", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0978.html"}, {"name": "VU#737740", "refsource": "CERT-VN", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/737740"}, {"name": "SSRT100817", "refsource": "HP", "tags": [], "url": "http://www.securityfocus.com/archive/1/522176"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "SUSE-SR:2011:009", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"}, {"name": "ADV-2011-0076", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0076"}, {"name": "http://cvs.openssl.org/chngview?cn=20131", "refsource": "CONFIRM", "tags": ["Patch"], "url": "http://cvs.openssl.org/chngview?cn=20131"}, {"name": "43169", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43169"}, {"name": "42811", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42811"}, {"name": "openSUSE-SU-2011:0845", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"}, {"name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "refsource": "CONFIRM", "tags": [], "url": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST"}, {"name": "MDVSA-2010:248", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248"}, {"name": "SUSE-SU-2011:0847", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"}, {"name": "43172", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43172"}, {"name": "HPSBHF02706", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2"}, {"name": "SSRT100475", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"}, {"name": "SSA:2010-340-01", "refsource": "SLACKWARE", "tags": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471"}, {"name": "FEDORA-2010-18736", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "refsource": "CONFIRM", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=659462"}, {"name": "ADV-2010-3122", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3122"}, {"name": "44269", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44269"}, {"name": "ADV-2010-3188", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3188"}, {"name": "oval:org.mitre.oval:def:18910", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"}, {"name": "RHSA-2010:0979", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0979.html"}, {"name": "42620", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42620"}, {"name": "42469", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42469"}, {"name": "45164", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/45164"}, {"name": "RHSA-2011:0896", "refsource": "REDHAT", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"}, {"name": "FEDORA-2010-18765", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html"}, {"name": "USN-1029-1", "refsource": "UBUNTU", "tags": [], "url": "http://ubuntu.com/usn/usn-1029-1"}, {"name": "42877", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42877"}, {"name": "42473", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42473"}, {"name": "43170", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43170"}, {"name": "42571", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42571"}, {"name": "ADV-2010-3120", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3120"}, {"name": "1024822", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1024822"}, {"name": "ADV-2010-3134", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3134"}, {"name": "RHSA-2010:0977", "refsource": "REDHAT", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"}, {"name": "42493", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42493"}, {"name": "43171", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43171"}, {"name": "DSA-2141", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2011/dsa-2141"}, {"name": "69565", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/69565"}, {"name": "ADV-2011-0032", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0032"}, {"name": "http://openssl.org/news/secadv_20101202.txt", "refsource": "CONFIRM", "tags": ["Patch"], "url": "http://openssl.org/news/secadv_20101202.txt"}, {"name": "SUSE-SR:2011:001", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"}, {"name": "ADV-2011-0268", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0268"}], "hash": "baf620d08e24f42090fdc8fee3d21dd6159873be5663efe336cb6867898c65ec", "hashmap": [{"hash": "2d33c984e99bf26302f2831ecb17d17e", "key": "cpeConfiguration"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "4ebf797c97a61aac94164dc1dade7f39", "key": "title"}, {"hash": "43128c5a054024ab48ecf4015fb64c96", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "d34fc439086c4e43d2c013a5dc706d17", "key": "extraReferences"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "b4dc45cd2b319d3cc231d066d5d51d5b", "key": "href"}, {"hash": "5b2ebee38202b7ec3e6807a30a91f66d", "key": "published"}, {"hash": "78a7a5cbaf09985c14389298e454e7db", "key": "cwe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1376299678e4b22a45cbb6e661929c18", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "245b58f1cca0f96b2922fa1f24ad9b3f", "key": "cpe"}, {"hash": "1f962b0aa5429099eaa800f9f2f45c81", "key": "cvelist"}, {"hash": "00699c06d8c412302f90ca117a10a72e", "key": "description"}, {"hash": "88ebb8603442ccb28bba5e2600567735", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cc171cfc040908abfd1e12ea0468f5d8", "key": "affectedSoftware"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4180", "id": "CVE-2010-4180", "immutableFields": [], "lastseen": "2021-02-02T05:45:04", "modified": "2017-09-19T01:31:00", "objectVersion": "1.5", "published": "2010-12-06T21:05:00", "references": ["http://secunia.com/advisories/44269", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "http://www.vupen.com/english/advisories/2010/3120", "http://secunia.com/advisories/42473", "http://ubuntu.com/usn/usn-1029-1", "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "http://www.vupen.com/english/advisories/2011/0076", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/43170", "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "http://www.vupen.com/english/advisories/2010/3122", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html", "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "http://secunia.com/advisories/42811", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html", "http://secunia.com/advisories/43172", "http://www.vupen.com/english/advisories/2011/0032", "http://secunia.com/advisories/42469", "http://secunia.com/advisories/43173", "http://www.securitytracker.com/id?1024822", "http://www.vupen.com/english/advisories/2010/3134", "http://osvdb.org/69565", "http://secunia.com/advisories/42620", "http://secunia.com/advisories/43169", "http://www.vupen.com/english/advisories/2010/3188", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248", "http://www.vupen.com/english/advisories/2011/0268", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "http://www.securityfocus.com/archive/1/522176", "http://secunia.com/advisories/42571", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.redhat.com/support/errata/RHSA-2010-0979.html", "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "http://secunia.com/advisories/42493", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://www.debian.org/security/2011/dsa-2141", "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.redhat.com/support/errata/RHSA-2010-0977.html", "http://secunia.com/advisories/42877", "http://secunia.com/advisories/43171", "http://www.redhat.com/support/errata/RHSA-2010-0978.html", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.securityfocus.com/bid/45164", "http://cvs.openssl.org/chngview?cn=20131", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471", "http://openssl.org/news/secadv_20101202.txt", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"], "reporter": "cve@mitre.org", "title": "CVE-2010-4180", "type": "cve", "viewCount": 22}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 6, "lastseen": "2021-02-02T05:45:04"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.1c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "le", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.2b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.4"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7a"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "versionEndIncluding": "0.9.8p", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2010-4180"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-Other"], "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T11:57:31", "references": [{"idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"], "type": "suse"}, {"idList": ["USN-1029-1"], "type": "ubuntu"}, {"idList": ["SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "FEDORA_2010-18736.NASL", "REDHAT-RHSA-2010-0979.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "SUSE9_12701.NASL", "FEDORA_2010-18765.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL"], "type": "nessus"}, {"idList": ["SSA-2010-340-01"], "type": "slackware"}, {"idList": ["SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-2141-1:4DDA2"], "type": "debian"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["OPENVAS:880636", "OPENVAS:831275", "OPENVAS:862721", "OPENVAS:1361412562310880636", "OPENVAS:68671", "OPENVAS:840550", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310831275", "OPENVAS:1361412562310840550"], "type": "openvas"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-4180"], "type": "openssl"}, {"idList": ["CESA-2010:0978", "CESA-2010:0977"], "type": "centos"}, {"idList": ["RHSA-2010:0978", "RHSA-2010:0977", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["F5:K12853", "SOL12853", "F5:K12543", "SOL12543"], "type": "f5"}], "rev": 2}, "exploitation": {"modified": "2020-10-03T11:57:31", "wildExploited": false, "wildExploitedSources": []}, "score": {"modified": "2020-10-03T11:57:31", "rev": 2, "value": 5.9, "vector": "NONE"}}, "hash": "652f4c199cc0a93594611517506ae4755029540068d67673e0419197c30450c4", "hashmap": [{"hash": "2d33c984e99bf26302f2831ecb17d17e", "key": "cpeConfiguration"}, {"hash": "4ebf797c97a61aac94164dc1dade7f39", "key": "title"}, {"hash": "43128c5a054024ab48ecf4015fb64c96", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "b4dc45cd2b319d3cc231d066d5d51d5b", "key": "href"}, {"hash": "5b2ebee38202b7ec3e6807a30a91f66d", "key": "published"}, {"hash": "78a7a5cbaf09985c14389298e454e7db", "key": "cwe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1376299678e4b22a45cbb6e661929c18", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "245b58f1cca0f96b2922fa1f24ad9b3f", "key": "cpe"}, {"hash": "1f962b0aa5429099eaa800f9f2f45c81", "key": "cvelist"}, {"hash": "00699c06d8c412302f90ca117a10a72e", "key": "description"}, {"hash": "88ebb8603442ccb28bba5e2600567735", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cc171cfc040908abfd1e12ea0468f5d8", "key": "affectedSoftware"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4180", "id": "CVE-2010-4180", "lastseen": "2020-10-03T11:57:31", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2010-12-06T21:05:00", "references": ["http://secunia.com/advisories/44269", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "http://www.vupen.com/english/advisories/2010/3120", "http://secunia.com/advisories/42473", "http://ubuntu.com/usn/usn-1029-1", "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "http://www.vupen.com/english/advisories/2011/0076", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/43170", "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "http://www.vupen.com/english/advisories/2010/3122", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html", "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "http://secunia.com/advisories/42811", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html", "http://secunia.com/advisories/43172", "http://www.vupen.com/english/advisories/2011/0032", "http://secunia.com/advisories/42469", "http://secunia.com/advisories/43173", "http://www.securitytracker.com/id?1024822", "http://www.vupen.com/english/advisories/2010/3134", "http://osvdb.org/69565", "http://secunia.com/advisories/42620", "http://secunia.com/advisories/43169", "http://www.vupen.com/english/advisories/2010/3188", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248", "http://www.vupen.com/english/advisories/2011/0268", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "http://www.securityfocus.com/archive/1/522176", "http://secunia.com/advisories/42571", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.redhat.com/support/errata/RHSA-2010-0979.html", "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "http://secunia.com/advisories/42493", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://www.debian.org/security/2011/dsa-2141", "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.redhat.com/support/errata/RHSA-2010-0977.html", "http://secunia.com/advisories/42877", "http://secunia.com/advisories/43171", "http://www.redhat.com/support/errata/RHSA-2010-0978.html", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.securityfocus.com/bid/45164", "http://cvs.openssl.org/chngview?cn=20131", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471", "http://openssl.org/news/secadv_20101202.txt", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"], "reporter": "cve@mitre.org", "title": "CVE-2010-4180", "type": "cve", "viewCount": 19}, "differentElements": ["affectedSoftware"], "edition": 3, "lastseen": "2020-10-03T11:57:31"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.1c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "le", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.2b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.4"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7a"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2010-4180"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-Other"], "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T13:56:16", "references": [{"idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"], "type": "suse"}, {"idList": ["USN-1029-1"], "type": "ubuntu"}, {"idList": ["SSA-2010-340-01"], "type": "slackware"}, {"idList": ["SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-2141-1:4DDA2"], "type": "debian"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-4180"], "type": "openssl"}, {"idList": ["CESA-2010:0978", "CESA-2010:0977"], "type": "centos"}, {"idList": ["OPENVAS:831275", "OPENVAS:862721", "OPENVAS:1361412562310880636", "OPENVAS:870370", "OPENVAS:136141256231068671", "OPENVAS:840550", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310831275"], "type": "openvas"}, {"idList": ["SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "FEDORA_2010-18736.NASL", "REDHAT-RHSA-2010-0979.NASL", "SUSE_OPENSSL-7463.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL"], "type": "nessus"}, {"idList": ["RHSA-2010:0978", "RHSA-2010:0977", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["F5:K12853", "SOL12853", "F5:K12543", "SOL12543"], "type": "f5"}], "rev": 2}, "score": {"modified": "2020-09-21T13:56:16", "rev": 2, "value": 5.9, "vector": "NONE"}}, "hash": "e48e4f2b5045ea957fec8e4354edaad93577a23d0c942acb63406ce3d9484619", "hashmap": [{"hash": "4ebf797c97a61aac94164dc1dade7f39", "key": "title"}, {"hash": "43128c5a054024ab48ecf4015fb64c96", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "b4dc45cd2b319d3cc231d066d5d51d5b", "key": "href"}, {"hash": "5b2ebee38202b7ec3e6807a30a91f66d", "key": "published"}, {"hash": "78a7a5cbaf09985c14389298e454e7db", "key": "cwe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1376299678e4b22a45cbb6e661929c18", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "245b58f1cca0f96b2922fa1f24ad9b3f", "key": "cpe"}, {"hash": "1f962b0aa5429099eaa800f9f2f45c81", "key": "cvelist"}, {"hash": "00699c06d8c412302f90ca117a10a72e", "key": "description"}, {"hash": "88ebb8603442ccb28bba5e2600567735", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cc171cfc040908abfd1e12ea0468f5d8", "key": "affectedSoftware"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4180", "id": "CVE-2010-4180", "lastseen": "2020-09-21T13:56:16", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2010-12-06T21:05:00", "references": ["http://secunia.com/advisories/44269", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "http://www.vupen.com/english/advisories/2010/3120", "http://secunia.com/advisories/42473", "http://ubuntu.com/usn/usn-1029-1", "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "http://www.vupen.com/english/advisories/2011/0076", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/43170", "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "http://www.vupen.com/english/advisories/2010/3122", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html", "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "http://secunia.com/advisories/42811", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html", "http://secunia.com/advisories/43172", "http://www.vupen.com/english/advisories/2011/0032", "http://secunia.com/advisories/42469", "http://secunia.com/advisories/43173", "http://www.securitytracker.com/id?1024822", "http://www.vupen.com/english/advisories/2010/3134", "http://osvdb.org/69565", "http://secunia.com/advisories/42620", "http://secunia.com/advisories/43169", "http://www.vupen.com/english/advisories/2010/3188", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248", "http://www.vupen.com/english/advisories/2011/0268", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "http://www.securityfocus.com/archive/1/522176", "http://secunia.com/advisories/42571", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.redhat.com/support/errata/RHSA-2010-0979.html", "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "http://secunia.com/advisories/42493", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://www.debian.org/security/2011/dsa-2141", "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.redhat.com/support/errata/RHSA-2010-0977.html", "http://secunia.com/advisories/42877", "http://secunia.com/advisories/43171", "http://www.redhat.com/support/errata/RHSA-2010-0978.html", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.securityfocus.com/bid/45164", "http://cvs.openssl.org/chngview?cn=20131", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471", "http://openssl.org/news/secadv_20101202.txt", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"], "reporter": "cve@mitre.org", "title": "CVE-2010-4180", "type": "cve", "viewCount": 16}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T13:56:16"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.1c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "le", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.2b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.4"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7a"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "versionEndIncluding": "0.9.8p", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2010-4180"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-Other"], "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-12-09T19:34:44", "references": [{"idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"], "type": "suse"}, {"idList": ["USN-1029-1"], "type": "ubuntu"}, {"idList": ["FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27"], "type": "fedora"}, {"idList": ["SSA-2010-340-01"], "type": "slackware"}, {"idList": ["OPENVAS:880636", "OPENVAS:831275", "OPENVAS:1361412562310880636", "OPENVAS:68671", "OPENVAS:136141256231068671", "OPENVAS:840550", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310831275"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-2141-1:4DDA2"], "type": "debian"}, {"idList": ["SUSE_OPENSSL-7462.NASL", "FEDORA_2010-18736.NASL", "SUSE_OPENSSL-7463.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "SOLARIS10_146857-01.NASL", "SUSE9_12701.