CVE-2009-3555

{"id": "CVE-2009-3555", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-11-09T17:30:00.407", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://blogs.iss.net/archive/sslmitmiscsrf.html", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://clicky.me/tlsvuln", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://extendedsubset.com/?p=8", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://extendedsubset.com/Renegotiating_TLS.pdf", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://kbase.redhat.com/faq/docs/DOC-20491", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=cryptography&m=125752275331877&w=2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://openbsd.org/errata45.html#010_openssl", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://openbsd.org/errata46.html#004_openssl", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/60521", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/60972", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/62210", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/65202", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2009/Nov/139", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37291", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37292", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37320", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37383", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37399", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37453", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37501", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37504", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37604", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37640", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37656", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37675", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/37859", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/38003", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/38020", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/38056", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/38241", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/38484", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/38687", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/38781", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39127", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39136", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39242", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39243", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39278", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39292", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39317", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39461", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39500", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39628", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39632", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39713", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39819", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/40070", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/40545", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/40747", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/40866", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/41480", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/41490", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/41818", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/41967", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/41972", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42377", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42379", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42467", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42724", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42733", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42808", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42811", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42816", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/43308", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/44183", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/44954", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/48577", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200912-01.xml", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201203-22.xml", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1023148", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://support.apple.com/kb/HT4004", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.apple.com/kb/HT4170", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.apple.com/kb/HT4171", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.avaya.com/css/P8/documents/100070150", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.avaya.com/css/P8/documents/100081611", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.avaya.com/css/P8/documents/100114315", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.avaya.com/css/P8/documents/100114327", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.citrix.com/article/CTX123359", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://ubuntu.com/usn/usn-923-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.betanews.com/article/1257452450", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1934", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2011/dsa-2141", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2015/dsa-3253", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ingate.com/Relnote.php?ver=481", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.kb.cert.org/vuls/id/120541", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secalert@redhat.com"}, {"url": "http://www.links.org/?p=780", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.links.org/?p=786", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.links.org/?p=789", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openssl.org/news/secadv_20091111.txt", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2009/11/05/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2009/11/05/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2009/11/06/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2009/11/07/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2009/11/20/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2009/11/23/10", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.opera.com/docs/changelogs/unix/1060/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.opera.com/support/search/view/944/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/522176", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/36935", "tags": ["Exploit", "Patch", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023163", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023204", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023205", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023206", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023207", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023208", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023209", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023210", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023211", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023212", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023213", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023214", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023215", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023216", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023217", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023218", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023219", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023224", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023243", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023270", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023271", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023272", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023273", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023274", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023275", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023411", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023426", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023427", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1023428", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1024789", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.tombom.co.uk/blog/?p=85", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1010-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-927-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-927-4", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-927-5", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secalert@redhat.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secalert@redhat.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3164", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3165", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3205", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3220", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3310", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3313", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3353", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3354", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3484", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3521", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3587", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0086", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0173", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0748", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0848", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0916", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0933", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0982", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0994", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/1054", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/1107", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/1191", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/1350", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/1639", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/1673", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/1793", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/2010", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/2745", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/3069", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/3086", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2010/3126", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0032", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0033", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0086", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kb.bluecoat.com/index?page=content&id=SA50", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue."}, {"lang": "es", "value": "El protocolo TLS y el protocolo SSL v3.0 y posiblemente versiones anteriores, tal y como se usa en Microsoft Internet Information Services (IIS) v7.0, mod_ssl en el servidor HTTP Apache v2.2.14 y anteriores, OpenSSL antes de v0.9.8l, GnuTLS v2.8.5 y anteriores, Mozilla Network Security Services (NSS) v3.12.4 y anteriores, y otros productos, no asocia apropiadamente la renegociaci\u00f3n del Handshake SSL en una conexi\u00f3n existente, lo que permite ataques man-in-the-middle en los que el atacante inserta datos en sesiones HTTPS, y posiblemente otro tipo de sesiones protegidas por SSL o TLS, enviando una petici\u00f3n de autenticaci\u00f3n que es procesada retroactivamente por un servidor en un contexto post-renegociaci\u00f3n. Se trata de un ataque de \"inyecci\u00f3n de texto plano\", tambi\u00e9n conocido como el problema del \"Proyecto Mogul\"."}], "lastModified": "2023-02-13T02:20:27.983", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1BD8600-0EF7-4612-B5C4-E327C0828479", "versionEndIncluding": "2.2.14"}, {"criteria": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38090AC3-C511-4C40-91A5-084CBEC11F34", "versionEndIncluding": "2.8.5"}, {"criteria": "cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "285433B6-03F9-495E-BACA-AA47A014411C", "versionEndIncluding": "3.12.4"}, {"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB35F63F-7856-42EE-87A6-7EC7F10C2032", "versionEndIncluding": "0.9.8k"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "718F8E8D-0940-4055-A948-96D25C79323B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B"}, {"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}, {"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"}, {"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BB5EDB-520B-4DEF-B06E-65CA13152824"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06B2E3E1-C2E0-4A4E-A84D-93C456E868E7", "versionEndIncluding": "0.8.22", "versionStartIncluding": "0.1.0"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3555\n\nAdditional information can be found in the Red Hat Knowledgebase article:\nhttp://kbase.redhat.com/faq/docs/DOC-20491", "lastModified": "2009-11-20T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}