4.3 - CVE-2014-3470

Executive Summary

Informations
Name	CVE-2014-3470	First vendor Publication	2014-06-05
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-476	NULL Pointer Dereference

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24448

Oval ID:	oval:org.mitre.oval:def:24448
Title:	USN-2232-1 -- openssl vulnerabilities
Description:	Several security issues were fixed in OpenSSL.
Family:	unix	Class:	patch
Reference(s):	USN-2232-1 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	openssl
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1f-1ubuntu2.2 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1e-3ubuntu1.4 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1-4ubuntu5.14 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND libssl0.9.8 DPKG is earlier than 0:0.9.8k-7ubuntu8.18

Definition Id: oval:org.mitre.oval:def:24628

Oval ID:	oval:org.mitre.oval:def:24628
Title:	USN-2232-3 -- openssl regression
Description:	USN-2232-1 introduced a regression in OpenSSL.
Family:	unix	Class:	patch
Reference(s):	USN-2232-3 CVE-2014-0224 CVE-2014-0195 CVE-2014-0221 CVE-2014-3470	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	openssl
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1f-1ubuntu2.4 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1e-3ubuntu1.6 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1-4ubuntu5.16 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND libssl0.9.8 DPKG is earlier than 0:0.9.8k-7ubuntu8.19

Definition Id: oval:org.mitre.oval:def:24780

Oval ID:	oval:org.mitre.oval:def:24780
Title:	AIX OpenSSL Anonymous ECDH denial of service
Description:	The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-3470	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets fileset test openssl.base greater than or equal 1.0.1.500 AND openssl.base less than or equal 1.0.1.510 OR fileset test openssl.base greater than or equal 0.9.8.401 AND openssl.base less than or equal 0.9.8.2501 OR fileset test openssl.base greater than or equal 12.9.8.1100 AND openssl.base less than or equal 12.9.8.2501

Definition Id: oval:org.mitre.oval:def:24892

Oval ID:	oval:org.mitre.oval:def:24892
Title:	RHSA-2014:0625: openssl security update (Important)
Description:	OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, JÃ¼ri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix GrÃ¶bert and Ivan FratriÄ‡ of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0625-00 CESA-2014:0625 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	openssl
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section openssl-devel is earlier than 0:1.0.1e-16.el6_5.14 AND openssl-static is earlier than 0:1.0.1e-16.el6_5.14 AND openssl-perl is earlier than 0:1.0.1e-16.el6_5.14 AND openssl is earlier than 0:1.0.1e-16.el6_5.14

Definition Id: oval:org.mitre.oval:def:25014

Oval ID:	oval:org.mitre.oval:def:25014
Title:	RHSA-2014:0679: openssl security update (Important)
Description:	OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, JГјri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix GrГ¶bert and Ivan FratriД‡ of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0679-00 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	4
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	openssl
Definition Synopsis:
RHEL 7 The operating system installed on the system is Red Hat Enterprise Linux 7 AND Packages section openssl-static is earlier than 1:1.0.1e-34.el7_0.3 AND openssl-devel is earlier than 1:1.0.1e-34.el7_0.3 AND openssl-perl is earlier than 1:1.0.1e-34.el7_0.3 AND openssl is earlier than 1:1.0.1e-34.el7_0.3 AND openssl-libs is earlier than 1:1.0.1e-34.el7_0.3 OR CentOS 7 The operating system installed on the system is CentOS Linux 7.x AND openssl is earlier than 1:1.0.1e-34.el7_0.3

Definition Id: oval:org.mitre.oval:def:25039

Oval ID:	oval:org.mitre.oval:def:25039
Title:	Vulnerability in OpenSSL 0.9.8 - 0.9.8za, 1.0.0 - 1.0.0m and 1.0.1 - 1.0.1h, allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information
Description:	The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-3470	Version:	5
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check vulnerable versions of OpenSSL Check if the version of OpenSSL 0.9.8 before 0.9.8za AND Check if the version of OpenSSL 1.0.0 before 1.0.0m AND Check if the version of OpenSSL 1.0.1 before 1.0.1h AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check vulnerable versions of OpenSSL (32_bit) Check if the version of OpenSSL 0.9.8 before 0.9.8za (32_bit) AND Check if the version of OpenSSL 1.0.0 before 1.0.0m (32_bit) AND Check if the version of OpenSSL 1.0.1 before 1.0.1h (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8za AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8za (32_bit) AND Check if the version of ssleay32.dll 0.9.8 before 0.9.8za under System Root AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0m ProgramFilesDir AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0m ProgramFilesDir x86 AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0m under Sytem32 and SysWOW64 AND Check if the version of ssleay32.dll 1.0.1 before 1.0.1h ProgramFilesDir AND Check if the version of ssleay32.dll 1.0.1 before 1.0.1h ProgramFilesDir x86 AND Check if the version of ssleay32.dll 1.0.1 before 1.0.1h under Sytem32 and SysWOW64

Definition Id: oval:org.mitre.oval:def:25082

Oval ID:	oval:org.mitre.oval:def:25082
Title:	USN-2232-2 -- openssl regression
Description:	USN-2232-1 introduced a regression in OpenSSL.
Family:	unix	Class:	patch
Reference(s):	USN-2232-2 CVE-2014-0224 CVE-2014-0195 CVE-2014-0221 CVE-2014-3470	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04	Product(s):	openssl
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1f-1ubuntu2.3 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1e-3ubuntu1.5 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND libssl1.0.0 DPKG is earlier than 0:1.0.1-4ubuntu5.15