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL"], "type": "nessus"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-4180"], "type": "openssl"}, {"idList": ["CESA-2010:0978", "CESA-2010:0977"], "type": "centos"}, {"idList": ["RHSA-2010:0978", "RHSA-2010:0977", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["F5:K12853", "SOL12853", "F5:K12543", "SOL12543"], "type": "f5"}], "rev": 2}, "score": {"modified": "2020-12-09T19:34:44", "rev": 2, "value": 5.9, "vector": "NONE"}}, "extraReferences": [], "hash": "0f77ba89d29eb620a41bb0d085738d64f2685c98c647a17bbc04e700fa7f42dd", "hashmap": [{"hash": "2d33c984e99bf26302f2831ecb17d17e", "key": "cpeConfiguration"}, {"hash": "4ebf797c97a61aac94164dc1dade7f39", "key": "title"}, {"hash": "43128c5a054024ab48ecf4015fb64c96", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "b4dc45cd2b319d3cc231d066d5d51d5b", "key": "href"}, {"hash": "5b2ebee38202b7ec3e6807a30a91f66d", "key": "published"}, {"hash": "78a7a5cbaf09985c14389298e454e7db", "key": "cwe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1376299678e4b22a45cbb6e661929c18", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "245b58f1cca0f96b2922fa1f24ad9b3f", "key": "cpe"}, {"hash": "1f962b0aa5429099eaa800f9f2f45c81", "key": "cvelist"}, {"hash": "00699c06d8c412302f90ca117a10a72e", "key": "description"}, {"hash": "88ebb8603442ccb28bba5e2600567735", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cc171cfc040908abfd1e12ea0468f5d8", "key": "affectedSoftware"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4180", "id": "CVE-2010-4180", "lastseen": "2020-12-09T19:34:44", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2010-12-06T21:05:00", "references": ["http://secunia.com/advisories/44269", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "http://www.vupen.com/english/advisories/2010/3120", "http://secunia.com/advisories/42473", "http://ubuntu.com/usn/usn-1029-1", "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "http://www.vupen.com/english/advisories/2011/0076", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/43170", "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "http://www.vupen.com/english/advisories/2010/3122", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html", "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "http://secunia.com/advisories/42811", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html", "http://secunia.com/advisories/43172", "http://www.vupen.com/english/advisories/2011/0032", "http://secunia.com/advisories/42469", "http://secunia.com/advisories/43173", "http://www.securitytracker.com/id?1024822", "http://www.vupen.com/english/advisories/2010/3134", "http://osvdb.org/69565", "http://secunia.com/advisories/42620", "http://secunia.com/advisories/43169", "http://www.vupen.com/english/advisories/2010/3188", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248", "http://www.vupen.com/english/advisories/2011/0268", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "http://www.securityfocus.com/archive/1/522176", "http://secunia.com/advisories/42571", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.redhat.com/support/errata/RHSA-2010-0979.html", "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "http://secunia.com/advisories/42493", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://www.debian.org/security/2011/dsa-2141", "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.redhat.com/support/errata/RHSA-2010-0977.html", "http://secunia.com/advisories/42877", "http://secunia.com/advisories/43171", "http://www.redhat.com/support/errata/RHSA-2010-0978.html", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.securityfocus.com/bid/45164", "http://cvs.openssl.org/chngview?cn=20131", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471", "http://openssl.org/news/secadv_20101202.txt", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"], "reporter": "cve@mitre.org", "title": "CVE-2010-4180", "type": "cve", "viewCount": 19}, "differentElements": ["extraReferences"], "edition": 5, "lastseen": "2020-12-09T19:34:44"}, {"bulletin": {"affectedSoftware": [{"name": "openssl openssl", "operator": "eq", "version": "0.9.5a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7b"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7f"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6d"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6m"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8n"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.3"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8e"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7j"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.2b"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6g"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.5"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8m"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8d"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8g"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6b"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8k"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7k"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8h"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.4"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7g"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0b"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7l"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7m"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7d"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6f"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8o"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8a"}, {"name": "openssl openssl", "operator": "le", "version": "0.9.8p"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6k"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6c"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7i"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8l"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6h"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.1c"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.3a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6e"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6l"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8i"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7e"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7h"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6j"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8f"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.6i"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7c"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.7a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8j"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8b"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8c"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cvelist": ["CVE-2010-4180"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["NVD-CWE-Other"], "description": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:10:32", "references": [{"idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"], "type": "suse"}, {"idList": ["USN-1029-1"], "type": "ubuntu"}, {"idList": ["SSA-2010-340-01"], "type": "slackware"}, {"idList": ["SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-2141-1:4DDA2"], "type": "debian"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-4180"], "type": "openssl"}, {"idList": ["CESA-2010:0978", "CESA-2010:0977"], "type": "centos"}, {"idList": ["SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "FEDORA_2010-18736.NASL", "REDHAT-RHSA-2010-0979.NASL", "SUSE_OPENSSL-7463.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL"], "type": "nessus"}, {"idList": ["RHSA-2010:0978", "RHSA-2010:0977", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["OPENVAS:880636", "OPENVAS:831275", "OPENVAS:862721", "OPENVAS:1361412562310880636", "OPENVAS:870370", "OPENVAS:136141256231068671", "OPENVAS:840550", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310831275"], "type": "openvas"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["F5:K12853", "SOL12853", "F5:K12543", "SOL12543"], "type": "f5"}], "rev": 2}, "score": {"modified": "2019-05-29T18:10:32", "rev": 2, "value": 5.9, "vector": "NONE"}}, "hash": "7b24f79c70f426a97aedde4d01038dd587bc18ad8be25e832179155d0fb68f1b", "hashmap": [{"hash": "4ebf797c97a61aac94164dc1dade7f39", "key": "title"}, {"hash": "e365a7f70d2d6b4c0a94fb196a9b6be5", "key": "affectedSoftware"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "06774afb20d80ee711716989c2b9a16e", "key": "cpe"}, {"hash": "b4dc45cd2b319d3cc231d066d5d51d5b", "key": "href"}, {"hash": "5b2ebee38202b7ec3e6807a30a91f66d", "key": "published"}, {"hash": "78a7a5cbaf09985c14389298e454e7db", "key": "cwe"}, {"hash": "47d065bd54ed6b5ef0b3809122988772", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1376299678e4b22a45cbb6e661929c18", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1f962b0aa5429099eaa800f9f2f45c81", "key": "cvelist"}, {"hash": "00699c06d8c412302f90ca117a10a72e", "key": "description"}, {"hash": "88ebb8603442ccb28bba5e2600567735", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4180", "id": "CVE-2010-4180", "lastseen": "2019-05-29T18:10:32", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2010-12-06T21:05:00", "references": ["http://secunia.com/advisories/44269", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "http://www.vupen.com/english/advisories/2010/3120", "http://secunia.com/advisories/42473", "http://ubuntu.com/usn/usn-1029-1", "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "http://www.vupen.com/english/advisories/2011/0076", "http://support.apple.com/kb/HT4723", "http://www.kb.cert.org/vuls/id/737740", "http://secunia.com/advisories/43170", "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "http://www.vupen.com/english/advisories/2010/3122", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html", "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "http://secunia.com/advisories/42811", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html", "http://secunia.com/advisories/43172", "http://www.vupen.com/english/advisories/2011/0032", "http://secunia.com/advisories/42469", "http://secunia.com/advisories/43173", "http://www.securitytracker.com/id?1024822", "http://www.vupen.com/english/advisories/2010/3134", "http://osvdb.org/69565", "http://secunia.com/advisories/42620", "http://secunia.com/advisories/43169", "http://www.vupen.com/english/advisories/2010/3188", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248", "http://www.vupen.com/english/advisories/2011/0268", "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "http://www.securityfocus.com/archive/1/522176", "http://secunia.com/advisories/42571", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.redhat.com/support/errata/RHSA-2010-0979.html", "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "http://secunia.com/advisories/42493", "http://marc.info/?l=bugtraq&m=129916880600544&w=2", "http://www.debian.org/security/2011/dsa-2141", "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.redhat.com/support/errata/RHSA-2010-0977.html", "http://secunia.com/advisories/42877", "http://secunia.com/advisories/43171", "http://www.redhat.com/support/errata/RHSA-2010-0978.html", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://www.securityfocus.com/bid/45164", "http://cvs.openssl.org/chngview?cn=20131", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471", "http://openssl.org/news/secadv_20101202.txt", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"], "reporter": "cve@mitre.org", "title": "CVE-2010-4180", "type": "cve", "viewCount": 15}, "differentElements": ["cpe23", "cpe", "affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:10:32"}], "edition": 7, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "cc171cfc040908abfd1e12ea0468f5d8"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "245b58f1cca0f96b2922fa1f24ad9b3f"}, {"key": "cpe23", "hash": "43128c5a054024ab48ecf4015fb64c96"}, {"key": "cpeConfiguration", "hash": "4a73dbe3c95bec8a14536bcef8fed477"}, {"key": "cvelist", "hash": "1f962b0aa5429099eaa800f9f2f45c81"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "1376299678e4b22a45cbb6e661929c18"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "00699c06d8c412302f90ca117a10a72e"}, {"key": "extraReferences", "hash": "d34fc439086c4e43d2c013a5dc706d17"}, {"key": "href", "hash": "b4dc45cd2b319d3cc231d066d5d51d5b"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1c9d42c2230e333a31cb0cf90a17569e"}, {"key": "published", "hash": "5b2ebee38202b7ec3e6807a30a91f66d"}, {"key": "references", "hash": "88ebb8603442ccb28bba5e2600567735"}, {"key": "reporter", "hash": "0af63656781e575c5eddac3fecf2a03b"}, {"key": "title", "hash": "4ebf797c97a61aac94164dc1dade7f39"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "acaa9790f0ccdf2e66c39a7eadb38b99050bb11c93288374b7d236833fbcf049", "viewCount": 45, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-4180"]}, {"type": "f5", "idList": ["SOL12543", "F5:K12543", "SOL12853", "F5:K12853"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0977/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/"]}, {"type": "nessus", "idList": ["SUSE_LIBCURL4-8618.NASL", "OPENSUSE-2012-76.NASL", "REDHAT-RHSA-2010-0977.NASL", "ORACLELINUX_ELSA-2010-0977.NASL", "FEDORA_2010-18736.NASL", "OPENSSL_1_0_0C.NASL", "UBUNTU_USN-1029-1.NASL", "REDHAT-RHSA-2010-0979.NASL", "SUSE_COMPAT-OPENSSL097G-7645.NASL", "SLACKWARE_SSA_2010-340-01.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "5720.PRM", "REDHAT-RHSA-2010-0978.NASL", "SOLARIS10_146857-01.NASL", "801055.PRM", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_4_COMPAT-OPENSSL097G-110721.NASL", "ORACLELINUX_ELSA-2010-0978.NASL", "SL_20101213_OPENSSL_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SUSE_11_4_CURL-120124.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "CENTOS_RHSA-2010-0978.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "FEDORA_2010-18765.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "CENTOS_RHSA-2010-0977.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE9_12701.NASL", "DEBIAN_DSA-2141.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL"]}, {"type": "redhat", "idList": ["RHSA-2010:0977", "RHSA-2010:0978", "RHSA-2010:0979"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863499", "OPENVAS:1361412562310122287", "OPENVAS:840550", "OPENVAS:1361412562310881366", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310880636", "OPENVAS:880636", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310880460", "OPENVAS:870370", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310122262", "OPENVAS:881366", "OPENVAS:863499", "OPENVAS:1361412562310835251", "OPENVAS:136141256231068671", "OPENVAS:831275", "OPENVAS:862721", "OPENVAS:1361412562310840550", "OPENVAS:862849", "OPENVAS:68671", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310862737", "OPENVAS:880460", "OPENVAS:1361412562310870372", "OPENVAS:870372", "OPENVAS:1361412562310831275", "OPENVAS:862737", "OPENVAS:835251"]}, {"type": "slackware", "idList": ["SSA-2010-340-01"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0978", "ELSA-2010-0977", "ELSA-2010-0979"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11284", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:25258"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2141-1:4DDA2"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906", "FEDORA:564D5110A27", "FEDORA:9DFF1E720F"]}, {"type": "centos", "idList": ["CESA-2010:0977", "CESA-2010:0978"]}, {"type": "ubuntu", "idList": ["USN-1029-1"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0845-1", "SUSE-SU-2011:0847-1"]}], "modified": "2021-04-21T20:54:24", "rev": 2}, "score": {"value": 5.7, "vector": "NONE", "modified": "2021-04-21T20:54:24", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.8p"], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8e"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.1c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "le", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8f"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.3"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8g"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.6i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.2b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.4"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.5"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8d"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.7a"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "0.9.8p", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "HPSBUX02638", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2"}, {"name": "43173", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43173"}, {"name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4723"}, {"name": "RHSA-2010:0978", "refsource": "REDHAT", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0978.html"}, {"name": "VU#737740", "refsource": "CERT-VN", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/737740"}, {"name": "SSRT100817", "refsource": "HP", "tags": [], "url": "http://www.securityfocus.com/archive/1/522176"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "SUSE-SR:2011:009", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"}, {"name": "ADV-2011-0076", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0076"}, {"name": "http://cvs.openssl.org/chngview?cn=20131", "refsource": "CONFIRM", "tags": ["Patch"], "url": "http://cvs.openssl.org/chngview?cn=20131"}, {"name": "43169", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43169"}, {"name": "42811", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42811"}, {"name": "openSUSE-SU-2011:0845", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"}, {"name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", "refsource": "CONFIRM", "tags": [], "url": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST"}, {"name": "MDVSA-2010:248", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248"}, {"name": "SUSE-SU-2011:0847", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"}, {"name": "43172", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43172"}, {"name": "HPSBHF02706", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2"}, {"name": "SSRT100475", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"}, {"name": "SSA:2010-340-01", "refsource": "SLACKWARE", "tags": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471"}, {"name": "FEDORA-2010-18736", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=659462", "refsource": "CONFIRM", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=659462"}, {"name": "ADV-2010-3122", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3122"}, {"name": "44269", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44269"}, {"name": "ADV-2010-3188", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3188"}, {"name": "oval:org.mitre.oval:def:18910", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"}, {"name": "RHSA-2010:0979", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0979.html"}, {"name": "42620", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42620"}, {"name": "42469", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42469"}, {"name": "45164", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/45164"}, {"name": "RHSA-2011:0896", "refsource": "REDHAT", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"}, {"name": "FEDORA-2010-18765", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html"}, {"name": "USN-1029-1", "refsource": "UBUNTU", "tags": [], "url": "http://ubuntu.com/usn/usn-1029-1"}, {"name": "42877", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42877"}, {"name": "42473", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42473"}, {"name": "43170", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43170"}, {"name": "42571", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42571"}, {"name": "ADV-2010-3120", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3120"}, {"name": "1024822", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1024822"}, {"name": "ADV-2010-3134", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3134"}, {"name": "RHSA-2010:0977", "refsource": "REDHAT", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"}, {"name": "42493", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42493"}, {"name": "43171", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43171"}, {"name": "DSA-2141", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2011/dsa-2141"}, {"name": "69565", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/69565"}, {"name": "ADV-2011-0032", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0032"}, {"name": "http://openssl.org/news/secadv_20101202.txt", "refsource": "CONFIRM", "tags": ["Patch"], "url": "http://openssl.org/news/secadv_20101202.txt"}, {"name": "SUSE-SR:2011:001", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"}, {"name": "ADV-2011-0268", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0268"}], "immutableFields": []}, {"id": "CVE-2011-0014", "bulletinFamily": "NVD", "title": "CVE-2011-0014", "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka \"OCSP stapling vulnerability.\"", "published": "2011-02-19T01:00:00", "modified": "2017-09-19T01:31:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0014", "reporter": "secalert@redhat.com", "references": ["http://secunia.com/advisories/44269", "http://www.vupen.com/english/advisories/2011/0399", "http://www.vupen.com/english/advisories/2011/0389", "http://www.vupen.com/english/advisories/2011/0603", "http://support.apple.com/kb/HT4723", "http://www.openssl.org/news/secadv_20110208.txt", "http://marc.info/?l=bugtraq&m=131042179515633&w=2", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43286", "http://secunia.com/advisories/43301", "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc", "http://osvdb.org/70847", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028", "http://secunia.com/advisories/43227", "http://secunia.com/advisories/57353", "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823", "http://www.vupen.com/english/advisories/2011/0361", "http://www.vupen.com/english/advisories/2011/0395", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.ubuntu.com/usn/USN-1064-1", "http://www.securityfocus.com/bid/46264", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.securitytracker.com/id?1025050", "http://www.vupen.com/english/advisories/2011/0387", "http://www.redhat.com/support/errata/RHSA-2011-0677.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html", "http://www.debian.org/security/2011/dsa-2162", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "https://support.f5.com/csp/article/K10534046", "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "http://secunia.com/advisories/43339"], "cvelist": ["CVE-2011-0014"], "type": "cve", "lastseen": "2021-04-22T23:19:29", "history": [{"bulletin": {"affectedSoftware": [{"name": "openssl openssl", "operator": "eq", "version": "1.0.0"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8q"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8n"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8m"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0c"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8k"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8h"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8p"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0b"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8o"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8l"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8i"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8j"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cvelist": ["CVE-2011-0014"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka \"OCSP stapling vulnerability.\"", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-07-09T18:05:12", "references": [{"idList": ["F5:K10534046"], "type": "f5"}, {"idList": ["VMSA-2012-0013"], "type": "vmware"}, {"idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["RHSA-2011:0677"], "type": "redhat"}, {"idList": ["OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:831330", "OPENVAS:68997", "OPENVAS:1361412562310831330", "OPENVAS:840589", "OPENVAS:136141256231068997", "OPENVAS:1361412562310863070", "OPENVAS:68921", "OPENVAS:870609"], "type": "openvas"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["ELSA-2019-4581", "ELSA-2016-3621", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-5865.NASL", "UBUNTU_USN-1064-1.NASL", "FEDORA_2011-5878.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL"], "type": "nessus"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2011-0014"], "type": "openssl"}], "rev": 2}, "score": {"modified": "2019-07-09T18:05:12", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "d20a10f5839b743c78d2a1bbdecd35caaac5720a36752e4156803b37b7e8b2e2", "hashmap": [{"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "af21ce135bae86c6ad2eb405a5fe689f", "key": "cpe23"}, {"hash": "8144372688c39678ecd6d9ad3ace06d0", "key": "cpe"}, {"hash": "84f73c2d7580cd8151521923c80f1cd2", "key": "references"}, {"hash": "f624b305a2a1e24250a3007f9058e19e", "key": "cvelist"}, {"hash": "562c5a6b098bef7b7e5c34877449f287", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "c0c7e07c7dd2de61c11ae797a79ac7b3", "key": "description"}, {"hash": "6edc198430a697a72b7b70c705de62cf", "key": "title"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "5925b88cb07fc3ddb8ff0dab0758a488", "key": "affectedSoftware"}, {"hash": "6dc3d4f33aeb5e7aef8e473165b49c85", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0014", "id": "CVE-2011-0014", "lastseen": "2019-07-09T18:05:12", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2011-02-19T01:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.vupen.com/english/advisories/2011/0399", "http://www.vupen.com/english/advisories/2011/0389", "http://www.vupen.com/english/advisories/2011/0603", "http://support.apple.com/kb/HT4723", "http://www.openssl.org/news/secadv_20110208.txt", "http://marc.info/?l=bugtraq&m=131042179515633&w=2", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43286", "http://secunia.com/advisories/43301", "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc", "http://osvdb.org/70847", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028", "http://secunia.com/advisories/43227", "http://secunia.com/advisories/57353", "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823", "http://www.vupen.com/english/advisories/2011/0361", "http://www.vupen.com/english/advisories/2011/0395", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.ubuntu.com/usn/USN-1064-1", "http://www.securityfocus.com/bid/46264", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.securitytracker.com/id?1025050", "http://www.vupen.com/english/advisories/2011/0387", "http://www.redhat.com/support/errata/RHSA-2011-0677.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html", "http://www.debian.org/security/2011/dsa-2162", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "https://support.f5.com/csp/article/K10534046", "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "http://secunia.com/advisories/43339"], "reporter": "cve@mitre.org", "title": "CVE-2011-0014", "type": "cve", "viewCount": 7}, "differentElements": ["affectedSoftware"], "edition": 2, "lastseen": "2019-07-09T18:05:12"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8q"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-0014"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka \"OCSP stapling vulnerability.\"", "edition": 5, "enchantments": {"dependencies": {"modified": "2021-02-02T05:50:57", "references": [{"idList": ["F5:K10534046"], "type": "f5"}, {"idList": ["VMSA-2012-0013"], "type": "vmware"}, {"idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["RHSA-2011:0677"], "type": "redhat"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["FEDORA:C42A8110D0A", "FEDORA:C9F3119737F", "FEDORA:6B3FC110D28", "FEDORA:9DFF1E720F", "FEDORA:144BA1104EC", "FEDORA:564D5110A27"], "type": "fedora"}, {"idList": ["OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:831330", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310840589", "OPENVAS:840589", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310870609", "OPENVAS:68921", "OPENVAS:870609"], "type": "openvas"}, {"idList": ["ELSA-2019-4581", "ELSA-2016-3621", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2011-0014"], "type": "openssl"}, {"idList": ["SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "FEDORA_2011-5865.NASL", "UBUNTU_USN-1064-1.NASL", "FEDORA_2011-1255.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2021-02-02T05:50:57", "rev": 2, "value": 5.5, "vector": "NONE"}}, "extraReferences": [{"name": "46264", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/46264"}, {"name": "70847", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/70847"}, {"name": "ADV-2011-0389", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0389"}, {"name": "43301", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43301"}, {"name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4723"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "oval:org.mitre.oval:def:18985", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985"}, {"name": "ADV-2011-0603", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2011/0603"}, {"name": "1025050", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1025050"}, {"name": "43286", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43286"}, {"name": "http://www.openssl.org/news/secadv_20110208.txt", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.openssl.org/news/secadv_20110208.txt"}, {"name": "43227", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43227"}, {"name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "FEDORA-2011-1273", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"}, {"name": "44269", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/44269"}, {"name": "57353", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/57353"}, {"name": "NetBSD-SA2011-002", "refsource": "NETBSD", "tags": [], "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc"}, {"name": "ADV-2011-0387", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0387"}, {"name": "SSRT100475", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"}, {"name": "DSA-2162", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2011/dsa-2162"}, {"name": "ADV-2011-0395", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0395"}, {"name": "SSA:2011-041-04", "refsource": "SLACKWARE", "tags": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823"}, {"name": "SUSE-SR:2011:005", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"name": "ADV-2011-0399", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0399"}, {"name": "USN-1064-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-1064-1"}, {"name": "MDVSA-2011:028", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "refsource": "CONFIRM", "tags": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"}, {"name": "HPSBUX02689", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=131042179515633&w=2"}, {"name": "https://support.f5.com/csp/article/K10534046", "refsource": "CONFIRM", "tags": [], "url": "https://support.f5.com/csp/article/K10534046"}, {"name": "ADV-2011-0361", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0361"}, {"name": "RHSA-2011:0677", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0677.html"}, {"name": "43339", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43339"}], "hash": "a0b0ff71b72d25a759480a5ce244e936c9f4c19dd66ce75449fa510a6a2b8f24", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "035d16e64b1c0897e8b659c342b977ce", "key": "affectedSoftware"}, {"hash": "35bb81cbc054972cd09f7345ceb8d47c", "key": "extraReferences"}, {"hash": "2a038a80cca6301890113f613521668e", "key": "cpeConfiguration"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "af21ce135bae86c6ad2eb405a5fe689f", "key": "cpe23"}, {"hash": "8144372688c39678ecd6d9ad3ace06d0", "key": "cpe"}, {"hash": "84f73c2d7580cd8151521923c80f1cd2", "key": "references"}, {"hash": "f624b305a2a1e24250a3007f9058e19e", "key": "cvelist"}, {"hash": "562c5a6b098bef7b7e5c34877449f287", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "c0c7e07c7dd2de61c11ae797a79ac7b3", "key": "description"}, {"hash": "6edc198430a697a72b7b70c705de62cf", "key": "title"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "6dc3d4f33aeb5e7aef8e473165b49c85", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0014", "id": "CVE-2011-0014", "immutableFields": [], "lastseen": "2021-02-02T05:50:57", "modified": "2017-09-19T01:31:00", "objectVersion": "1.5", "published": "2011-02-19T01:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.vupen.com/english/advisories/2011/0399", "http://www.vupen.com/english/advisories/2011/0389", "http://www.vupen.com/english/advisories/2011/0603", "http://support.apple.com/kb/HT4723", "http://www.openssl.org/news/secadv_20110208.txt", "http://marc.info/?l=bugtraq&m=131042179515633&w=2", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43286", "http://secunia.com/advisories/43301", "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc", "http://osvdb.org/70847", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028", "http://secunia.com/advisories/43227", "http://secunia.com/advisories/57353", "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823", "http://www.vupen.com/english/advisories/2011/0361", "http://www.vupen.com/english/advisories/2011/0395", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.ubuntu.com/usn/USN-1064-1", "http://www.securityfocus.com/bid/46264", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.securitytracker.com/id?1025050", "http://www.vupen.com/english/advisories/2011/0387", "http://www.redhat.com/support/errata/RHSA-2011-0677.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html", "http://www.debian.org/security/2011/dsa-2162", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "https://support.f5.com/csp/article/K10534046", "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "http://secunia.com/advisories/43339"], "reporter": "cve@mitre.org", "title": "CVE-2011-0014", "type": "cve", "viewCount": 11}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 5, "lastseen": "2021-02-02T05:50:57"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8q"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-0014"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka \"OCSP stapling vulnerability.\"", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-10-03T11:39:22", "references": [{"idList": ["F5:K10534046"], "type": "f5"}, {"idList": ["VMSA-2012-0013"], "type": "vmware"}, {"idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["RHSA-2011:0677"], "type": "redhat"}, {"idList": ["OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:831330", "OPENVAS:68997", "OPENVAS:1361412562310831330", "OPENVAS:840589", "OPENVAS:136141256231068997", "OPENVAS:1361412562310863070", "OPENVAS:68921", "OPENVAS:870609"], "type": "openvas"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["DEBIAN_DSA-2162.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-5865.NASL", "UBUNTU_USN-1064-1.NASL", "FEDORA_2011-5878.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL"], "type": "nessus"}, {"idList": ["ELSA-2019-4581", "ELSA-2016-3621", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2011-0014"], "type": "openssl"}], "rev": 2}, "score": {"modified": "2020-10-03T11:39:22", "rev": 2, "value": 5.5, "vector": "NONE"}}, "extraReferences": [], "hash": "c55157ef225c324ac760fcc50ff367e5336acb7e9640c2f9cd5c344fc6a6ea88", "hashmap": [{"hash": "035d16e64b1c0897e8b659c342b977ce", "key": "affectedSoftware"}, {"hash": "2a038a80cca6301890113f613521668e", "key": "cpeConfiguration"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "af21ce135bae86c6ad2eb405a5fe689f", "key": "cpe23"}, {"hash": "8144372688c39678ecd6d9ad3ace06d0", "key": "cpe"}, {"hash": "84f73c2d7580cd8151521923c80f1cd2", "key": "references"}, {"hash": "f624b305a2a1e24250a3007f9058e19e", "key": "cvelist"}, {"hash": "562c5a6b098bef7b7e5c34877449f287", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "c0c7e07c7dd2de61c11ae797a79ac7b3", "key": "description"}, {"hash": "6edc198430a697a72b7b70c705de62cf", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "6dc3d4f33aeb5e7aef8e473165b49c85", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0014", "id": "CVE-2011-0014", "lastseen": "2020-10-03T11:39:22", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2011-02-19T01:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.vupen.com/english/advisories/2011/0399", "http://www.vupen.com/english/advisories/2011/0389", "http://www.vupen.com/english/advisories/2011/0603", "http://support.apple.com/kb/HT4723", "http://www.openssl.org/news/secadv_20110208.txt", "http://marc.info/?l=bugtraq&m=131042179515633&w=2", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43286", "http://secunia.com/advisories/43301", "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc", "http://osvdb.org/70847", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028", "http://secunia.com/advisories/43227", "http://secunia.com/advisories/57353", "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823", "http://www.vupen.com/english/advisories/2011/0361", "http://www.vupen.com/english/advisories/2011/0395", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.ubuntu.com/usn/USN-1064-1", "http://www.securityfocus.com/bid/46264", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.securitytracker.com/id?1025050", "http://www.vupen.com/english/advisories/2011/0387", "http://www.redhat.com/support/errata/RHSA-2011-0677.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html", "http://www.debian.org/security/2011/dsa-2162", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "https://support.f5.com/csp/article/K10534046", "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "http://secunia.com/advisories/43339"], "reporter": "cve@mitre.org", "title": "CVE-2011-0014", "type": "cve", "viewCount": 9}, "differentElements": ["extraReferences"], "edition": 4, "lastseen": "2020-10-03T11:39:22"}, {"bulletin": {"affectedSoftware": [{"name": "openssl openssl", "operator": "eq", "version": "1.0.0"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8q"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8n"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8m"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0c"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8k"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8h"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8p"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0b"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8o"}, {"name": "openssl openssl", "operator": "eq", "version": "1.0.0a"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8l"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8i"}, {"name": "openssl openssl", "operator": "eq", "version": "0.9.8j"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cvelist": ["CVE-2011-0014"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka \"OCSP stapling vulnerability.\"", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:11:04", "references": [{"idList": ["F5:K10534046"], "type": "f5"}, {"idList": ["VMSA-2012-0013"], "type": "vmware"}, {"idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "FEDORA_2011-5865.NASL", "UBUNTU_USN-1064-1.NASL", "FEDORA_2011-5878.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL"], "type": "nessus"}, {"idList": ["RHSA-2011:0677"], "type": "redhat"}, {"idList": ["OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:831330", "OPENVAS:68997", "OPENVAS:1361412562310831330", "OPENVAS:840589", "OPENVAS:136141256231068997", "OPENVAS:1361412562310863070", "OPENVAS:68921", "OPENVAS:870609"], "type": "openvas"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["ELSA-2019-4581", "ELSA-2016-3621", "ELSA-2011-0677", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2011-0014"], "type": "openssl"}]}, "score": {"modified": "2019-05-29T18:11:04", "value": 5.5, "vector": "NONE"}}, "hash": "dbaa4ccfe8ab62c96568ce4f3d83cf821905d99b1d8d70583bd892efae23df28", "hashmap": [{"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "af21ce135bae86c6ad2eb405a5fe689f", "key": "cpe23"}, {"hash": "8144372688c39678ecd6d9ad3ace06d0", "key": "cpe"}, {"hash": "f624b305a2a1e24250a3007f9058e19e", "key": "cvelist"}, {"hash": "562c5a6b098bef7b7e5c34877449f287", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "c0c7e07c7dd2de61c11ae797a79ac7b3", "key": "description"}, {"hash": "6edc198430a697a72b7b70c705de62cf", "key": "title"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "5925b88cb07fc3ddb8ff0dab0758a488", "key": "affectedSoftware"}, {"hash": "6dc3d4f33aeb5e7aef8e473165b49c85", "key": "published"}, {"hash": "4b2addb1f26859e039d860184411ec82", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0014", "id": "CVE-2011-0014", "lastseen": "2019-05-29T18:11:04", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2011-02-19T01:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.vupen.com/english/advisories/2011/0399", "http://www.vupen.com/english/advisories/2011/0389", "http://www.vupen.com/english/advisories/2011/0603", "http://support.apple.com/kb/HT4723", "http://www.openssl.org/news/secadv_20110208.txt", "http://marc.info/?l=bugtraq&m=131042179515633&w=2", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43286", "http://secunia.com/advisories/43301", "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc", "http://osvdb.org/70847", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028", "http://secunia.com/advisories/43227", "http://secunia.com/advisories/57353", "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823", "http://www.vupen.com/english/advisories/2011/0361", "http://www.vupen.com/english/advisories/2011/0395", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.ubuntu.com/usn/USN-1064-1", "http://www.securityfocus.com/bid/46264", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.securitytracker.com/id?1025050", "http://www.vupen.com/english/advisories/2011/0387", "http://www.redhat.com/support/errata/RHSA-2011-0677.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html", "http://www.debian.org/security/2011/dsa-2162", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "http://secunia.com/advisories/43339"], "reporter": "cve@mitre.org", "title": "CVE-2011-0014", "type": "cve", "viewCount": 1}, "differentElements": ["references"], "edition": 1, "lastseen": "2019-05-29T18:11:04"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8q"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.8p"], "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2011-0014"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka \"OCSP stapling vulnerability.\"", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-09-21T14:01:21", "references": [{"idList": ["F5:K10534046"], "type": "f5"}, {"idList": ["VMSA-2012-0013"], "type": "vmware"}, {"idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["RHSA-2011:0677"], "type": "redhat"}, {"idList": ["OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:831330", "OPENVAS:68997", "OPENVAS:1361412562310831330", "OPENVAS:840589", "OPENVAS:136141256231068997", "OPENVAS:1361412562310863070", "OPENVAS:68921", "OPENVAS:870609"], "type": "openvas"}, {"idList": ["SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-5865.NASL", "UBUNTU_USN-1064-1.NASL", "FEDORA_2011-5878.