Definition Id: oval:org.mitre.oval:def:25085

Oval ID:	oval:org.mitre.oval:def:25085
Title:	Remote Code Execution or Unauthorized Accesss
Description:	The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-3470	Version:	8
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX03046 HP-UX B.11.11 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.08za.001 AND openssl.OPENSSL-CONF version is less than A.00.09.08za.001 AND openssl.OPENSSL-DOC version is less than A.00.09.08za.001 AND openssl.OPENSSL-INC version is less than A.00.09.08za.001 AND openssl.OPENSSL-LIB version is less than A.00.09.08za.001 AND openssl.OPENSSL-MAN version is less than A.00.09.08za.001 AND openssl.OPENSSL-MIS version is less than A.00.09.08za.001 AND openssl.OPENSSL-PRNG version is less than A.00.09.08za.001 AND openssl.OPENSSL-PVT version is less than A.00.09.08za.001 AND openssl.OPENSSL-RUN version is less than A.00.09.08za.001 AND openssl.OPENSSL-SRC version is less than A.00.09.08za.001 OR Criteria meets HP Security Bulletin HPSBUX03046 HP-UX B.11.23 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.08za.002 AND openssl.OPENSSL-CONF version is less than A.00.09.08za.002 AND openssl.OPENSSL-DOC version is less than A.00.09.08za.002 AND openssl.OPENSSL-INC version is less than A.00.09.08za.002 AND openssl.OPENSSL-LIB version is less than A.00.09.08za.002 AND openssl.OPENSSL-MAN version is less than A.00.09.08za.002 AND openssl.OPENSSL-MIS version is less than A.00.09.08za.002 AND openssl.OPENSSL-PRNG version is less than A.00.09.08za.002 AND openssl.OPENSSL-PVT version is less than A.00.09.08za.002 AND openssl.OPENSSL-RUN version is less than A.00.09.08za.002 AND openssl.OPENSSL-SRC version is less than A.00.09.08za.002 OR Criteria meets HP Security Bulletin HPSBUX03046 HP-UX B.11.31 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.08za.003 AND openssl.OPENSSL-CONF version is less than A.00.09.08za.003 AND openssl.OPENSSL-DOC version is less than A.00.09.08za.003 AND openssl.OPENSSL-INC version is less than A.00.09.08za.003 AND openssl.OPENSSL-LIB version is less than A.00.09.08za.003 AND openssl.OPENSSL-MAN version is less than A.00.09.08za.003 AND openssl.OPENSSL-MIS version is less than A.00.09.08za.003 AND openssl.OPENSSL-PRNG version is less than A.00.09.08za.003 AND openssl.OPENSSL-PVT version is less than A.00.09.08za.003 AND openssl.OPENSSL-RUN version is less than A.00.09.08za.003 AND openssl.OPENSSL-SRC version is less than A.00.09.08za.003

Definition Id: oval:org.mitre.oval:def:25171

Oval ID:	oval:org.mitre.oval:def:25171
Title:	ELSA-2014:0625: openssl security update (Important)
Description:	OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Juri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Grobert and Ivan Fratric of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0625-00 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	openssl
Definition Synopsis:
Oracle Linux 6.x rpm test openssl-devel is earlier than 0:1.0.1e-16.el6_5.14 AND openssl-static is earlier than 0:1.0.1e-16.el6_5.14 AND openssl-perl is earlier than 0:1.0.1e-16.el6_5.14 AND openssl is earlier than 0:1.0.1e-16.el6_5.14

Definition Id: oval:org.mitre.oval:def:25291

Oval ID:	oval:org.mitre.oval:def:25291
Title:	SUSE-SU-2014:0759-1 -- Security update for OpenSSL
Description:	OpenSSL was updated to fix several vulnerabilities: * SSL/TLS MITM vulnerability. (CVE-2014-0224) * DTLS recursion flaw. (CVE-2014-0221) * Anonymous ECDH denial of service. (CVE-2014-3470)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0759-1 CVE-2014-0224 CVE-2014-0221 CVE-2014-3470	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	OpenSSL
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section libopenssl0_9_8 RPM is earlier than 0:0.9.8j-0.58.1 AND openssl RPM is earlier than 0:0.9.8j-0.58.1 AND libopenssl0_9_8-32bit RPM is earlier than 0:0.9.8j-0.58.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section libopenssl0_9_8-hmac RPM is earlier than 0:0.9.8j-0.58.1 AND openssl-doc RPM is earlier than 0:0.9.8j-0.58.1 AND libopenssl0_9_8-hmac-32bit RPM is earlier than 0:0.9.8j-0.58.1

Definition Id: oval:org.mitre.oval:def:25318

Oval ID:	oval:org.mitre.oval:def:25318
Title:	SUSE-SU-2014:0759-2 -- Security update for OpenSSL
Description:	OpenSSL was updated to fix the following security vulnerabilities: * SSL/TLS MITM vulnerability. (CVE-2014-0224) * DTLS recursion flaw. (CVE-2014-0221) * Anonymous ECDH denial of service. (CVE-2014-3470)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0759-2 CVE-2014-0224 CVE-2014-0221 CVE-2014-3470	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	OpenSSL
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section openssl RPM is earlier than 0:0.9.8a-18.82.4 AND openssl-devel RPM is earlier than 0:0.9.8a-18.82.4 AND openssl-doc RPM is earlier than 0:0.9.8a-18.82.4 AND openssl-32bit RPM is earlier than 0:0.9.8a-18.82.4 AND openssl-devel-32bit RPM is earlier than 0:0.9.8a-18.82.4 AND openssl RPM is earlier than 0:0.9.8a-18.45.77.1 AND openssl-devel RPM is earlier than 0:0.9.8a-18.45.77.1 AND openssl-doc RPM is earlier than 0:0.9.8a-18.45.77.1 AND openssl-32bit RPM is earlier than 0:0.9.8a-18.45.77.1 AND openssl-devel-32bit RPM is earlier than 0:0.9.8a-18.45.77.1