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL"], "type": "nessus"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["ELSA-2019-4581", "ELSA-2016-3621", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2011-0014"], "type": "openssl"}], "rev": 2}, "score": {"modified": "2020-09-21T14:01:21", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "fe382a75c028724295ca27c0c01d3942daf4c3771d187a564bb95daf4972be54", "hashmap": [{"hash": "035d16e64b1c0897e8b659c342b977ce", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "1c9d42c2230e333a31cb0cf90a17569e", "key": "modified"}, {"hash": "af21ce135bae86c6ad2eb405a5fe689f", "key": "cpe23"}, {"hash": "8144372688c39678ecd6d9ad3ace06d0", "key": "cpe"}, {"hash": "84f73c2d7580cd8151521923c80f1cd2", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "f624b305a2a1e24250a3007f9058e19e", "key": "cvelist"}, {"hash": "562c5a6b098bef7b7e5c34877449f287", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "c0c7e07c7dd2de61c11ae797a79ac7b3", "key": "description"}, {"hash": "6edc198430a697a72b7b70c705de62cf", "key": "title"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "6dc3d4f33aeb5e7aef8e473165b49c85", "key": "published"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0014", "id": "CVE-2011-0014", "lastseen": "2020-09-21T14:01:21", "modified": "2017-09-19T01:31:00", "objectVersion": "1.3", "published": "2011-02-19T01:00:00", "references": ["http://secunia.com/advisories/44269", "http://www.vupen.com/english/advisories/2011/0399", "http://www.vupen.com/english/advisories/2011/0389", "http://www.vupen.com/english/advisories/2011/0603", "http://support.apple.com/kb/HT4723", "http://www.openssl.org/news/secadv_20110208.txt", "http://marc.info/?l=bugtraq&m=131042179515633&w=2", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "http://secunia.com/advisories/43286", "http://secunia.com/advisories/43301", "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc", "http://osvdb.org/70847", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028", "http://secunia.com/advisories/43227", "http://secunia.com/advisories/57353", "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823", "http://www.vupen.com/english/advisories/2011/0361", "http://www.vupen.com/english/advisories/2011/0395", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777", "http://www.ubuntu.com/usn/USN-1064-1", "http://www.securityfocus.com/bid/46264", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.securitytracker.com/id?1025050", "http://www.vupen.com/english/advisories/2011/0387", "http://www.redhat.com/support/errata/RHSA-2011-0677.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html", "http://www.debian.org/security/2011/dsa-2162", "http://marc.info/?l=bugtraq&m=130497251507577&w=2", "https://support.f5.com/csp/article/K10534046", "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "http://secunia.com/advisories/43339"], "reporter": "cve@mitre.org", "title": "CVE-2011-0014", "type": "cve", "viewCount": 7}, "differentElements": ["cpeConfiguration"], "edition": 3, "lastseen": "2020-09-21T14:01:21"}], "edition": 6, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "035d16e64b1c0897e8b659c342b977ce"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "8144372688c39678ecd6d9ad3ace06d0"}, {"key": "cpe23", "hash": "af21ce135bae86c6ad2eb405a5fe689f"}, {"key": "cpeConfiguration", "hash": "f43698f2dcdfead60c18935c97189994"}, {"key": "cvelist", "hash": "f624b305a2a1e24250a3007f9058e19e"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "1c0be0631b7bf4c3a8c83298e68c99eb"}, {"key": "description", "hash": "c0c7e07c7dd2de61c11ae797a79ac7b3"}, {"key": "extraReferences", "hash": "35bb81cbc054972cd09f7345ceb8d47c"}, {"key": "href", "hash": "562c5a6b098bef7b7e5c34877449f287"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1c9d42c2230e333a31cb0cf90a17569e"}, {"key": "published", "hash": "6dc3d4f33aeb5e7aef8e473165b49c85"}, {"key": "references", "hash": "84f73c2d7580cd8151521923c80f1cd2"}, {"key": "reporter", "hash": "0af63656781e575c5eddac3fecf2a03b"}, {"key": "title", "hash": "6edc198430a697a72b7b70c705de62cf"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "7a95f2868b876d8ffa6eee5d9c3a4d418dd3d7e339ee7a0cdd262d5bdbce2033", "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-0014"]}, {"type": "f5", "idList": ["F5:K10534046"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014"]}, {"type": "fedora", "idList": ["FEDORA:C42A8110D0A", "FEDORA:6B3FC110D28", "FEDORA:C9F3119737F", "FEDORA:564D5110A27", "FEDORA:144BA1104EC", "FEDORA:9DFF1E720F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11435", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863499", "OPENVAS:870609", "OPENVAS:1361412562310902466", "OPENVAS:1361412562310122167", "OPENVAS:831330", "OPENVAS:1361412562310862920", "OPENVAS:136141256231068921", "OPENVAS:1361412562310862849", "OPENVAS:863060", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310103558", "OPENVAS:68997", "OPENVAS:136141256231068997", "OPENVAS:840589", "OPENVAS:862920", "OPENVAS:863499", "OPENVAS:1361412562310870609", "OPENVAS:70764", "OPENVAS:103558", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310863060", "OPENVAS:862849", "OPENVAS:863070", "OPENVAS:136141256231070764", "OPENVAS:68921", "OPENVAS:902466"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD", "DEBIAN:BSA-060:0BDFE"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "nessus", "idList": ["HPSMH_7_0_0_24.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-1273.NASL", "801053.PRM", "FEDORA_2011-5876.NASL", "5782.PRM", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL", "FEDORA_2011-5865.NASL", "FEDORA_2011-1255.NASL", "DEBIAN_DSA-2162.NASL", "5968.PRM", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "800790.PRM", "FEDORA_2011-5878.NASL", "UBUNTU_USN-1064-1.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "GENTOO_GLSA-201110-01.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "VMWARE_ESXI_5_0_BUILD_912577_REMOTE.NASL", "VMWARE_VMSA-2012-0013.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "MACOSX_10_6_8.NASL"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-3621", "ELSA-2021-9150", "ELSA-2015-3022", "ELSA-2011-0677", "ELSA-2019-4581", "ELSA-2019-4747"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "vmware", "idList": ["VMSA-2012-0013", "VMSA-2012-0013.2"]}], "modified": "2021-04-22T23:19:29", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-04-22T23:19:29", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.8p"], "affectedSoftware": [{"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0a"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8h"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8m"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0c"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8o"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8q"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0b"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8n"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "1.0.0"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8l"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8i"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8p"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8k"}, {"cpeName": "openssl:openssl", "name": "openssl", "operator": "eq", "version": "0.9.8j"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"], "cwe": ["CWE-399"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "46264", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/46264"}, {"name": "70847", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/70847"}, {"name": "ADV-2011-0389", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0389"}, {"name": "43301", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43301"}, {"name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "tags": [], "url": "http://support.apple.com/kb/HT4723"}, {"name": "HPSBMA02658", "refsource": "HP", "tags": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"}, {"name": "oval:org.mitre.oval:def:18985", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985"}, {"name": "ADV-2011-0603", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2011/0603"}, {"name": "1025050", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1025050"}, {"name": "43286", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43286"}, {"name": "http://www.openssl.org/news/secadv_20110208.txt", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.openssl.org/news/secadv_20110208.txt"}, {"name": "43227", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43227"}, {"name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "FEDORA-2011-1273", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"}, {"name": "44269", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/44269"}, {"name": "57353", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/57353"}, {"name": "NetBSD-SA2011-002", "refsource": "NETBSD", "tags": [], "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc"}, {"name": "ADV-2011-0387", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0387"}, {"name": "SSRT100475", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"}, {"name": "DSA-2162", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2011/dsa-2162"}, {"name": "ADV-2011-0395", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0395"}, {"name": "SSA:2011-041-04", "refsource": "SLACKWARE", "tags": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823"}, {"name": "SUSE-SR:2011:005", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"name": "ADV-2011-0399", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0399"}, {"name": "USN-1064-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-1064-1"}, {"name": "MDVSA-2011:028", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "refsource": "CONFIRM", "tags": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"}, {"name": "HPSBUX02689", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq&m=131042179515633&w=2"}, {"name": "https://support.f5.com/csp/article/K10534046", "refsource": "CONFIRM", "tags": [], "url": "https://support.f5.com/csp/article/K10534046"}, {"name": "ADV-2011-0361", "refsource": "VUPEN", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0361"}, {"name": "RHSA-2011:0677", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0677.html"}, {"name": "43339", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43339"}], "immutableFields": []}], "f5": [{"id": "SOL15013", "hash": "721f835fb2cfe82058666e475af6efef", "type": "f5", "bulletinFamily": "software", "title": "SOL15013 - OpenSSH vulnerability CVE-2011-0539", "description": "Recommended Action\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "published": "2014-02-25T00:00:00", "modified": "2014-02-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/15000/000/sol15013.html", "reporter": "f5", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "cvelist": ["CVE-2011-0539"], "immutableFields": [], "lastseen": "2016-03-19T09:01:57", "history": [{"bulletin": {"id": "SOL15013", "hash": "cd19d7bd18fc2b23df3794e989cac2fd4b720091ff23f580ec070c9b174a47b2", "type": "f5", "bulletinFamily": "software", "title": "SOL15013 - OpenSSH vulnerability CVE-2011-0539", "description": "Recommended Action\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "published": "2014-02-25T00:00:00", "modified": "2014-02-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/15000/000/sol15013.html", "reporter": "f5", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "cvelist": ["CVE-2011-0539"], "immutableFields": [], "lastseen": "2016-03-19T09:01:57", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2016-03-19T09:01:57", "references": [{"idList": ["OPENSSH_58.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310103064", "OPENVAS:103064"], "type": "openvas"}, {"idList": ["UB:CVE-2011-0539"], "type": "ubuntucve"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["CVE-2011-0539"], "type": "cve"}], "rev": 2}, "score": {"modified": "2016-03-19T09:01:57", "rev": 2, "value": 6.1, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss2"], "edition": 1, "lastseen": "2016-03-19T09:01:57"}], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0539"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0539"]}, {"type": "nessus", "idList": ["OPENSSH_58.NASL", "5784.PRM"]}, {"type": "openvas", "idList": ["OPENVAS:103064", "OPENVAS:1361412562310103064"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:26212"]}], "modified": "2016-03-19T09:01:57", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2016-03-19T09:01:57", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}, {"id": "F5:K12566", "hash": "11bd32b8b90a926d1a9b7590fa62b45a", "type": "f5", "bulletinFamily": "software", "title": "OpenSSL vulnerability CVE-2010-3864", "description": "", "published": "2011-01-28T00:19:00", "modified": "2017-03-14T22:07:00", "cvss": {"vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 7.6}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K12566", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-3864"], "immutableFields": [], "lastseen": "2017-06-08T08:16:20", "history": [{"bulletin": {"id": "F5:K12566", "hash": "35aab004389aa0d47a33a102112f09b9f77819c0f19e8a9fb6ec579fd48858d6", "type": "f5", "bulletinFamily": "software", "title": "OpenSSL vulnerability CVE-2010-3864", "description": "", "published": "2011-01-28T00:19:00", "modified": "2017-03-14T22:07:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K12566", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-3864"], "immutableFields": [], "lastseen": "2017-06-08T08:16:20", "history": [], "viewCount": 14, "enchantments": {"dependencies": {"modified": "2017-06-08T08:16:20", "references": [{"idList": ["FEDORA:5429A1108EB", "FEDORA:6B3FC110D28", "FEDORA:7EA761108D8", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:D404110F950"], "type": "fedora"}, {"idList": ["REDHAT-RHSA-2010-0888.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17847.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "FEDORA_2010-17826.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL"], "type": "nessus"}, {"idList": ["SSA-2010-326-01"], "type": "slackware"}, {"idList": ["CVE-2010-3864"], "type": "cve"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["SOL12566"], "type": "f5"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["OPENVAS:136141256231068703", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:862721", "OPENVAS:831251", "OPENVAS:136141256231068673", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:840540"], "type": "openvas"}, {"idList": ["RHSA-2010:0888"], "type": "redhat"}, {"idList": ["ELSA-2019-4581", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["UB:CVE-2010-3864"], "type": "ubuntucve"}, {"idList": ["OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2017-06-08T08:16:20", "rev": 2, "value": 6.3, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss2"], "edition": 1, "lastseen": "2017-06-08T08:16:20"}], "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864"]}, {"type": "cve", "idList": ["CVE-2010-3864"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-3864"]}, {"type": "f5", "idList": ["SOL12566"]}, {"type": "fedora", "idList": ["FEDORA:7EA761108D8", "FEDORA:5429A1108EB", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:D404110F950", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:26596"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310100751", "OPENVAS:1361412562310862631", "OPENVAS:136141256231068703", "OPENVAS:840540", "OPENVAS:68704", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310863499", "OPENVAS:862568", "OPENVAS:1361412562310862737", "OPENVAS:862737", "OPENVAS:136141256231070764", "OPENVAS:902466", "OPENVAS:835251", "OPENVAS:1361412562310862849", "OPENVAS:862721", "OPENVAS:1361412562310831251", "OPENVAS:1361412562310103454", "OPENVAS:1361412562310862920", "OPENVAS:862920", "OPENVAS:831251", "OPENVAS:1361412562310862721", "OPENVAS:863499", "OPENVAS:136141256231068673", "OPENVAS:1361412562310862566", "OPENVAS:68673", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310862568", "OPENVAS:862631", "OPENVAS:68703", "OPENVAS:136141256231068704", "OPENVAS:862566", "OPENVAS:1361412562310902466", "OPENVAS:70764", "OPENVAS:862849", "OPENVAS:103454"]}, {"type": "nessus", "idList": ["800790.PRM", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "DEBIAN_DSA-2125.NASL", "ADOBE_FMS_4_0_2.NASL", "FEDORA_2010-17827.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "5968.PRM", "VMWARE_VMSA-2011-0003_REMOTE.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "VMWARE_VMSA-2011-0003.NASL", "REDHAT-RHSA-2010-0888.NASL", "MACOSX_10_6_8.NASL", "5924.PRM", "GENTOO_GLSA-201110-01.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FEDORA_2010-17826.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "SLACKWARE_SSA_2010-326-01.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "UBUNTU_USN-1018-1.NASL", "FEDORA_2010-17847.NASL"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022", "ELSA-2019-4581"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}], "modified": "2017-06-08T08:16:20", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2017-06-08T08:16:20", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}, {"id": "F5:K12543", "hash": "bc3bd0302125196af1c40f8fa68edf87", "type": "f5", "bulletinFamily": "software", "title": "OpenSSL vulnerability CVE-2010-4180", "description": "", "published": "2011-01-26T22:40:00", "modified": "2017-03-14T22:07:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K12543", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-4180"], "immutableFields": [], "lastseen": "2017-06-08T08:16:46", "history": [{"bulletin": {"id": "F5:K12543", "hash": "bda23352391d8b0dd4d7e216892ccab23d587f0732afc8ea6af24a60199cee35", "type": "f5", "bulletinFamily": "software", "title": "OpenSSL vulnerability CVE-2010-4180", "description": "", "published": "2011-01-26T22:40:00", "modified": "2017-03-14T22:07:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K12543", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-4180"], "immutableFields": [], "lastseen": "2017-06-08T08:16:46", "history": [], "viewCount": 14, "enchantments": {"dependencies": {"modified": "2017-06-08T08:16:46", "references": [{"idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"], "type": "suse"}, {"idList": ["MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0977/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"], "type": "metasploit"}, {"idList": ["USN-1029-1"], "type": "ubuntu"}, {"idList": ["SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "FEDORA_2010-18736.NASL", "REDHAT-RHSA-2010-0979.NASL", "SUSE_OPENSSL-7463.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SOLARIS10_146857-01.NASL", "SUSE9_12701.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL"], "type": "nessus"}, {"idList": ["FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27"], "type": "fedora"}, {"idList": ["SSA-2010-340-01"], "type": "slackware"}, {"idList": ["DEBIAN:DSA-2141-1:4DDA2"], "type": "debian"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"], "type": "oraclelinux"}, {"idList": ["OPENSSL:CVE-2010-4180"], "type": "openssl"}, {"idList": ["OPENVAS:880636", "OPENVAS:831275", "OPENVAS:862721", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310880636", "OPENVAS:68671", "OPENVAS:136141256231068671", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310831275"], "type": "openvas"}, {"idList": ["CESA-2010:0978", "CESA-2010:0977"], "type": "centos"}, {"idList": ["CVE-2010-4180"], "type": "cve"}, {"idList": ["RHSA-2010:0978", "RHSA-2010:0977", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["F5:K12853", "SOL12853", "SOL12543"], "type": "f5"}, {"idList": ["UB:CVE-2010-4180"], "type": "ubuntucve"}], "rev": 2}, "score": {"modified": "2017-06-08T08:16:46", "rev": 2, "value": 6.6, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss2"], "edition": 1, "lastseen": "2017-06-08T08:16:46"}], "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2010-4180"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180"]}, {"type": "f5", "idList": ["F5:K12853", "SOL12853", "SOL12543"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2010-0977/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/"]}, {"type": "nessus", "idList": ["SUSE_COMPAT-OPENSSL097G-7644.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "CENTOS_RHSA-2010-0977.NASL", "SUSE_11_4_CURL-120124.NASL", "REDHAT-RHSA-2010-0979.NASL", "FEDORA_2010-18765.NASL", "SOLARIS10_146857-01.NASL", "DEBIAN_DSA-2141.NASL", "801055.PRM", "SLACKWARE_SSA_2010-340-01.NASL", "REDHAT-RHSA-2010-0978.NASL", "ORACLELINUX_ELSA-2010-0978.NASL", "UBUNTU_USN-1029-1.NASL", "SUSE9_12701.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "5720.PRM", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SOLARIS10_X86_146859-01.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "ORACLELINUX_ELSA-2010-0977.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "REDHAT-RHSA-2010-0977.