Definition Id: oval:org.mitre.oval:def:25803

Oval ID:	oval:org.mitre.oval:def:25803
Title:	USN-2232-4 -- openssl vulnerabilities
Description:	USN-2232-1 introduced a regression in OpenSSL.
Family:	unix	Class:	patch
Reference(s):	USN-2232-4 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	3
Platform(s):	Ubuntu 10.04	Product(s):	openssl
Definition Synopsis:
Ubuntu 10.04 is installed AND libssl0.9.8 DPKG is earlier than 0:0.9.8k-7ubuntu8.21

Definition Id: oval:org.mitre.oval:def:27123

Oval ID:	oval:org.mitre.oval:def:27123
Title:	ELSA-2014-0679 -- openssl security update (important)
Description:	[1.0.1e-34.3] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0679 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	5
Platform(s):	Oracle Linux 7	Product(s):	openssl
Definition Synopsis:
Oracle Linux 7.x Packages match section openssl is earlier than 1:1.0.1e-34.el7_0.3 AND openssl-devel is earlier than 1:1.0.1e-34.el7_0.3 AND openssl-libs is earlier than 1:1.0.1e-34.el7_0.3 AND openssl-perl is earlier than 1:1.0.1e-34.el7_0.3 AND openssl-static is earlier than 1:1.0.1e-34.el7_0.3

Definition Id: oval:org.mitre.oval:def:27151

Oval ID:	oval:org.mitre.oval:def:27151
Title:	DEPRECATED: ELSA-2014-0625 -- openssl security update (important)
Description:	[1.0.1e-16.14] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0625 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	openssl
Definition Synopsis:
Oracle Linux 6.x Packages match section openssl is earlier than 0:1.0.1e-16.el6_5.14 AND openssl-devel is earlier than 0:1.0.1e-16.el6_5.14 AND openssl-perl is earlier than 0:1.0.1e-16.el6_5.14 AND openssl-static is earlier than 0:1.0.1e-16.el6_5.14

Definition Id: oval:org.mitre.oval:def:29338

Oval ID:	oval:org.mitre.oval:def:29338
Title:	DSA-2950-2 -- openssl -- security update
Description:	Multiple vulnerabilities have been discovered in OpenSSL.
Family:	unix	Class:	patch
Reference(s):	DSA-2950-2 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	openssl
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND openssl is earlier than 0:1.0.1e-2+deb7u10