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "CENTOS_RHSA-2010-0978.NASL", "OPENSSL_1_0_0C.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_4_COMPAT-OPENSSL097G-110721.NASL", "SUSE_OPENSSL-7462.NASL", "OPENSUSE-2012-76.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "SL_20101213_OPENSSL_ON_SL4_X.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_LIBCURL4-8618.NASL", "FEDORA_2010-18736.NASL"]}, {"type": "redhat", "idList": ["RHSA-2010:0979", "RHSA-2010:0977", "RHSA-2010:0978"]}, {"type": "openvas", "idList": ["OPENVAS:881366", "OPENVAS:1361412562310122287", "OPENVAS:136141256231068671", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310831275", "OPENVAS:1361412562310880636", "OPENVAS:870370", "OPENVAS:862737", "OPENVAS:880636", "OPENVAS:835251", "OPENVAS:1361412562310862849", "OPENVAS:831275", "OPENVAS:862721", "OPENVAS:840550", "OPENVAS:1361412562310881366", "OPENVAS:870372", "OPENVAS:1361412562310862920", "OPENVAS:880460", "OPENVAS:1361412562310862721", "OPENVAS:863499", "OPENVAS:68671", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310840550", "OPENVAS:1361412562310870372", "OPENVAS:862849", "OPENVAS:1361412562310880460"]}, {"type": "slackware", "idList": ["SSA-2010-340-01"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2010-0977", "ELSA-2010-0978"]}, {"type": "centos", "idList": ["CESA-2010:0978", "CESA-2010:0977"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28"]}, {"type": "ubuntu", "idList": ["USN-1029-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2141-1:4DDA2"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"]}, {"type": "suse", "idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"]}], "modified": "2017-06-08T08:16:46", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2017-06-08T08:16:46", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}, {"id": "F5:K10534046", "hash": "7944b3b1722bdec217bb246d52c0d972", "type": "f5", "bulletinFamily": "software", "title": "OpenSSL vulnerability CVE-2011-0014", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "published": "2019-06-27T19:30:00", "modified": "2019-06-27T19:30:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K10534046", "reporter": "f5", "references": [], "cvelist": ["CVE-2011-0014"], "immutableFields": [], "lastseen": "2020-04-06T22:39:44", "history": [{"bulletin": {"id": "F5:K10534046", "hash": "d6d5ab682452f94b9a640b0ca21bf8851de7a6f1cb9edaf306899278aae07d26", "type": "f5", "bulletinFamily": "software", "title": "OpenSSL vulnerability CVE-2011-0014", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "published": "2019-06-27T19:30:00", "modified": "2019-06-27T19:30:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K10534046", "reporter": "f5", "references": [], "cvelist": ["CVE-2011-0014"], "immutableFields": [], "lastseen": "2020-04-06T22:39:44", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2020-04-06T22:39:44", "references": [{"idList": ["SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-5865.NASL", "FEDORA_2011-1255.NASL", "FEDORA_2011-5878.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "FEDORA_2011-5876.NASL"], "type": "nessus"}, {"idList": ["VMSA-2012-0013"], "type": "vmware"}, {"idList": ["UB:CVE-2011-0014"], "type": "ubuntucve"}, {"idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["RHSA-2011:0677"], "type": "redhat"}, {"idList": ["ELSA-2019-4581", "ELSA-2016-3621", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2021-9150", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["CVE-2011-0014"], "type": "cve"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["FEDORA:C42A8110D0A", "FEDORA:C9F3119737F", "FEDORA:6B3FC110D28", "FEDORA:9DFF1E720F", "FEDORA:144BA1104EC", "FEDORA:564D5110A27"], "type": "fedora"}, {"idList": ["OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:1361412562310863060", "OPENVAS:68997", "OPENVAS:1361412562310840589", "OPENVAS:840589", "OPENVAS:1361412562310870609", "OPENVAS:68921", "OPENVAS:1361412562310122167", "OPENVAS:863070"], "type": "openvas"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2011-0014"], "type": "openssl"}], "rev": 2}, "score": {"modified": "2020-04-06T22:39:44", "rev": 2, "value": 5.5, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss2"], "edition": 1, "lastseen": "2020-04-06T22:39:44"}], "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0014"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0014"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014"]}, {"type": "fedora", "idList": ["FEDORA:6B3FC110D28", "FEDORA:C9F3119737F", "FEDORA:C42A8110D0A", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:144BA1104EC"]}, {"type": "nessus", "idList": ["5782.PRM", "FEDORA_2011-5878.NASL", "FEDORA_2011-1255.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "REDHAT-RHSA-2011-0677.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "DEBIAN_DSA-2162.NASL", "UBUNTU_USN-1064-1.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "openvas", "idList": ["OPENVAS:863060", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310863060", "OPENVAS:136141256231068921", "OPENVAS:831330", "OPENVAS:870609", "OPENVAS:136141256231068997", "OPENVAS:840589", "OPENVAS:1361412562310840589", "OPENVAS:68921"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11435"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "debian", "idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DSA-2162-1:98AFD"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0677", "ELSA-2021-9150", "ELSA-2019-4747", "ELSA-2019-4581", "ELSA-2015-3022", "ELSA-2016-3621"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "vmware", "idList": ["VMSA-2012-0013", "VMSA-2012-0013.2"]}], "modified": "2020-04-06T22:39:44", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2020-04-06T22:39:44", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}, {"id": "SOL12566", "hash": "b360f43f344a369d384fad3cd5e34ad7", "type": "f5", "bulletinFamily": "software", "title": "SOL12566 - OpenSSL vulnerability CVE-2010-3864", "description": "For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864>\n", "published": "2011-01-27T00:00:00", "modified": "2016-07-25T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/12000/500/sol12566.html", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-3864"], "immutableFields": [], "lastseen": "2016-09-26T17:23:00", "history": [{"bulletin": {"id": "SOL12566", "hash": "cef4fa8180274a429caaf2ad0d9d56bc0dcad965a4e872cea6b02e8b725e6c62", "type": "f5", "bulletinFamily": "software", "title": "SOL12566 - OpenSSL vulnerability CVE-2010-3864", "description": "For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864>\n", "published": "2011-01-27T00:00:00", "modified": "2016-07-25T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/12000/500/sol12566.html", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-3864"], "immutableFields": [], "lastseen": "2016-09-26T17:23:00", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2016-09-26T17:23:00", "references": [{"idList": ["FEDORA:5429A1108EB", "FEDORA:6B3FC110D28", "FEDORA:7EA761108D8", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:D404110F950"], "type": "fedora"}, {"idList": ["SSA-2010-326-01"], "type": "slackware"}, {"idList": ["CVE-2010-3864"], "type": "cve"}, {"idList": ["VU:737740"], "type": "cert"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["OPENVAS:136141256231068703", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:831251", "OPENVAS:68704", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310831251", "OPENVAS:68703", "OPENVAS:840540"], "type": "openvas"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["RHSA-2010:0888"], "type": "redhat"}, {"idList": ["F5:K12566"], "type": "f5"}, {"idList": ["ELSA-2019-4581", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2019-4747", "ELSA-2015-3022"], "type": "oraclelinux"}, {"idList": ["UB:CVE-2010-3864"], "type": "ubuntucve"}, {"idList": ["REDHAT-RHSA-2010-0888.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17847.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL"], "type": "nessus"}, {"idList": ["OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2016-09-26T17:23:00", "rev": 2, "value": 6.1, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss2"], "edition": 1, "lastseen": "2016-09-26T17:23:00"}], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864"]}, {"type": "cve", "idList": ["CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-3864"]}, {"type": "fedora", "idList": ["FEDORA:9DFF1E720F", "FEDORA:D404110F950", "FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:564D5110A27", "FEDORA:5429A1108EB", "FEDORA:7EA761108D8"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:26596"]}, {"type": "nessus", "idList": ["FEDORA_2010-17827.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "5968.PRM", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "800790.PRM", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL", "FEDORA_2010-17847.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "5924.PRM", "SLACKWARE_SSA_2010-326-01.NASL", "VMWARE_VMSA-2011-0003.NASL", "DEBIAN_DSA-2125.NASL", "MACOSX_10_6_8.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "GENTOO_GLSA-201110-01.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "REDHAT-RHSA-2010-0888.NASL", "FEDORA_2010-17826.NASL", "ADOBE_FMS_4_0_2.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "openvas", "idList": ["OPENVAS:68704", "OPENVAS:1361412562310103454", "OPENVAS:862568", "OPENVAS:1361412562310100751", "OPENVAS:862737", "OPENVAS:863499", "OPENVAS:862721", "OPENVAS:68673", "OPENVAS:136141256231068673", "OPENVAS:1361412562310122262", "OPENVAS:136141256231068703", "OPENVAS:1361412562310835251", "OPENVAS:103454", "OPENVAS:1361412562310862849", "OPENVAS:840540", "OPENVAS:862849", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862568", "OPENVAS:68703", "OPENVAS:902466", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310831251", "OPENVAS:862920", "OPENVAS:862631", "OPENVAS:1361412562310862631", "OPENVAS:831251", "OPENVAS:1361412562310902466", "OPENVAS:1361412562310862737", "OPENVAS:136141256231068704", "OPENVAS:835251", "OPENVAS:862566", "OPENVAS:136141256231070764", "OPENVAS:1361412562310862721", "OPENVAS:70764", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862566"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2019-4581", "ELSA-2015-3022", "ELSA-2019-4747", "ELSA-2011-0677"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}], "modified": "2016-09-26T17:23:00", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2016-09-26T17:23:00", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}, {"id": "SOL12543", "hash": "4c3292582a3242dc31b6bb1b009cde3f", "type": "f5", "bulletinFamily": "software", "title": "SOL12543 - OpenSSL vulnerability CVE-2010-4180", "description": "Vulnerability description\n\nOpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180>\n", "published": "2011-01-26T00:00:00", "modified": "2016-07-25T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/12000/500/sol12543.html", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-4180"], "immutableFields": [], "lastseen": "2016-09-26T17:23:31", "history": [{"bulletin": {"id": "SOL12543", "hash": "0ee6eb0fc83ec93fa451ad42c5f379281787ca2e0e0b071ccfb20814bfcc18a9", "type": "f5", "bulletinFamily": "software", "title": "SOL12543 - OpenSSL vulnerability CVE-2010-4180", "description": "Vulnerability description\n\nOpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180>\n", "published": "2011-01-26T00:00:00", "modified": "2016-07-25T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/12000/500/sol12543.html", "reporter": "f5", "references": [], "cvelist": ["CVE-2010-4180"], "immutableFields": [], "lastseen": "2016-09-26T17:23:31", "history": [], "viewCount": 150, "enchantments": {"dependencies": {"modified": "2016-09-26T17:23:31", "references": [{"idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"], "type": "suse"}, {"idList": ["F5:K12853", "SOL12853", "F5:K12543"], "type": "f5"}, {"idList": ["MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0977/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"], "type": "metasploit"}, {"idList": ["USN-1029-1"], "type": "ubuntu"}, {"idList": ["FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27"], "type": "fedora"}, {"idList": ["SSA-2010-340-01"], "type": "slackware"}, {"idList": ["DEBIAN:DSA-2141-1:4DDA2"], "type": "debian"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"], "type": "oraclelinux"}, {"idList": ["FEDORA_2010-18736.NASL", "SUSE_OPENSSL-7463.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "SOLARIS10_146857-01.NASL", "SUSE9_12701.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:880636", "OPENVAS:831275", "OPENVAS:862721", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310880636", "OPENVAS:870370", "OPENVAS:68671", "OPENVAS:840550", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310831275"], "type": "openvas"}, {"idList": ["OPENSSL:CVE-2010-4180"], "type": "openssl"}, {"idList": ["CESA-2010:0978", "CESA-2010:0977"], "type": "centos"}, {"idList": ["CVE-2010-4180"], "type": "cve"}, {"idList": ["RHSA-2010:0978", "RHSA-2010:0977", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["UB:CVE-2010-4180"], "type": "ubuntucve"}], "rev": 2}, "score": {"modified": "2016-09-26T17:23:31", "rev": 2, "value": 5.2, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss2"], "edition": 1, "lastseen": "2016-09-26T17:23:31"}], "viewCount": 164, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2010-4180"]}, {"type": "f5", "idList": ["SOL12853", "F5:K12543", "F5:K12853"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/LINUXRPM-RHSA-2010-0977/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0978.NASL", "SUSE9_12701.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "801055.PRM", "SUSE_COMPAT-OPENSSL097G-7644.NASL", "SLACKWARE_SSA_2010-340-01.NASL", "SL_20101213_OPENSSL_ON_SL4_X.NASL", "5720.PRM", "OPENSUSE-2012-76.NASL", "FEDORA_2010-18736.NASL", "SUSE_11_4_CURL-120124.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "CENTOS_RHSA-2010-0977.NASL", "SUSE_LIBCURL4-8618.NASL", "FEDORA_2010-18765.NASL", "ORACLELINUX_ELSA-2010-0977.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "REDHAT-RHSA-2010-0978.NASL", "SUSE_COMPAT-OPENSSL097G-7645.NASL", "SUSE_OPENSSL-7462.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "ORACLELINUX_ELSA-2010-0978.NASL", "REDHAT-RHSA-2010-0977.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SUSE_OPENSSL-7463.NASL", "DEBIAN_DSA-2141.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "SOLARIS10_146857-01.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "OPENSSL_1_0_0C.NASL", "REDHAT-RHSA-2010-0979.NASL", "UBUNTU_USN-1029-1.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL"]}, {"type": "redhat", "idList": ["RHSA-2010:0979", "RHSA-2010:0977", "RHSA-2010:0978"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122262", "OPENVAS:862920", "OPENVAS:1361412562310880636", "OPENVAS:1361412562310881366", "OPENVAS:835251", "OPENVAS:840550", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862721", "OPENVAS:136141256231068671", "OPENVAS:1361412562310831275", "OPENVAS:862721", "OPENVAS:870372", "OPENVAS:870370", "OPENVAS:1361412562310840550", "OPENVAS:880460", "OPENVAS:863499", "OPENVAS:831275", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310880460", "OPENVAS:1361412562310862849", "OPENVAS:881366", "OPENVAS:68671", "OPENVAS:862737", "OPENVAS:880636", "OPENVAS:1361412562310870372", "OPENVAS:862849", "OPENVAS:1361412562310862737"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2141-1:4DDA2"]}, {"type": "fedora", "idList": ["FEDORA:C8F7F110906", "FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:564D5110A27", "FEDORA:9DFF1E720F"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2010-0977"]}, {"type": "centos", "idList": ["CESA-2010:0977", "CESA-2010:0978"]}, {"type": "slackware", "idList": ["SSA-2010-340-01"]}, {"type": "ubuntu", "idList": ["USN-1029-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:DOC:25258"]}, {"type": "suse", "idList": ["SUSE-SU-2011:0847-1", "OPENSUSE-SU-2011:0845-1"]}], "modified": "2016-09-26T17:23:31", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2016-09-26T17:23:31", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}], "openvas": [{"id": "OPENVAS:862849", "hash": "5214b1a32619cf0814c53c0fdb6f016b", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "Check for the Version of openssl", "published": "2011-02-16T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2017-07-25T10:55:47", "history": [{"lastseen": "2017-07-02T21:13:40", "bulletin": {"id": "OPENVAS:862849", "hash": "eec80930218ee3202087be4750f16852645a3fd743c0d5310fdaf23f0b91c4cb", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "Check for the Version of openssl", "published": "2011-02-16T00:00:00", "modified": "2016-04-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2017-07-02T21:13:40", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_id(862849);\n script_version(\"$Revision: 3078 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-15 14:08:28 +0200 (Fri, 15 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 0, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2017-07-25T10:55:47", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2010-4180", "UB:CVE-2011-0014"]}, {"type": "cve", "idList": ["CVE-2011-0014", "CVE-2010-4180", "CVE-2011-1273", "CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12566", "F5:K12543", "F5:K10534046", "SOL12543", "SOL12566"]}, {"type": "fedora", "idList": ["FEDORA:D404110F950", "FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:C9F3119737F", "FEDORA:9DFF1E720F", "FEDORA:C42A8110D0A", "FEDORA:C8F7F110906", "FEDORA:144BA1104EC", "FEDORA:564D5110A27"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840589", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310870609", "OPENVAS:1361412562310863070", "OPENVAS:870609", "OPENVAS:831251", "OPENVAS:863499", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310122262", "OPENVAS:68997", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310831330", "OPENVAS:862737", "OPENVAS:831330", "OPENVAS:862721", "OPENVAS:68921", "OPENVAS:1361412562310862737", "OPENVAS:862920", "OPENVAS:136141256231068997", "OPENVAS:840589", "OPENVAS:863060", "OPENVAS:136141256231068921", "OPENVAS:1361412562310862849", "OPENVAS:863070", "OPENVAS:1361412562310863060", "OPENVAS:862631", "OPENVAS:68703", "OPENVAS:1361412562310122167", "OPENVAS:840540", "OPENVAS:835251"]}, {"type": "nessus", "idList": ["SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "FEDORA_2011-5865.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-5876.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "FEDORA_2011-1255.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "UBUNTU_USN-1064-1.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2010-0888.NASL", "801053.PRM", "DEBIAN_DSA-2162.NASL", "5782.PRM", "AIX_OPENSSL_ADVISORY2.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "FEDORA_2011-5878.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17826.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "FEDORA_2010-17847.NASL", "FEDORA_2011-1273.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864", "OPENSSL:CVE-2011-0014"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11264", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:DOC:26212"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-0677"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}], "modified": "2017-07-25T10:55:47", "rev": 2}}, "objectVersion": "1.5", "pluginID": "862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_id(862849);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310862849", "hash": "d40eaf95e1f6a88c5c130fcbf167aa69", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "The remote host is missing an update for the ", "published": "2011-02-16T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2019-05-29T18:39:35", "history": [{"bulletin": {"id": "OPENVAS:1361412562310862849", "hash": "c61d03f581961a31c2b69a0759e737e6e81b7c18318826c7df2d5a43d8809b57", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "Check for the Version of openssl", "published": "2011-02-16T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2018-04-06T11:36:33", "history": [], "viewCount": 0, "enchantments": {"score": {"modified": "2018-04-06T11:36:33", "value": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N/"}}, "objectVersion": "1.4", "pluginID": "1361412562310862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862849\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2018-04-06T11:36:33"}, {"bulletin": {"id": "OPENVAS:1361412562310862849", "hash": "b656debbccb4a8f7aaeee15ce97469a16ca50f03529ddf31c0f5eefd8244c8c3", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "Check for the Version of openssl", "published": "2011-02-16T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2018-09-02T00:03:13", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2018-09-02T00:03:13", "references": [{"idList": ["DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["USN-1064-1", "USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12543", "F5:K12566", "SOL12566", "SOL12543"], "type": "f5"}, {"idList": ["SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "FEDORA_2011-1255.