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mariadb cpe:2.3:a:mariadb:mariadb:10.0.9:::::::* cpe:2.3:a:mariadb:mariadb:10.0.8:::::::* cpe:2.3:a:mariadb:mariadb:10.0.7:::::::* cpe:2.3:a:mariadb:mariadb:10.0.6:::::::* cpe:2.3:a:mariadb:mariadb:10.0.5:::::::* cpe:2.3:a:mariadb:mariadb:10.0.4:::::::* cpe:2.3:a:mariadb:mariadb:10.0.3:::::::* cpe:2.3:a:mariadb:mariadb:10.0.2:::::::* cpe:2.3:a:mariadb:mariadb:10.0.12:::::::* cpe:2.3:a:mariadb:mariadb:10.0.11:::::::* cpe:2.3:a:mariadb:mariadb:10.0.10:::::::* cpe:2.3:a:mariadb:mariadb:10.0.1:::::::* cpe:2.3:a:mariadb:mariadb:10.0.0:::::::* cpe:2.3:a:mariadb:mariadb:5.5.61:::::::* cpe:2.3:a:mariadb:mariadb:5.5.60:::::::* cpe:2.3:a:mariadb:mariadb:5.5.59:::::::* cpe:2.3:a:mariadb:mariadb:5.5.58:::::::* cpe:2.3:a:mariadb:mariadb:5.5.57:::::::* cpe:2.3:a:mariadb:mariadb:5.5.56:::::::* cpe:2.3:a:mariadb:mariadb:5.5.55:::::::* cpe:2.3:a:mariadb:mariadb:5.5.54:::::::* cpe:2.3:a:mariadb:mariadb:5.5.51:::::::* cpe:2.3:a:mariadb:mariadb:5.5.50:::::::* cpe:2.3:a:mariadb:mariadb:5.5.49:::::::* cpe:2.3:a:mariadb:mariadb:5.5.48:::::::* cpe:2.3:a:mariadb:mariadb:5.5.47:::::::* cpe:2.3:a:mariadb:mariadb:5.5.46:::::::* cpe:2.3:a:mariadb:mariadb:5.5.43:::::::* cpe:2.3:a:mariadb:mariadb:5.5.40:::::::* cpe:2.3:a:mariadb:mariadb:5.5.35:::::::* cpe:2.3:a:mariadb:mariadb:5.5.34:::::::* cpe:2.3:a:mariadb:mariadb:5.5.33:::::::* cpe:2.3:a:mariadb:mariadb:5.5.33:a:::::: cpe:2.3:a:mariadb:mariadb:5.5.29:::::::* cpe:2.3:a:mariadb:mariadb:5.5.28a:::::::* cpe:2.3:a:mariadb:mariadb:5.5.28:::::::* cpe:2.3:a:mariadb:mariadb:5.5.27:::::::* cpe:2.3:a:mariadb:mariadb:5.5.25:::::::* cpe:2.3:a:mariadb:mariadb:5.5.24:::::::* cpe:2.3:a:mariadb:mariadb:5.5.23:::::::* cpe:2.3:a:mariadb:mariadb:5.5.22:::::::* cpe:2.3:a:mariadb:mariadb:5.5.21:::::::* cpe:2.3:a:mariadb:mariadb:5.5.20:::::::* cpe:2.3:a:mariadb:mariadb:5.3.9:::::::* cpe:2.3:a:mariadb:mariadb:5.3.8:::::::* cpe:2.3:a:mariadb:mariadb:5.3.7:::::::* cpe:2.3:a:mariadb:mariadb:5.3.6:::::::* cpe:2.3:a:mariadb:mariadb:5.3.5:::::::* cpe:2.3:a:mariadb:mariadb:5.3.4:::::::* cpe:2.3:a:mariadb:mariadb:5.3.3:::::::* cpe:2.3:a:mariadb:mariadb:5.3.2:::::::* cpe:2.3:a:mariadb:mariadb:5.3.12:::::::* cpe:2.3:a:mariadb:mariadb:5.3.11:::::::* cpe:2.3:a:mariadb:mariadb:5.3.10:::::::* cpe:2.3:a:mariadb:mariadb:5.3.1:::::::* cpe:2.3:a:mariadb:mariadb:5.3.0:::::::* cpe:2.3:a:mariadb:mariadb:5.2.9:::::::* cpe:2.3:a:mariadb:mariadb:5.2.8:::::::* cpe:2.3:a:mariadb:mariadb:5.2.7:::::::* cpe:2.3:a:mariadb:mariadb:5.2.6:::::::* cpe:2.3:a:mariadb:mariadb:5.2.5:::::::* cpe:2.3:a:mariadb:mariadb:5.2.4:::::::* cpe:2.3:a:mariadb:mariadb:5.2.3:::::::* cpe:2.3:a:mariadb:mariadb:5.2.2:::::::* cpe:2.3:a:mariadb:mariadb:5.2.14:::::::* cpe:2.3:a:mariadb:mariadb:5.2.13:::::::* cpe:2.3:a:mariadb:mariadb:5.2.12:::::::* cpe:2.3:a:mariadb:mariadb:5.2.11:::::::* cpe:2.3:a:mariadb:mariadb:5.2.10:::::::* cpe:2.3:a:mariadb:mariadb:5.2.1:::::::* cpe:2.3:a:mariadb:mariadb:5.2.0:::::::* cpe:2.3:a:mariadb:mariadb:5.1.67:::::::* cpe:2.3:a:mariadb:mariadb:5.1.66:::::::* cpe:2.3:a:mariadb:mariadb:5.1.62:::::::* cpe:2.3:a:mariadb:mariadb:5.1.61:::::::* cpe:2.3:a:mariadb:mariadb:5.1.60:::::::* cpe:2.3:a:mariadb:mariadb:5.1.55:::::::* cpe:2.3:a:mariadb:mariadb:5.1.53:::::::* cpe:2.3:a:mariadb:mariadb:5.1.51:::::::* cpe:2.3:a:mariadb:mariadb:5.1.50:::::::* cpe:2.3:a:mariadb:mariadb:5.1.49:::::::* cpe:2.3:a:mariadb:mariadb:5.1.47:::::::* cpe:2.3:a:mariadb:mariadb:5.1.44:::::::* cpe:2.3:a:mariadb:mariadb:5.1.42:::::::* cpe:2.3:a:mariadb:mariadb:5.1.41:::::::* cpe:2.3:a:mariadb:mariadb:2.13.0:::::node.js:: cpe:2.3:a:mariadb:mariadb:::::::: cpe:2.3:a:mariadb:mariadb::r1::::::* cpe:2.3:a:mariadb:mariadb::::::node.js::*	89
Application	Openssl cpe:2.3:a:openssl:openssl:1.0.0s:::::::* cpe:2.3:a:openssl:openssl:1.0.0r:::::::* cpe:2.3:a:openssl:openssl:1.0.0q:::::::* cpe:2.3:a:openssl:openssl:1.0.0p:::::::* cpe:2.3:a:openssl:openssl:1.0.0o:::::::* cpe:2.3:a:openssl:openssl:1.0.0n:::::::* cpe:2.3:a:openssl:openssl:1.0.0m:::::::* cpe:2.3:a:openssl:openssl:1.0.0l:::::::* cpe:2.3:a:openssl:openssl:1.0.0k:::::::* cpe:2.3:a:openssl:openssl:1.0.0j:::::::* cpe:2.3:a:openssl:openssl:1.0.0i:::::::* cpe:2.3:a:openssl:openssl:1.0.0h:::::::* cpe:2.3:a:openssl:openssl:1.0.0g:::::::* cpe:2.3:a:openssl:openssl:1.0.0f:::::::* cpe:2.3:a:openssl:openssl:1.0.0e:::::::* cpe:2.3:a:openssl:openssl:1.0.0d:::::::* cpe:2.3:a:openssl:openssl:1.0.0c:::::::* cpe:2.3:a:openssl:openssl:1.0.0b:::::::* cpe:2.3:a:openssl:openssl:1.0.0a:::::::* cpe:2.3:a:openssl:openssl:1.0.0:beta3:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta2:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta5:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta4:::::: cpe:2.3:a:openssl:openssl:1.0.0:beta1:::::: cpe:2.3:a:openssl:openssl:1.0.0:-:::::: cpe:2.3:a:openssl:openssl:1.0::openvms::::: cpe:2.3:a:openssl:openssl:0.9.8zg:::::::* cpe:2.3:a:openssl:openssl:0.9.8zf:::::::* cpe:2.3:a:openssl:openssl:0.9.8ze:::::::* cpe:2.3:a:openssl:openssl:0.9.8zc:::::::* cpe:2.3:a:openssl:openssl:0.9.8zb:::::::* cpe:2.3:a:openssl:openssl:0.9.8za:::::::* cpe:2.3:a:openssl:openssl:0.9.8z:::::::* cpe:2.3:a:openssl:openssl:0.9.8y:::::::* cpe:2.3:a:openssl:openssl:0.9.8x:::::::* cpe:2.3:a:openssl:openssl:0.9.8w:::::::* cpe:2.3:a:openssl:openssl:0.9.8v:::::::* cpe:2.3:a:openssl:openssl:0.9.8u:::::::* cpe:2.3:a:openssl:openssl:0.9.8t:::::::* cpe:2.3:a:openssl:openssl:0.9.8s:::::::* cpe:2.3:a:openssl:openssl:0.9.8r:::::::* cpe:2.3:a:openssl:openssl:0.9.8q:::::::* cpe:2.3:a:openssl:openssl:0.9.8p:::::::* cpe:2.3:a:openssl:openssl:0.9.8o:::::::* cpe:2.3:a:openssl:openssl:0.9.8n:::::::* cpe:2.3:a:openssl:openssl:0.9.8m:-:::::: cpe:2.3:a:openssl:openssl:0.9.8m:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.8l:::::::* cpe:2.3:a:openssl:openssl:0.9.8k:::::::* cpe:2.3:a:openssl:openssl:0.9.8j:::::::* cpe:2.3:a:openssl:openssl:0.9.8i:::::::* cpe:2.3:a:openssl:openssl:0.9.8h:::::::* cpe:2.3:a:openssl:openssl:0.9.8g-9:::::::* cpe:2.3:a:openssl:openssl:0.9.8g:::::::* cpe:2.3:a:openssl:openssl:0.9.8g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8f:::::::* cpe:2.3:a:openssl:openssl:0.9.8f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8f::::::x86: cpe:2.3:a:openssl:openssl:0.9.8e:::::::* cpe:2.3:a:openssl:openssl:0.9.8e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8e::::::x86: cpe:2.3:a:openssl:openssl:0.9.8d:::::::* cpe:2.3:a:openssl:openssl:0.9.8d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8d::::::x86: cpe:2.3:a:openssl:openssl:0.9.8c-1:::::::* cpe:2.3:a:openssl:openssl:0.9.8c:::::::* cpe:2.3:a:openssl:openssl:0.9.8c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8c::::::x86: cpe:2.3:a:openssl:openssl:0.9.8b:::::::* cpe:2.3:a:openssl:openssl:0.9.8b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8b::::::x86: cpe:2.3:a:openssl:openssl:0.9.8a:::::::* cpe:2.3:a:openssl:openssl:0.9.8a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8a::::::x86: cpe:2.3:a:openssl:openssl:0.9.8:-:::::: cpe:2.3:a:openssl:openssl:0.9.8::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.8::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.8:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta4:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta5:::::: cpe:2.3:a:openssl:openssl:0.9.8:beta6:::::: cpe:2.3:a:openssl:openssl:0.9.8::::::x86: cpe:2.3:a:openssl:openssl:0.9.7m:::::::* cpe:2.3:a:openssl:openssl:0.9.7m::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7m::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7m::::::x86: cpe:2.3:a:openssl:openssl:0.9.7l:::::::* cpe:2.3:a:openssl:openssl:0.9.7l::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7l::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7l::::::x86: cpe:2.3:a:openssl:openssl:0.9.7k:::::::* cpe:2.3:a:openssl:openssl:0.9.7k::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7k::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7k::::::x86: cpe:2.3:a:openssl:openssl:0.9.7j:::::::* cpe:2.3:a:openssl:openssl:0.9.7j::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7j::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7j::::::x86: cpe:2.3:a:openssl:openssl:0.9.7i:::::::* cpe:2.3:a:openssl:openssl:0.9.7i::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7i::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7i::::::x86: cpe:2.3:a:openssl:openssl:0.9.7h:::::::* cpe:2.3:a:openssl:openssl:0.9.7h::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7h::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7h::::::x86: cpe:2.3:a:openssl:openssl:0.9.7g:::::::* cpe:2.3:a:openssl:openssl:0.9.7g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7g::::::x86: cpe:2.3:a:openssl:openssl:0.9.7f:::::::* cpe:2.3:a:openssl:openssl:0.9.7f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7f::::::x86: cpe:2.3:a:openssl:openssl:0.9.7e:::::::* cpe:2.3:a:openssl:openssl:0.9.7e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7e::::::x86: cpe:2.3:a:openssl:openssl:0.9.7d:::::::* cpe:2.3:a:openssl:openssl:0.9.7d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7d::::::x86: cpe:2.3:a:openssl:openssl:0.9.7c:::::::* cpe:2.3:a:openssl:openssl:0.9.7c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7c::::::x86: cpe:2.3:a:openssl:openssl:0.9.7b:::::::* cpe:2.3:a:openssl:openssl:0.9.7b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7b::::::x86: cpe:2.3:a:openssl:openssl:0.9.7a:::::::* cpe:2.3:a:openssl:openssl:0.9.7a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7a::::::x86: cpe:2.3:a:openssl:openssl:0.9.7:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.7:-:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta5:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta6:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta4:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.7:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta4:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta5:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.7:beta6:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta5:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta4:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta6:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.7::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.7::::::x86: cpe:2.3:a:openssl:openssl:0.9.7:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta4:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta5:::::x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta6:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6m:::::::* cpe:2.3:a:openssl:openssl:0.9.6m::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6m::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6m::::::x86: cpe:2.3:a:openssl:openssl:0.9.6l:::::::* cpe:2.3:a:openssl:openssl:0.9.6l::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6l::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6l::::::x86: cpe:2.3:a:openssl:openssl:0.9.6k:::::::* cpe:2.3:a:openssl:openssl:0.9.6k::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6k::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6k::::::x86: cpe:2.3:a:openssl:openssl:0.9.6j:::::::* cpe:2.3:a:openssl:openssl:0.9.6j::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6j::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6j::::::x86: cpe:2.3:a:openssl:openssl:0.9.6i:::::::* cpe:2.3:a:openssl:openssl:0.9.6i::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6i::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6i::::::x86: cpe:2.3:a:openssl:openssl:0.9.6h:::::::* cpe:2.3:a:openssl:openssl:0.9.6h:bogus:::::: cpe:2.3:a:openssl:openssl:0.9.6h::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6h::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6h::::::x86: cpe:2.3:a:openssl:openssl:0.9.6g:::::::* cpe:2.3:a:openssl:openssl:0.9.6g::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6g::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6g::::::x86: cpe:2.3:a:openssl:openssl:0.9.6f:::::::* cpe:2.3:a:openssl:openssl:0.9.6f::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6f::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6f::::::x86: cpe:2.3:a:openssl:openssl:0.9.6e:::::::* cpe:2.3:a:openssl:openssl:0.9.6e::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6e::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6e::::::x86: cpe:2.3:a:openssl:openssl:0.9.6d:-:::::: cpe:2.3:a:openssl:openssl:0.9.6d::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6d::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6d::::::x86: cpe:2.3:a:openssl:openssl:0.9.6c:::::::* cpe:2.3:a:openssl:openssl:0.9.6c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6c::::::x86: cpe:2.3:a:openssl:openssl:0.9.6b:::::::* cpe:2.3:a:openssl:openssl:0.9.6b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6b::::::x86: cpe:2.3:a:openssl:openssl:0.9.6a:-:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6a:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6a::::::x86: cpe:2.3:a:openssl:openssl:0.9.6a:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.6:-:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta3:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.6:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.6:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta3:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta3:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.6::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.6::::::x86: cpe:2.3:a:openssl:openssl:0.9.6:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta3:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.5a:-:::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5a::::::x86: cpe:2.3:a:openssl:openssl:0.9.5a:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta1:::::: cpe:2.3:a:openssl:openssl:0.9.5:-:::::: cpe:2.3:a:openssl:openssl:0.9.5:beta2:::::: cpe:2.3:a:openssl:openssl:0.9.5:beta2:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5:beta1:%7E%7E%7E%7Ex86%7E:::::* cpe:2.3:a:openssl:openssl:0.9.5::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.5:beta1:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5:beta2:~~~~x86~:::::* cpe:2.3:a:openssl:openssl:0.9.5::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.5::::::x86: cpe:2.3:a:openssl:openssl:0.9.5:beta1:::::x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta2:::::x86:* cpe:2.3:a:openssl:openssl:0.9.4:::::::* cpe:2.3:a:openssl:openssl:0.9.4::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.4::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.4::::::x86: cpe:2.3:a:openssl:openssl:0.9.3a:::::::* cpe:2.3:a:openssl:openssl:0.9.3a::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.3a::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.3a::::::x86: cpe:2.3:a:openssl:openssl:0.9.3:-:::::: cpe:2.3:a:openssl:openssl:0.9.3::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.3::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.3::::::x86: cpe:2.3:a:openssl:openssl:0.9.2b:::::::* cpe:2.3:a:openssl:openssl:0.9.2b::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.2b::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.2b::::::x86: cpe:2.3:a:openssl:openssl:0.9.1c:::::::* cpe:2.3:a:openssl:openssl:0.9.1c::%7E%7E%7E%7Ex86%7E::::: cpe:2.3:a:openssl:openssl:0.9.1c::~~~~x86~::::: cpe:2.3:a:openssl:openssl:0.9.1c::::::x86: cpe:2.3:a:openssl:openssl:0.9.1b:::::::* cpe:2.3:a:openssl:openssl:0.9.0b:::::::* cpe:2.3:a:openssl:openssl:::::::: cpe:2.3:a:openssl:openssl:::openvms:::::* cpe:2.3:a:openssl:openssl:-:::::::*	301
Application	Redhat Storage cpe:2.3:a:redhat:storage:2.1:::::::*	1
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:20:::::::* cpe:2.3:o:fedoraproject:fedora:19:::::::* cpe:2.3:o:fedoraproject:fedora::::::::	3
Os	Opensuse Leap cpe:2.3:o:opensuse:leap:42.1:::::::*	1
Os	Opensuse cpe:2.3:o:opensuse:opensuse:13.2:::::::*	1
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux:5:::::::*	2
Os	Suse Linux Enterprise Desktop cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::	1
Os	Suse Linux Enterprise Server cpe:2.3:o:suse:linux_enterprise_server:12:-::::::	1
Os	Suse Linux Enterprise Software Development Kit cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-::::::	1
Os	Suse Linux Enterprise Workstation Extension cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-::::::	1

Information Assurance Vulnerability Management (IAVM)

Date	Description
2015-05-21	IAVM : 2015-A-0113 - Multiple Vulnerabilities in Juniper Networks CTPOS Severity : Category I - VMSKEY : V0060737
2014-12-11	IAVM : 2014-B-0161 - Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0057717
2014-12-11	IAVM : 2014-A-0191 - VMware vCenter Server 5.0 Certificate Validation Vulnerability Severity : Category I - VMSKEY : V0057699
2014-12-11	IAVM : 2014-B-0159 - VMware vCenter Server Appliance 5.1 Cross-site Scripting Vulnerability Severity : Category II - VMSKEY : V0057687
2014-12-11	IAVM : 2014-B-0162 - VMware vCenter Server 5.1 Certificate Validation Vulnerability Severity : Category I - VMSKEY : V0057685
2014-07-31	IAVM : 2014-B-0103 - Multiple Vulnerabilities in VMware Horizon View Client Severity : Category I - VMSKEY : V0053509
2014-07-31	IAVM : 2014-B-0102 - Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity : Category I - VMSKEY : V0053507
2014-07-31	IAVM : 2014-B-0101 - Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity : Category I - VMSKEY : V0053505
2014-07-31	IAVM : 2014-A-0115 - Multiple Vulnerabilities in VMware Horizon View Severity : Category I - VMSKEY : V0053501
2014-07-24	IAVM : 2014-B-0097 - Multiple Vulnerabilities in VMware ESXi 5.0 Severity : Category I - VMSKEY : V0053319
2014-07-17	IAVM : 2014-A-0109 - Multiple Vulnerabilities in VMware Fusion Severity : Category I - VMSKEY : V0053183
2014-07-17	IAVM : 2014-A-0099 - Multiple Vulnerabilities in McAfee Email Gateway Severity : Category I - VMSKEY : V0053203
2014-07-17	IAVM : 2014-A-0100 - Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity : Category I - VMSKEY : V0053201
2014-07-17	IAVM : 2014-A-0110 - Multiple Vulnerabilities in VMware Player Severity : Category I - VMSKEY : V0053181
2014-07-17	IAVM : 2014-A-0111 - Multiple Vulnerabilities in VMware Workstation Severity : Category I - VMSKEY : V0053179
2014-07-17	IAVM : 2014-B-0095 - Multiple Vulnerabilities in Splunk Severity : Category I - VMSKEY : V0053177
2014-07-03	IAVM : 2014-B-0088 - Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0052911
2014-07-03	IAVM : 2014-B-0089 - Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0052909
2014-07-03	IAVM : 2014-B-0091 - Multiple Vulnerabilities in VMware vCenter Update Manager 5.5 Severity : Category I - VMSKEY : V0052907
2014-07-03	IAVM : 2014-B-0085 - Multiple Vulnerabilities in HP System Management Homepage (SMH) Severity : Category I - VMSKEY : V0052899
2014-07-03	IAVM : 2014-B-0092 - Multiple Vulnerabilities in VMware vSphere Client 5.5 Severity : Category I - VMSKEY : V0052893
2014-06-19	IAVM : 2014-B-0079 - Multiple Vulnerabilities in IBM AIX Severity : Category I - VMSKEY : V0052641
2014-06-19	IAVM : 2014-A-0087 - Multiple Vulnerabilities in McAfee ePolicy Orchestrator Severity : Category I - VMSKEY : V0052637
2014-06-19	IAVM : 2014-B-0080 - Multiple Vulnerabilities in Stunnel Severity : Category I - VMSKEY : V0052627
2014-06-19	IAVM : 2014-B-0077 - Multiple Vulnerabilities in McAfee Web Gateway Severity : Category I - VMSKEY : V0052625
2014-06-12	IAVM : 2014-A-0083 - Multiple Vulnerabilities in OpenSSL Severity : Category I - VMSKEY : V0052495