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "FEDORA_2011-5876.NASL"], "type": "nessus"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["OPENVAS:862920", "OPENVAS:863499", "OPENVAS:862849", "OPENVAS:862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862721", "OPENVAS:835251", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310862920"], "type": "openvas"}, {"idList": ["RHSA-2011:0677", "RHSA-2010:0888"], "type": "redhat"}, {"idList": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["ELSA-2010-0979", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862849\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["description", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:03:13"}, {"bulletin": {"id": "OPENVAS:1361412562310862849", "hash": "b656debbccb4a8f7aaeee15ce97469a16ca50f03529ddf31c0f5eefd8244c8c3", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "Check for the Version of openssl", "published": "2011-02-16T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2018-04-09T11:37:33", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862849\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-04-09T11:37:33"}, {"bulletin": {"id": "OPENVAS:1361412562310862849", "hash": "f0fbc69629cef982a7a29b776180bfd25aa9a84e4412b2279559c45ffcca6674", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "The remote host is missing an update for the ", "published": "2011-02-16T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2019-03-18T14:43:05", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2019-03-18T14:43:05", "references": [{"idList": ["DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["USN-1064-1", "USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12543", "F5:K12566", "SOL12566", "SOL12543"], "type": "f5"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-5865.NASL", "UBUNTU_USN-1064-1.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "FEDORA_2011-5878.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0D.NASL", "REDHAT-RHSA-2011-0677.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:862920", "OPENVAS:863499", "OPENVAS:862849", "OPENVAS:862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862721", "OPENVAS:835251", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310862920"], "type": "openvas"}, {"idList": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["ELSA-2010-0979", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["RHSA-2011:0677", "RHSA-2010:0888", "RHSA-2010:0979"], "type": "redhat"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862849\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2019-03-18T14:43:05"}, {"bulletin": {"id": "OPENVAS:1361412562310862849", "hash": "c8c13db8a64b3696781b1aabcefd6ab396ed30868cefb36b9d48acaedd6337bd", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1273", "description": "Check for the Version of openssl", "published": "2011-02-16T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862849", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1273", "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "lastseen": "2018-08-30T19:27:19", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862849\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:27:19"}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2011-0014", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2010-4180", "CVE-2011-1273", "CVE-2011-0014", "CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12566", "F5:K12543", "SOL12566", "F5:K10534046", "SOL12543"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831330", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310863070", "OPENVAS:68997", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310870609", "OPENVAS:863060", "OPENVAS:68703", "OPENVAS:136141256231068921", "OPENVAS:862721", "OPENVAS:136141256231068997", "OPENVAS:831251", "OPENVAS:862631", "OPENVAS:862920", "OPENVAS:862849", "OPENVAS:863499", "OPENVAS:840589", "OPENVAS:840540", "OPENVAS:835251", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862920", "OPENVAS:863070", "OPENVAS:1361412562310863060", "OPENVAS:870609", "OPENVAS:862737", "OPENVAS:831330", "OPENVAS:68921", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310122167"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:C9F3119737F", "FEDORA:C42A8110D0A", "FEDORA:144BA1104EC", "FEDORA:D404110F950", "FEDORA:564D5110A27", "FEDORA:9DFF1E720F", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2125.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "OPENSSL_1_0_0D.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FEDORA_2011-1273.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "5782.PRM", "801053.PRM", "FEDORA_2010-17847.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "FEDORA_2011-5876.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "FEDORA_2011-5878.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-5865.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "REDHAT-RHSA-2011-0677.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-1255.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "UBUNTU_USN-1064-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-3864"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0677", "ELSA-2010-0979"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"]}, {"type": "ubuntu", "idList": ["USN-1064-1", "USN-1018-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2162-1:98AFD"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}, {"type": "redhat", "idList": ["RHSA-2011:0677"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}], "modified": "2019-05-29T18:39:35", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2019-05-29T18:39:35", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862849\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:863499", "hash": "078e4a35c8344d0d217f8b7e2ed4d45c", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "Check for the Version of openssl", "published": "2011-09-12T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2017-07-25T10:55:45", "history": [{"lastseen": "2017-07-02T21:13:40", "bulletin": {"id": "OPENVAS:863499", "hash": "e24653ffa1923517097cd72e9bee030da0b5e613b3fa7d529ca4a0f1f75c4d4b", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "Check for the Version of openssl", "published": "2011-09-12T00:00:00", "modified": "2016-04-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2017-07-02T21:13:40", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_id(863499);\n script_version(\"$Revision: 3078 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-15 14:08:28 +0200 (Fri, 15 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 0, "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2017-07-25T10:55:45", "rev": 2}, "dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:144BA1104EC", "FEDORA:B31D6110781", "FEDORA:4853B37D0F", "FEDORA:C9F3119737F", "FEDORA:C8F7F110906", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870633", "OPENVAS:68997", "OPENVAS:863070", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310835251", "OPENVAS:831330", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310863060", "OPENVAS:136141256231068997", "OPENVAS:1361412562310122167", "OPENVAS:1361412562310120514", "OPENVAS:1361412562310863070", "OPENVAS:862737", "OPENVAS:863838", "OPENVAS:136141256231070764", "OPENVAS:835251", "OPENVAS:1361412562310862849", "OPENVAS:862721", "OPENVAS:1361412562310831330", "OPENVAS:870633", "OPENVAS:1361412562310862920", "OPENVAS:863060", "OPENVAS:862920", "OPENVAS:1361412562310863838", "OPENVAS:840589", "OPENVAS:1361412562310862721", "OPENVAS:870609", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310122063", "OPENVAS:70764", "OPENVAS:862849"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-3207", "UB:CVE-2011-0014", "UB:CVE-2010-3864", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207", "CVE-2010-4180"]}, {"type": "f5", "idList": ["SOL12566", "F5:K10534046", "SOL15318", "SOL12543", "F5:K15318", "F5:K12566", "F5:K12543"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2011-3207", "OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-3864"]}, {"type": "nessus", "idList": ["SL_20111026_OPENSSL_ON_SL6_X.NASL", "ALA_ALAS-2011-4.NASL", "OPENSSL_1_0_0D.NASL", "FEDORA_2011-12281.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "801053.PRM", "UBUNTU_USN-1064-1.NASL", "REDHAT-RHSA-2011-0677.NASL", "5782.PRM", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2011-5878.NASL", "GENTOO_GLSA-201110-01.NASL", "DEBIAN_DSA-2162.NASL", "REDHAT-RHSA-2011-1409.NASL", "ORACLELINUX_ELSA-2011-1409.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "FEDORA_2011-1255.NASL", "FEDORA_2011-5876.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-12233.NASL", "ALA_ALAS-2011-04.NASL"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-1409", "ELSA-2011-0677"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25720", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "redhat", "idList": ["RHSA-2011:0677", "RHSA-2011:1409"]}, {"type": "amazon", "idList": ["ALAS-2011-004"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}], "modified": "2017-07-25T10:55:45", "rev": 2}}, "objectVersion": "1.5", "pluginID": "863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_id(863499);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310863499", "hash": "d1f97c42d9860e116ec699f3e80e3527", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "The remote host is missing an update for the ", "published": "2011-09-12T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2019-05-29T18:39:56", "history": [{"bulletin": {"id": "OPENVAS:1361412562310863499", "hash": "9c766fafa701ed729a4ccca2077f70bd1d1feec684aa9dd33791e47b9bd6d175", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "Check for the Version of openssl", "published": "2011-09-12T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2018-09-02T00:04:36", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2018-09-02T00:04:36", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["ELSA-2010-0979", "ELSA-2011-1409", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2011-3207", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["RHSA-2011:0677", "RHSA-2011:1409"], "type": "redhat"}, {"idList": ["SOL15318", "F5:K12543", "F5:K12566", "SOL12566", "F5:K15318", "SOL12543"], "type": "f5"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["ALAS-2011-004"], "type": "amazon"}, {"idList": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "type": "cve"}, {"idList": ["OPENVAS:862920", "OPENVAS:863499", "OPENVAS:862849", "OPENVAS:862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862721", "OPENVAS:835251", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862849"], "type": "openvas"}, {"idList": ["ALA_ALAS-2011-04.NASL", "ORACLELINUX_ELSA-2011-1409.NASL", "FEDORA_2011-12233.NASL", "REDHAT-RHSA-2011-1409.NASL", "GENTOO_GLSA-201110-01.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "SL_20111026_OPENSSL_ON_SL6_X.NASL"], "type": "nessus"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863499\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["description", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:04:36"}, {"bulletin": {"id": "OPENVAS:1361412562310863499", "hash": "236fc4425f38d138d4321ac93a2033ddf9fdb0d72ef2766ab08647e37a1f7e30", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "Check for the Version of openssl", "published": "2011-09-12T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2018-04-06T11:36:26", "history": [], "viewCount": 0, "enchantments": {"score": {"modified": "2018-04-06T11:36:26", "value": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N/"}}, "objectVersion": "1.4", "pluginID": "1361412562310863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863499\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2018-04-06T11:36:26"}, {"bulletin": {"id": "OPENVAS:1361412562310863499", "hash": "9c766fafa701ed729a4ccca2077f70bd1d1feec684aa9dd33791e47b9bd6d175", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "Check for the Version of openssl", "published": "2011-09-12T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2018-04-09T11:37:25", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863499\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-04-09T11:37:25"}, {"bulletin": {"id": "OPENVAS:1361412562310863499", "hash": "1b2f40ef559bce16b08a3eff5b91ad082daafb5c91cb887820cbd3f81609c0da", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "Check for the Version of openssl", "published": "2011-09-12T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2018-08-30T19:27:46", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863499\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:27:46"}, {"bulletin": {"id": "OPENVAS:1361412562310863499", "hash": "d9e43ffa632ea8f11fec2150ffcf34f4e52bdfd301f0f7019d3f1e4331d7c8a0", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-12281", "description": "The remote host is missing an update for the ", "published": "2011-09-12T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863499", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-12281", "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html"], "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "lastseen": "2019-03-18T14:43:54", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2019-03-18T14:43:54", "references": [{"idList": ["DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["ELSA-2010-0979", "ELSA-2011-1409", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2011-3207", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["SOL15318", "F5:K12543", "F5:K12566", "SOL12566", "F5:K15318", "SOL12543"], "type": "f5"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["ALAS-2011-004"], "type": "amazon"}, {"idList": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["DEBIAN_DSA-2162.NASL", "ALA_ALAS-2011-04.NASL", "ALA_ALAS-2011-4.NASL", "FEDORA_2011-12233.NASL", "FEDORA_2011-1273.NASL", "UBUNTU_USN-1064-1.NASL", "GENTOO_GLSA-201110-01.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "FEDORA_2011-12281.NASL", "SL_20111026_OPENSSL_ON_SL6_X.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:862920", "OPENVAS:863499", "OPENVAS:862849", "OPENVAS:862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862721", "OPENVAS:835251", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862849"], "type": "openvas"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}, {"idList": ["RHSA-2010:0888", "RHSA-2011:1409"], "type": "redhat"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863499\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2019-03-18T14:43:54"}], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:C9F3119737F", "FEDORA:144BA1104EC", "FEDORA:4853B37D0F", "FEDORA:564D5110A27", "FEDORA:9DFF1E720F", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831330", "OPENVAS:1361412562310840589", "OPENVAS:863838", "OPENVAS:1361412562310863070", "OPENVAS:68997", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310863838", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310120514", "OPENVAS:136141256231070764", "OPENVAS:863060", "OPENVAS:862721", "OPENVAS:1361412562310122063", "OPENVAS:136141256231068997", "OPENVAS:862920", "OPENVAS:70764", "OPENVAS:862849", "OPENVAS:863499", "OPENVAS:1361412562310862849", "OPENVAS:840589", "OPENVAS:835251", "OPENVAS:1361412562310870633", "OPENVAS:1361412562310862737", "OPENVAS:870633", "OPENVAS:1361412562310862920", "OPENVAS:863070", "OPENVAS:1361412562310863060", "OPENVAS:870609", "OPENVAS:862737", "OPENVAS:831330", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310122167"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2011-0014", "UB:CVE-2011-3207", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"]}, {"type": "f5", "idList": ["SOL15318", "F5:K15318", "F5:K12566", "F5:K12543", "SOL12566", "F5:K10534046", "SOL12543"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2011-3207", "OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-3864"]}, {"type": "nessus", "idList": ["ALA_ALAS-2011-04.NASL", "ALA_ALAS-2011-4.NASL", "OPENSSL_1_0_0D.NASL", "FEDORA_2011-1273.NASL", "GENTOO_GLSA-201110-01.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "REDHAT-RHSA-2011-1409.NASL", "FEDORA_2011-12281.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "801053.PRM", "FEDORA_2011-12233.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "DEBIAN_DSA-2162.NASL", "FEDORA_2011-5876.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "FEDORA_2011-5878.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "REDHAT-RHSA-2011-0677.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "ORACLELINUX_ELSA-2011-1409.NASL", "FEDORA_2011-1255.NASL", "SL_20111026_OPENSSL_ON_SL6_X.NASL", "UBUNTU_USN-1064-1.NASL"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1409", "ELSA-2011-0677", "ELSA-2010-0979"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11435", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11624"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "redhat", "idList": ["RHSA-2011:1409"]}, {"type": "amazon", "idList": ["ALAS-2011-004"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD"]}, {"type": "slackware", "idList": ["SSA-2011-041-04"]}], "modified": "2019-05-29T18:39:56", "rev": 2}, "score": {"value": 5.7, "vector": "NONE", "modified": "2019-05-29T18:39:56", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863499\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:862920", "hash": "0ca2058ec3d7c37820c46b05e15299c4", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "Check for the Version of openssl", "published": "2011-03-24T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2017-07-25T10:55:40", "history": [{"lastseen": "2017-07-02T21:13:37", "bulletin": {"id": "OPENVAS:862920", "hash": "b1d5bc07e4bd365ae06c78bcb70eff197aa73440b372a4fff8bf764cded0afa8", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "Check for the Version of openssl", "published": "2011-03-24T00:00:00", "modified": "2016-04-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2017-07-02T21:13:37", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_id(862920);\n script_version(\"$Revision: 3078 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-15 14:08:28 +0200 (Fri, 15 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 0, "enchantments": {"score": {"value": 6.3, "vector": "NONE", "modified": "2017-07-25T10:55:40", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310831330", "OPENVAS:1361412562310100668", "OPENVAS:1361412562310863070", "OPENVAS:68997", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862566", "OPENVAS:136141256231070764", "OPENVAS:835245", "OPENVAS:1361412562310862568", "OPENVAS:862721", "OPENVAS:1361412562310835245", "OPENVAS:862158", "OPENVAS:136141256231068997", "OPENVAS:70764", "OPENVAS:862849", "OPENVAS:1361412562310862849", "OPENVAS:863499", "OPENVAS:840589", "OPENVAS:835251", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310863499", "OPENVAS:862566", "OPENVAS:1361412562310862920", "OPENVAS:862152", "OPENVAS:1361412562310863060", "OPENVAS:862737", "OPENVAS:831330", "OPENVAS:1361412562310862158", "OPENVAS:1361412562310862152", "OPENVAS:1361412562310122262", "OPENVAS:862568", "OPENVAS:1361412562310122167"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:C9F3119737F", "FEDORA:144BA1104EC", "FEDORA:564D5110A27", "FEDORA:7EA761108D8", "FEDORA:5429A1108EB", "FEDORA:8385C29043", "FEDORA:9DFF1E720F", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906", "FEDORA:EABE2110DCF"]}, {"type": "attackerkb", "idList": ["AKB:38A528B1-7F68-45C8-911E-1D3F8DC5EDB4"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-1633", "UB:CVE-2010-4180", "UB:CVE-2011-0014", "UB:CVE-2010-3864", "UB:CVE-2010-0742"]}, {"type": "cve", "idList": ["CVE-2010-1633", "CVE-2011-1255", "CVE-2011-0014", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-0742"]}, {"type": "f5", "idList": ["F5:K93959105", "F5:K12566", "F5:K12543", "SOL12566", "F5:K10534046", "SOL12543", "SOL17248", "F5:K17248"]}, {"type": "nessus", "idList": ["FEDORA_2010-9639.NASL", "F5_BIGIP_SOL17248.NASL", "801057.PRM", "AIX_OPENSSL_ADVISORY2.NASL", "DEBIAN_DSA-2162.NASL", "REDHAT-RHSA-2011-0677.NASL", "FEDORA_2010-9421.NASL", "801053.PRM", "FEDORA_2010-9574.NASL", "GENTOO_GLSA-201110-01.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "5559.PRM", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0A.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "UBUNTU_USN-1064-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-0742", "OPENSSL:CVE-2010-3864", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-1633"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/"]}, {"type": "seebug", "idList": ["SSV:19735", "SSV:19727"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0677", "ELSA-2010-0979"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11435", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11624"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD"]}], "modified": "2017-07-25T10:55:40", "rev": 2}}, "objectVersion": "1.5", "pluginID": "862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_id(862920);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310862920", "hash": "1c03048399825544bf5e3cc2021c40d0", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "The remote host is missing an update for the ", "published": "2011-03-24T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2019-05-29T18:40:03", "history": [{"bulletin": {"id": "OPENVAS:1361412562310862920", "hash": "af4b03e74b1139c817dfc3619332a514ee424e4ca0c8df9d01848c1c81a97e24", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "Check for the Version of openssl", "published": "2011-03-24T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2018-09-02T00:04:59", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2018-09-02T00:04:59", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "type": "cve"}, {"idList": ["DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["RHSA-2011:0677"], "type": "redhat"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["OPENVAS:862920", "OPENVAS:863499", "OPENVAS:862566", "OPENVAS:862849", "OPENVAS:862568", "OPENVAS:1361412562310862566", "OPENVAS:1361412562310862568", "OPENVAS:862737", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310862849"], "type": "openvas"}, {"idList": ["SSV:19727", "SSV:19735", "SSV:19736"], "type": "seebug"}, {"idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-1633", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864", "OPENSSL:CVE-2010-0742"], "type": "openssl"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["USN-1064-1"], "type": "ubuntu"}, {"idList": ["SOL17248", "F5:K12543", "F5:K93959105", "F5:K17248", "F5:K12566", "SOL12566", "SOL12543"], "type": "f5"}, {"idList": ["FEDORA_2010-9639.NASL", "OPENSSL_1_0_0A.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "GENTOO_GLSA-201110-01.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "FEDORA_2010-9574.NASL", "REDHAT-RHSA-2011-0677.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL"], "type": "nessus"}, {"idList": ["ELSA-2010-0979", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862920\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["description", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:04:59"}, {"bulletin": {"id": "OPENVAS:1361412562310862920", "hash": "af4b03e74b1139c817dfc3619332a514ee424e4ca0c8df9d01848c1c81a97e24", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "Check for the Version of openssl", "published": "2011-03-24T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2018-04-09T11:37:02", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862920\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-04-09T11:37:02"}, {"bulletin": {"id": "OPENVAS:1361412562310862920", "hash": "ed7196ca69891cdbc9fa3b1ffa900522599dd079857025235b3081324b4e41d2", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "Check for the Version of openssl", "published": "2011-03-24T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2018-04-06T11:36:04", "history": [], "viewCount": 0, "enchantments": {"score": {"modified": "2018-04-06T11:36:04", "value": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N/"}}, "objectVersion": "1.4", "pluginID": "1361412562310862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862920\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2018-04-06T11:36:04"}, {"bulletin": {"id": "OPENVAS:1361412562310862920", "hash": "0b8663fc8b3cdceb18d89878a9a69d9f62333f81ec71189c250cf8a0333bac3d", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "The remote host is missing an update for the ", "published": "2011-03-24T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2019-03-18T14:44:09", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2019-03-18T14:44:09", "references": [{"idList": ["DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2162-1:98AFD"], "type": "debian"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624"], "type": "securityvulns"}, {"idList": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "type": "cve"}, {"idList": ["SSV:19727", "SSV:19735"], "type": "seebug"}, {"idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-1633", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864", "OPENSSL:CVE-2010-0742"], "type": "openssl"}, {"idList": ["FEDORA_2010-9639.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0A.NASL", "GENTOO_GLSA-201110-01.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "FEDORA_2011-5878.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "FEDORA_2010-9574.NASL", "REDHAT-RHSA-2011-0677.NASL", "FEDORA_2010-9421.NASL"], "type": "nessus"}, {"idList": ["SSA-2011-041-04"], "type": "slackware"}, {"idList": ["SOL17248", "F5:K12543", "F5:K93959105", "F5:K17248", "F5:K12566", "SOL12566", "SOL12543"], "type": "f5"}, {"idList": ["OPENVAS:862920", "OPENVAS:862566", "OPENVAS:862849", "OPENVAS:862568", "OPENVAS:862158", "OPENVAS:1361412562310862566", "OPENVAS:862737", "OPENVAS:1361412562310862158", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310862849"], "type": "openvas"}, {"idList": ["RHSA-2011:0677", "RHSA-2010:0888"], "type": "redhat"}, {"idList": ["ELSA-2010-0979", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862920\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2019-03-18T14:44:09"}, {"bulletin": {"id": "OPENVAS:1361412562310862920", "hash": "443ef2c5414676a70d0f32e956cc59c47f07a78e5d39ec603b442b0fedf4f975", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2011-1255", "description": "Check for the Version of openssl", "published": "2011-03-24T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862920", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2011-1255", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "lastseen": "2018-08-30T19:27:54", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862920\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:27:54"}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:C9F3119737F", "FEDORA:144BA1104EC", "FEDORA:564D5110A27", "FEDORA:7EA761108D8", "FEDORA:5429A1108EB", "FEDORA:8385C29043", "FEDORA:9DFF1E720F", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906", "FEDORA:EABE2110DCF"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831330", "OPENVAS:1361412562310100668", "OPENVAS:1361412562310863070", "OPENVAS:68997", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862566", "OPENVAS:136141256231070764", "OPENVAS:835245", "OPENVAS:1361412562310862568", "OPENVAS:862721", "OPENVAS:1361412562310835245", "OPENVAS:862158", "OPENVAS:136141256231068997", "OPENVAS:862920", "OPENVAS:70764", "OPENVAS:862849", "OPENVAS:1361412562310862849", "OPENVAS:863499", "OPENVAS:840589", "OPENVAS:835251", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310863499", "OPENVAS:862566", "OPENVAS:862152", "OPENVAS:1361412562310863060", "OPENVAS:862737", "OPENVAS:831330", "OPENVAS:1361412562310862158", "OPENVAS:1361412562310862152", "OPENVAS:1361412562310122262", "OPENVAS:862568", "OPENVAS:1361412562310122167"]}, {"type": "attackerkb", "idList": ["AKB:38A528B1-7F68-45C8-911E-1D3F8DC5EDB4"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-1633", "UB:CVE-2010-4180", "UB:CVE-2011-0014", "UB:CVE-2010-3864", "UB:CVE-2010-0742"]}, {"type": "cve", "idList": ["CVE-2010-1633", "CVE-2011-1255", "CVE-2011-0014", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-0742"]}, {"type": "f5", "idList": ["F5:K93959105", "F5:K12566", "F5:K12543", "SOL12566", "F5:K10534046", "SOL12543", "SOL17248", "F5:K17248"]}, {"type": "nessus", "idList": ["FEDORA_2010-9639.NASL", "F5_BIGIP_SOL17248.NASL", "801057.PRM", "AIX_OPENSSL_ADVISORY2.NASL", "DEBIAN_DSA-2162.NASL", "REDHAT-RHSA-2011-0677.NASL", "FEDORA_2010-9421.NASL", "801053.PRM", "FEDORA_2010-9574.NASL", "GENTOO_GLSA-201110-01.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "5559.PRM", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "OPENSSL_1_0_0A.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "UBUNTU_USN-1064-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2010-0742", "OPENSSL:CVE-2010-3864", "OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-1633"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/"]}, {"type": "seebug", "idList": ["SSV:19735", "SSV:19727"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0677", "ELSA-2010-0979"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11435", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:VULN:11624"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "ubuntu", "idList": ["USN-1064-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2162-1:98AFD"]}], "modified": "2019-05-29T18:40:03", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2019-05-29T18:40:03", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862920\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310122262", "hash": "e8fc555feef9c39bf8d4c60a97a76b72", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2010-0979", "description": "Oracle Linux Local Security Checks ELSA-2010-0979", "published": "2015-10-06T00:00:00", "modified": "2018-09-28T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122262", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2010-0979.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2019-05-29T18:36:50", "history": [{"bulletin": {"id": "OPENVAS:1361412562310122262", "hash": "58bc57050b5b89ee6b5c45947bb13d396eb6612e9fdf2915b104590bef6724ae", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2010-0979", "description": "Oracle Linux Local Security Checks ELSA-2010-0979", "published": "2015-10-06T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122262", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2010-0979.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2017-07-24T12:53:17", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310122262", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2010-0979.nasl 6555 2017-07-06 11:54:09Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.122262\");\nscript_version(\"$Revision: 6555 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:15:38 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:54:09 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2010-0979\");\nscript_tag(name: \"insight\", value: \"ELSA-2010-0979 - openssl security update - [1.0.0-4.2]- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304)[1.0.0-4.1]- fix race in extension parsing code - CVE-2010-3864 (#649304)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2010-0979\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2010-0979.html\");\nscript_cve_id(\"CVE-2010-3864\",\"CVE-2010-4180\");\nscript_tag(name:\"cvss_base\", value:\"7.6\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-07-24T12:53:17"}, {"bulletin": {"id": "OPENVAS:1361412562310122262", "hash": "d7cb6af0e977a178ba05ef8296b12fe34459f085cae0d304e8016e010fde1f52", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2010-0979", "description": "Oracle Linux Local Security Checks ELSA-2010-0979", "published": "2015-10-06T00:00:00", "modified": "2018-09-28T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122262", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2010-0979.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2018-09-28T18:25:24", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2018-09-28T18:25:24", "references": [{"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17847.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL"], "type": "nessus"}, {"idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"], "type": "openssl"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["ELSA-2010-0979", "ELSA-2010-0978", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["CVE-2010-4180", "CVE-2010-3864"], "type": "cve"}, {"idList": ["OPENVAS:862849", "OPENVAS:862721", "OPENVAS:1361412562310835251", "OPENVAS:862737", "OPENVAS:1361412562310862721", "OPENVAS:835251", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862849"], "type": "openvas"}, {"idList": ["USN-1029-1", "USN-1018-1"], "type": "ubuntu"}, {"idList": ["F5:K12853", "F5:K12543", "F5:K12566", "SOL12566", "SOL12543"], "type": "f5"}, {"idList": ["SSA-2010-326-01", "SSA-2010-340-01"], "type": "slackware"}, {"idList": ["RHSA-2010:0888", "RHSA-2010:0978", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["CESA-2010:0978"], "type": "centos"}]}, "score": {"value": 7.2, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310122262", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0979.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122262\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:38 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0979\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0979 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0979\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0979.html\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks"}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-09-28T18:25:24"}, {"bulletin": {"id": "OPENVAS:1361412562310122262", "hash": "58bc57050b5b89ee6b5c45947bb13d396eb6612e9fdf2915b104590bef6724ae", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2010-0979", "description": "Oracle Linux Local Security Checks ELSA-2010-0979", "published": "2015-10-06T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122262", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2010-0979.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2018-09-01T23:52:09", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310122262", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2010-0979.nasl 6555 2017-07-06 11:54:09Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.122262\");\nscript_version(\"$Revision: 6555 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:15:38 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:54:09 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2010-0979\");\nscript_tag(name: \"insight\", value: \"ELSA-2010-0979 - openssl security update - [1.0.0-4.2]- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304)[1.0.0-4.1]- fix race in extension parsing code - CVE-2010-3864 (#649304)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2010-0979\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2010-0979.html\");\nscript_cve_id(\"CVE-2010-3864\",\"CVE-2010-4180\");\nscript_tag(name:\"cvss_base\", value:\"7.6\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:52:09"}, {"bulletin": {"id": "OPENVAS:1361412562310122262", "hash": "d985d83fe3cb81409739d31bf9a2ba923508cd92a229618be4325dcd4d191ed2", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2010-0979", "description": "Oracle Linux Local Security Checks ELSA-2010-0979", "published": "2015-10-06T00:00:00", "modified": "2017-05-24T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122262", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2010-0979.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2017-07-02T21:12:07", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310122262", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2010-0979.nasl 6207 2017-05-24 09:04:07Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.122262\");\nscript_version(\"$Revision: 6207 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:15:38 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-05-24 11:04:07 +0200 (Wed, 24 May 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2010-0979\");\nscript_tag(name: \"insight\", value: \"ELSA-2010-0979 - openssl security update - [1.0.0-4.2]- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304)[1.0.0-4.1]- fix race in extension parsing code - CVE-2010-3864 (#649304)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2010-0979\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2010-0979.html\");\nscript_cve_id(\"CVE-2010-3864\",\"CVE-2010-4180\");\nscript_tag(name:\"cvss_base\", value:\"7.6\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"login/SSH/success\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:12:07"}, {"bulletin": {"id": "OPENVAS:1361412562310122262", "hash": "28c3b3e2433468a111741a8e7e9e982eecf46c803ea1ee356336a089aeed2f4b", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2010-0979", "description": "Oracle Linux Local Security Checks ELSA-2010-0979", "published": "2015-10-06T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122262", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2010-0979.html"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2018-08-30T19:22:51", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310122262", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2010-0979.nasl 6555 2017-07-06 11:54:09Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.122262\");\nscript_version(\"$Revision: 6555 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:15:38 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:54:09 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2010-0979\");\nscript_tag(name: \"insight\", value: \"ELSA-2010-0979 - openssl security update - [1.0.0-4.2]- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304)[1.0.0-4.1]- fix race in extension parsing code - CVE-2010-3864 (#649304)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2010-0979\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2010-0979.html\");\nscript_cve_id(\"CVE-2010-3864\",\"CVE-2010-4180\");\nscript_tag(name:\"cvss_base\", value:\"7.6\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:22:51"}], "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2010-3864", "CVE-2010-4180"]}, {"type": "f5", "idList": ["SOL12566", "SOL12543", "F5:K12566", "SOL12853", "F5:K12543"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:D404110F950", "FEDORA:9DFF1E720F", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2010-0978"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310100751", "OPENVAS:1361412562310862631", "OPENVAS:136141256231068703", "OPENVAS:840540", "OPENVAS:68704", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310831275", "OPENVAS:862737", "OPENVAS:880636", "OPENVAS:835251", "OPENVAS:1361412562310862849", "OPENVAS:862721", "OPENVAS:1361412562310831251", "OPENVAS:831275", "OPENVAS:1361412562310862920", "OPENVAS:862920", "OPENVAS:831251", "OPENVAS:1361412562310862721", "OPENVAS:863499", "OPENVAS:136141256231068673", "OPENVAS:68673", "OPENVAS:1361412562310840540", "OPENVAS:862631", "OPENVAS:68703", "OPENVAS:136141256231068704", "OPENVAS:862849"]}, {"type": "nessus", "idList": ["FEDORA_2010-18736.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "REDHAT-RHSA-2010-0979.NASL", "FEDORA_2010-18765.NASL", "SOLARIS10_146857-01.NASL", "DEBIAN_DSA-2125.NASL", "ADOBE_FMS_4_0_2.NASL", "FEDORA_2010-17827.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "SLACKWARE_SSA_2010-340-01.NASL", "REDHAT-RHSA-2010-0978.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE9_12701.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SOLARIS10_X86_146859-01.NASL", "REDHAT-RHSA-2010-0888.NASL", "5924.PRM", "ORACLELINUX_ELSA-2010-0979.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "FEDORA_2010-17826.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "SLACKWARE_SSA_2010-326-01.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "UBUNTU_USN-1018-1.NASL", "FEDORA_2010-17847.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:VULN:11624"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "redhat", "idList": ["RHSA-2010:0888", "RHSA-2010:0979"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "centos", "idList": ["CESA-2010:0978"]}], "modified": "2019-05-29T18:36:50", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T18:36:50", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310122262", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0979.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122262\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:38 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0979\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0979 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0979\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0979.html\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310862721", "hash": "d847800aa788c85ef939ad8963cc6b2b", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2010-18765", "description": "Check for the Version of openssl", "published": "2010-12-28T00:00:00", "modified": "2018-01-24T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862721", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "2010-18765"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2018-01-25T10:55:37", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2018-01-25T10:55:37", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2010-4180", "CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12543", "F5:K12566", "SOL12543", "SOL12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"]}, {"type": "fedora", "idList": ["FEDORA:D404110F950", "FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:9DFF1E720F", "FEDORA:C8F7F110906", "FEDORA:564D5110A27"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-0677"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231068704", "OPENVAS:136141256231068673", "OPENVAS:1361412562310835251", "OPENVAS:840550", "OPENVAS:1361412562310862920", "OPENVAS:870370", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310870370", "OPENVAS:862849", "OPENVAS:831251", "OPENVAS:863499", "OPENVAS:1361412562310831275", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310122262", "OPENVAS:68704", "OPENVAS:68673", "OPENVAS:1361412562310862631", "OPENVAS:862737", "OPENVAS:862721", "OPENVAS:1361412562310862737", "OPENVAS:862920", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310862849", "OPENVAS:831275", "OPENVAS:1361412562310831251", "OPENVAS:862631", "OPENVAS:136141256231068703", "OPENVAS:68703", "OPENVAS:840540", "OPENVAS:835251"]}, {"type": "nessus", "idList": ["FEDORA_2010-18736.NASL", "SLACKWARE_SSA_2010-326-01.NASL", "UBUNTU_USN-1018-1.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SOLARIS10_146857-01.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "SUSE9_12701.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "REDHAT-RHSA-2010-0888.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "FEDORA_2010-18765.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "DEBIAN_DSA-2141.NASL", "FEDORA_2010-17827.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "CENTOS_RHSA-2010-0978.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17826.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "ADOBE_FMS_4_0_2.NASL", "5924.PRM", "REDHAT-RHSA-2010-0979.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "FEDORA_2010-17847.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_OPENSSL-7462.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11264", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "redhat", "idList": ["RHSA-2010:0888", "RHSA-2010:0979"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "centos", "idList": ["CESA-2010:0978"]}], "modified": "2018-01-25T10:55:37", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310862721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18765\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862721\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18765\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18765\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:862721", "hash": "98dac03f120c0f4d93069ab7ff5a5f8d", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2010-18765", "description": "Check for the Version of openssl", "published": "2010-12-28T00:00:00", "modified": "2017-12-25T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862721", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "2010-18765"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2018-01-02T10:54:56", "history": [{"lastseen": "2017-07-25T10:49:34", "differentElements": ["modified", "sourceData"], "edition": 2, "bulletin": {"id": "OPENVAS:862721", "hash": "6a0a0018c7e05592ffa7835d35fec0520a032d94220cb95866262086f0f75a78", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2010-18765", "description": "Check for the Version of openssl", "published": "2010-12-28T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862721", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "2010-18765"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2017-07-25T10:49:34", "history": [], "viewCount": 0, "enchantments": {"score": {"modified": "2017-07-25T10:49:34", "value": 7.6}}, "objectVersion": "1.4", "pluginID": "862721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18765\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html\");\n script_id(862721);\n script_version(\"$Revision: 6625 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:29:16 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18765\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18765\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}}, {"lastseen": "2017-07-02T21:10:03", "differentElements": ["modified", "sourceData"], "edition": 1, "bulletin": {"id": "OPENVAS:862721", "hash": "9d364659b17eaf5744ee3ef91df412bf8de2412b8b333784a03708b59c6c2c28", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2010-18765", "description": "Check for the Version of openssl", "published": "2010-12-28T00:00:00", "modified": "2016-04-22T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862721", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html", "2010-18765"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "lastseen": "2017-07-02T21:10:03", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "862721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18765\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html\");\n script_id(862721);\n script_version(\"$Revision: 3140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-22 12:50:29 +0200 (Fri, 22 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18765\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18765\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}}], "viewCount": 1, "enchantments": {"score": {"value": 7.1, "vector": "NONE", "modified": "2018-01-02T10:54:56", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2010-4180"]}, {"type": "cve", "idList": ["CVE-2010-4180", "CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12543", "F5:K12566", "SOL12543", "SOL12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/"]}, {"type": "fedora", "idList": ["FEDORA:D404110F950", "FEDORA:6B3FC110D28", "FEDORA:B31D6110781", "FEDORA:9DFF1E720F", "FEDORA:C8F7F110906", "FEDORA:564D5110A27"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-0677"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231068704", "OPENVAS:136141256231068673", "OPENVAS:1361412562310835251", "OPENVAS:840550", "OPENVAS:1361412562310862920", "OPENVAS:870370", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310870370", "OPENVAS:862849", "OPENVAS:831251", "OPENVAS:863499", "OPENVAS:1361412562310831275", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310122262", "OPENVAS:68704", "OPENVAS:1361412562310862721", "OPENVAS:68673", "OPENVAS:1361412562310862631", "OPENVAS:862737", "OPENVAS:1361412562310862737", "OPENVAS:862920", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310862849", "OPENVAS:831275", "OPENVAS:1361412562310831251", "OPENVAS:862631", "OPENVAS:136141256231068703", "OPENVAS:68703", "OPENVAS:840540", "OPENVAS:835251"]}, {"type": "nessus", "idList": ["FEDORA_2010-18736.NASL", "SLACKWARE_SSA_2010-326-01.NASL", "UBUNTU_USN-1018-1.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SOLARIS10_146857-01.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "SUSE9_12701.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "REDHAT-RHSA-2010-0888.NASL", "FEDORA_2010-18765.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "DEBIAN_DSA-2141.NASL", "FEDORA_2010-17827.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "CENTOS_RHSA-2010-0978.NASL", "DEBIAN_DSA-2125.NASL", "FEDORA_2010-17826.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "ADOBE_FMS_4_0_2.NASL", "5924.PRM", "REDHAT-RHSA-2010-0979.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "FEDORA_2010-17847.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SOLARIS10_X86_146859-01.NASL", "SUSE_OPENSSL-7462.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11264", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "redhat", "idList": ["RHSA-2010:0888", "RHSA-2010:0979"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "centos", "idList": ["CESA-2010:0978"]}], "modified": "2018-01-02T10:54:56", "rev": 2}}, "objectVersion": "1.5", "pluginID": "862721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18765\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html\");\n script_id(862721);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18765\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18765\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310835251", "hash": "ed9ad75a77eb98184fb7205504f2c707", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.", "published": "2011-05-05T00:00:00", "modified": "2018-10-04T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2019-05-29T18:39:58", "history": [{"bulletin": {"id": "OPENVAS:1361412562310835251", "hash": "1ed7303e9b76c388e13aa35f99dcf5684c7bdae819a4cc2b3442f4d078bc9cdc", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "Check for the Version of OpenSSL", "published": "2011-05-05T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2018-09-02T00:04:41", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n authentication bypass\";\ntag_affected = \"OpenSSL on\n HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX OpenSSL. \n This vulnerability could be exploited remotely to execute arbitrary code or \n create a Denial of Service (DoS) or an authentication bypass.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835251\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of OpenSSL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "HP-UX Local Security Checks"}, "differentElements": ["description", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:04:41"}, {"bulletin": {"id": "OPENVAS:1361412562310835251", "hash": "886f8220d7f69bd9184251cc5ae03340c4cbf5a427c600f87e26ea0ac00f2045", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "Check for the Version of OpenSSL", "published": "2011-05-05T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2018-04-06T11:36:41", "history": [], "viewCount": 0, "enchantments": {"score": {"modified": "2018-04-06T11:36:41", "value": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N/"}}, "objectVersion": "1.4", "pluginID": "1361412562310835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n authentication bypass\";\ntag_affected = \"OpenSSL on\n HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX OpenSSL. \n This vulnerability could be exploited remotely to execute arbitrary code or \n create a Denial of Service (DoS) or an authentication bypass.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835251\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n\n script_summary(\"Check for the Version of OpenSSL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "HP-UX Local Security Checks"}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2018-04-06T11:36:41"}, {"bulletin": {"id": "OPENVAS:1361412562310835251", "hash": "1ed7303e9b76c388e13aa35f99dcf5684c7bdae819a4cc2b3442f4d078bc9cdc", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "Check for the Version of OpenSSL", "published": "2011-05-05T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2018-04-09T11:37:42", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n authentication bypass\";\ntag_affected = \"OpenSSL on\n HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX OpenSSL. \n This vulnerability could be exploited remotely to execute arbitrary code or \n create a Denial of Service (DoS) or an authentication bypass.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835251\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of OpenSSL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "HP-UX Local Security Checks"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-04-09T11:37:42"}, {"bulletin": {"id": "OPENVAS:1361412562310835251", "hash": "81bcf991bae56d40ad6194dcc757494cc3e520c56ca90756f9a6593ba67f5b86", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "Check for the Version of OpenSSL", "published": "2011-05-05T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2018-08-30T19:27:47", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n authentication bypass\";\ntag_affected = \"OpenSSL on\n HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX OpenSSL. \n This vulnerability could be exploited remotely to execute arbitrary code or \n create a Denial of Service (DoS) or an authentication bypass.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835251\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of OpenSSL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "HP-UX Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:27:47"}, {"bulletin": {"id": "OPENVAS:1361412562310835251", "hash": "f31c29a45c0be29a5240694f74c3275c6be70e47db1d246569559969465ddc98", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.", "published": "2011-05-05T00:00:00", "modified": "2018-10-04T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2018-10-04T14:46:24", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2018-10-04T14:46:24", "references": [{"idList": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "type": "cve"}, {"idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-3864", "OPENSSL:CVE-2010-4252"], "type": "openssl"}, {"idList": ["USN-1018-1"], "type": "ubuntu"}, {"idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-2125-1:26495"], "type": "debian"}, {"idList": ["SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "OPENSSL_1_0_0C.NASL", "F5_BIGIP_SOL17382.NASL", "DEBIAN_DSA-2125.NASL", "SLACKWARE_SSA_2010-340-01.NASL", "FEDORA_2010-17847.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"], "type": "securityvulns"}, {"idList": ["RHSA-2010:0888", "RHSA-2010:0979"], "type": "redhat"}, {"idList": ["OPENVAS:862849", "OPENVAS:862721", "OPENVAS:1361412562310862721", "OPENVAS:835251", "OPENVAS:68671", "OPENVAS:136141256231068671", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310105400", "OPENVAS:1361412562310862849"], "type": "openvas"}, {"idList": ["F5:K12543", "F5:K17382", "F5:K12566", "SOL12566", "SOL17382", "SOL12543"], "type": "f5"}, {"idList": ["SSA-2010-326-01", "SSA-2010-340-01"], "type": "slackware"}, {"idList": ["ELSA-2010-0979", "ELSA-2011-0677"], "type": "oraclelinux"}, {"idList": ["GLSA-201110-01"], "type": "gentoo"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_ux_HPSBUX02638.nasl 11739 2018-10-04 07:49:31Z cfischer $\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835251\");\n script_version(\"$Revision: 11739 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-04 09:49:31 +0200 (Thu, 04 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"HPSBUX\", value:\"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/hp_pkgrev\", re:\"ssh/login/release=HPUX(11\\.31|11\\.23|11\\.11)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"impact\", value:\"Remote execution of arbitrary code Denial of Service (DoS) authentication bypass\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\");\n\n script_tag(name:\"insight\", value:\"A potential security vulnerability has been identified with HP-UX OpenSSL.\n This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS) or an authentication bypass.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = hpux_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "HP-UX Local Security Checks"}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-10-04T14:46:24"}], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2010-4180", "UB:CVE-2010-4252"]}, {"type": "cve", "idList": ["CVE-2010-4180", "CVE-2010-4252", "CVE-2010-3864"]}, {"type": "f5", "idList": ["SOL12566", "F5:K17382", "F5:K12543", "SOL12543", "SOL17382", "F5:K12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-4252", "OPENSSL:CVE-2010-3864"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863499", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310840540", "OPENVAS:831251", "OPENVAS:68703", "OPENVAS:1361412562310105400", "OPENVAS:1361412562310831251", "OPENVAS:1361412562310122262", "OPENVAS:862920", "OPENVAS:863499", "OPENVAS:840540", "OPENVAS:136141256231068671", "OPENVAS:831275", "OPENVAS:1361412562310862631", "OPENVAS:862721", "OPENVAS:136141256231068703", "OPENVAS:862849", "OPENVAS:68671", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310862737", "OPENVAS:862631", "OPENVAS:1361412562310831275", "OPENVAS:862737", "OPENVAS:835251"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2011-0013-CVE-2010-4180/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2010-4180/", "MSF:ILITIES/VMSA-2012-0013-CVE-2010-4180/", "MSF:ILITIES/GENTOO-LINUX-CVE-2010-4252/", "MSF:ILITIES/IBM-AIX-CVE-2010-4180/"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "OPENSSL_1_0_0C.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "FEDORA_2010-18736.NASL", "FEDORA_2010-17826.NASL", "REDHAT-RHSA-2010-0888.NASL", "REDHAT-RHSA-2010-0979.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "SLACKWARE_SSA_2010-340-01.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "5720.PRM", "FEDORA_2010-17827.NASL", "SOLARIS10_146857-01.NASL", "801055.PRM", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "UBUNTU_USN-1018-1.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_OPENSSL-7462.NASL", "F5_BIGIP_SOL17382.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "DEBIAN_DSA-2125.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "FEDORA_2010-18765.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "FEDORA_2010-17847.NASL", "SOLARIS10_X86_146859-01.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "SUSE9_12701.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL"]}, {"type": "slackware", "idList": ["SSA-2010-340-01"]}, {"type": "fedora", "idList": ["FEDORA:B31D6110781", "FEDORA:6B3FC110D28", "FEDORA:C8F7F110906", "FEDORA:564D5110A27", "FEDORA:D404110F950", "FEDORA:9DFF1E720F"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11284", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11264"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "redhat", "idList": ["RHSA-2010:0888", "RHSA-2010:0979"]}], "modified": "2019-05-29T18:39:58", "rev": 2}, "score": {"value": 6.2, "vector": "NONE", "modified": "2019-05-29T18:39:58", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_ux_HPSBUX02638.nasl 11739 2018-10-04 07:49:31Z cfischer $\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835251\");\n script_version(\"$Revision: 11739 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-04 09:49:31 +0200 (Thu, 04 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"HPSBUX\", value:\"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/hp_pkgrev\", re:\"ssh/login/release=HPUX(11\\.31|11\\.23|11\\.11)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"impact\", value:\"Remote execution of arbitrary code Denial of Service (DoS) authentication bypass\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\");\n\n script_tag(name:\"insight\", value:\"A potential security vulnerability has been identified with HP-UX OpenSSL.\n This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS) or an authentication bypass.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = hpux_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "HP-UX Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:835251", "hash": "e2a14b5a9aea0f41df5052a6bc7ffa5b", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "Check for the Version of OpenSSL", "published": "2011-05-05T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2017-07-24T12:55:51", "history": [{"lastseen": "2017-07-02T21:13:41", "bulletin": {"id": "OPENVAS:835251", "hash": "03bbb95169b11474af2fea93c0e0edfdf4c5d225a91824d120a841c2f85fe522", "type": "openvas", "bulletinFamily": "scanner", "title": "HP-UX Update for OpenSSL HPSBUX02638", "description": "Check for the Version of OpenSSL", "published": "2011-05-05T00:00:00", "modified": "2016-04-19T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=835251", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002", "02638"], "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "lastseen": "2017-07-02T21:13:41", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n authentication bypass\";\ntag_affected = \"OpenSSL on\n HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX OpenSSL. \n This vulnerability could be exploited remotely to execute arbitrary code or \n create a Denial of Service (DoS) or an authentication bypass.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_id(835251);\n script_version(\"$Revision: 3117 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-19 12:19:37 +0200 (Tue, 19 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n\n script_summary(\"Check for the Version of OpenSSL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"login/SSH/success\", \"HostDetails/OS/cpe:/o:hp:hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "HP-UX Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 0, "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2017-07-24T12:55:51", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2010-3864", "UB:CVE-2010-4180", "UB:CVE-2010-4252"]}, {"type": "cve", "idList": ["CVE-2010-4180", "CVE-2010-4252", "CVE-2010-3864"]}, {"type": "f5", "idList": ["SOL12566", "F5:K17382", "F5:K12543", "SOL12543", "SOL17382", "F5:K12566"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-4252", "OPENSSL:CVE-2010-3864"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863499", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310840540", "OPENVAS:831251", "OPENVAS:68703", "OPENVAS:1361412562310105400", "OPENVAS:1361412562310831251", "OPENVAS:1361412562310122262", "OPENVAS:862920", "OPENVAS:863499", "OPENVAS:1361412562310835251", "OPENVAS:840540", "OPENVAS:136141256231068671", "OPENVAS:831275", "OPENVAS:1361412562310862631", "OPENVAS:862721", "OPENVAS:13614125623106870