Snort® IPS/IDS

Date	Description
2020-02-25	OpenSSL anonymous ECDH denial of service attempt RuleID : 52626 - Revision : 1 - Type : SERVER-OTHER
2020-02-25	OpenSSL anonymous ECDH denial of service attempt RuleID : 52625 - Revision : 1 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2016-03-04	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO
2016-02-26	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-ios.nasl - Type : ACT_GATHER_INFO
2016-02-26	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-iosxe.nasl - Type : ACT_GATHER_INFO
2016-02-26	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-iosxr.nasl - Type : ACT_GATHER_INFO
2016-02-26	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20140605-openssl-nxos.nasl - Type : ACT_GATHER_INFO
2015-12-30	Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0006_remote.nasl - Type : ACT_GATHER_INFO
2015-12-30	Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0012_remote.nasl - Type : ACT_GATHER_INFO
2015-11-03	Name : The remote multi-function device is affected by multiple vulnerabilities. File : xerox_xrx15ao_colorqube.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0743-1.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-062.nasl - Type : ACT_GATHER_INFO
2015-03-05	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_43.nasl - Type : ACT_GATHER_INFO
2015-01-22	Name : The remote host has an application installed that is affected by multiple vul... File : oracle_virtualbox_jan_2015_cpu.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20140623.nasl - Type : ACT_GATHER_INFO
2015-01-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-17576.nasl - Type : ACT_GATHER_INFO
2015-01-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-17587.nasl - Type : ACT_GATHER_INFO
2014-12-12	Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_2323236_remote.nasl - Type : ACT_GATHER_INFO
2014-12-12	Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_vcenter_server_appliance_vmsa-2014-0012.nasl - Type : ACT_GATHER_INFO
2014-12-12	Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2014-0012.nasl - Type : ACT_GATHER_INFO
2014-12-12	Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2014-0012.nasl - Type : ACT_GATHER_INFO
2014-12-06	Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0012.nasl - Type : ACT_GATHER_INFO
2014-12-05	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-141202.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0012.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0032.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0628.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0629.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-349.nasl - Type : ACT_GATHER_INFO
2014-10-02	Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_vsphere_replication_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_9_5.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote host is missing a Mac OS X update that fixes multiple security iss... File : macosx_SecUpd2014-004.nasl - Type : ACT_GATHER_INFO
2014-09-11	Name : The remote host is affected by multiple vulnerabilities. File : emc_documentum_content_server_ESA-2014-079.nasl - Type : ACT_GATHER_INFO
2014-09-02	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_7_0_55.nasl - Type : ACT_GATHER_INFO
2014-09-02	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_8_0_11.nasl - Type : ACT_GATHER_INFO
2014-08-26	Name : The remote web server has an application installed that is affected by multip... File : pivotal_webserver_5_4_1.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote Mac OS X host has an application installed that is affected by mul... File : macosx_vmware_ovftool_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote Windows host has an application installed that is affected by mult... File : vmware_ovftool_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO
2014-08-19	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2232-4.nasl - Type : ACT_GATHER_INFO
2014-08-14	Name : The remote host is affected by a vulnerability that could allow sensitive dat... File : openssl_ccs_1_0_1.nasl - Type : ACT_ATTACK
2014-08-12	Name : The remote host contains software that is affected by multiple vulnerabilitie... File : hp_vca_SSRT101614-rhel.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote host contains software that is affected by multiple vulnerabilitie... File : hp_vca_SSRT101614-sles.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote host contains software that is affected by multiple vulnerabilitie... File : hp_vca_SSRT101614.nasl - Type : ACT_GATHER_INFO
2014-08-10	Name : The remote Fedora host is missing a security update. File : fedora_2014-9301.nasl - Type : ACT_GATHER_INFO
2014-08-10	Name : The remote Fedora host is missing a security update. File : fedora_2014-9308.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote host is missing a vendor-supplied security patch. File : fireeye_os_SB001.nasl - Type : ACT_GATHER_INFO
2014-08-06	Name : The remote Windows host contains software that is affected by multiple vulner... File : hp_systems_insight_manager_73_hotfix_34.nasl - Type : ACT_GATHER_INFO
2014-08-05	Name : The FTP server installed on the remote Windows host is affected by multiple O... File : cerberus_ftp_7_0_0_3.nasl - Type : ACT_GATHER_INFO
2014-08-05	Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10629.nasl - Type : ACT_GATHER_INFO
2014-08-04	Name : The remote host has a support tool installed that is affected by multiple vul... File : vmware_vcenter_support_assistant_2014-0006.nasl - Type : ACT_GATHER_INFO
2014-08-01	Name : The remote Mac OS X host has a virtual desktop solution that is affected by m... File : macosx_vmware_horizon_view_client_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO
2014-08-01	Name : The remote host has a virtual desktop solution that is affected by multiple v... File : vmware_horizon_view_client_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO
2014-07-31	Name : The remote Windows host has an application installed that is affected by mult... File : vmware_horizon_view_VMSA-2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-31	Name : The remote host has an application installed that is affected by multiple vul... File : vmware_vcenter_converter_2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0679.nasl - Type : ACT_GATHER_INFO
2014-07-28	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201407-05.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote host is running software that is affected by multiple vulnerabilit... File : hp_sum_6_4_1.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0679.nasl - Type : ACT_GATHER_INFO
2014-07-17	Name : The remote host is affected by multiple vulnerabilities related to the includ... File : mcafee_email_gateway_SB10075.nasl - Type : ACT_GATHER_INFO
2014-07-17	Name : The remote host is affected by multiple vulnerabilities. File : mcafee_vsel_SB10075.nasl - Type : ACT_GATHER_INFO
2014-07-16	Name : The remote web server contains an application that is affected by multiple Op... File : splunk_605.nasl - Type : ACT_GATHER_INFO
2014-07-15	Name : The remote host contains an application that is affected by an information di... File : libreoffice_423.nasl - Type : ACT_GATHER_INFO
2014-07-15	Name : The remote host contains an application that is affected by an information di... File : macosx_libreoffice_423.nasl - Type : ACT_GATHER_INFO
2014-07-14	Name : The remote host is affected by multiple vulnerabilities. File : cisco_anyconnect_3_1_5170.nasl - Type : ACT_GATHER_INFO
2014-07-14	Name : The remote host is affected by multiple vulnerabilities related to OpenSSL. File : fortinet_FG-IR-14-018.nasl - Type : ACT_GATHER_INFO
2014-07-14	Name : The remote host is affected by multiple vulnerabilities. File : macosx_cisco_anyconnect_3_1_5170.nasl - Type : ACT_GATHER_INFO
2014-07-14	Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_vcenter_server_appliance_2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : A VMware product installed on the remote host is affected by multiple vulnera... File : macosx_fusion_6_0_4.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote host contains software that is affected by multiple vulnerabilities. File : vmware_player_linux_6_0_3.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote host contains software that is affected by multiple vulnerabilities. File : vmware_player_multiple_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote host has a virtualization application that is affected by multiple... File : vmware_workstation_linux_10_0_3.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote host has a virtualization application that is affected by multiple... File : vmware_workstation_multiple_vmsa_2014_0006.nasl - Type : ACT_GATHER_INFO
2014-07-09	Name : The remote Windows host has an application installed that is affected by mult... File : vmware_vcenter_chargeback_manager_2601.nasl - Type : ACT_GATHER_INFO
2014-07-07	Name : The remote Windows host has an application installed that is affected by mult... File : hp_version_control_repo_manager_hpsbmu03056.nasl - Type : ACT_GATHER_INFO
2014-07-04	Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_1918656_remote.nasl - Type : ACT_GATHER_INFO
2014-07-03	Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_vcenter_operations_manager_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-03	Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-03	Name : The remote host has a virtualization client application installed that is aff... File : vsphere_client_vmsa_2014-0006.nasl - Type : ACT_GATHER_INFO
2014-07-02	Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_3_3_1.nasl - Type : ACT_GATHER_INFO
2014-06-24	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2232-3.nasl - Type : ACT_GATHER_INFO
2014-06-24	Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_1900470_remote.nasl - Type : ACT_GATHER_INFO
2014-06-20	Name : The remote Windows host has an application that may be affected by multiple v... File : winscp_5_5_4.nasl - Type : ACT_GATHER_INFO
2014-06-19	Name : The remote host is affected by multiple vulnerabilities. File : mcafee_epo_sb10075.nasl - Type : ACT_GATHER_INFO
2014-06-19	Name : The remote host is affected by multiple vulnerabilities. File : mcafee_web_gateway_sb10075.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote host is affected by a man-in-the-middle vulnerability. File : cisco-CSCup22544-ace.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote host is affected by multiple vulnerabilities. File : cisco_asa_CSCup22532.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote host is affected by multiple vulnerabilities. File : cisco_jabber_client_CSCup23913.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote host is affected by multiple vulnerabilities. File : cisco_ons_CSCup24077.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote host is affected by multiple vulnerabilities. File : cisco_telepresence_mcu_CSCup23994.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote host is affected by multiple vulnerabilities. File : cisco_telepresence_supervisor_8050_mse_CSCup22635.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote device is missing a vendor-supplied security patch. File : junos_pulse_jsa10629.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote AIX host has a version of OpenSSL installed that is potentially af... File : aix_openssl_advisory9.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-410.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2232-2.nasl - Type : ACT_GATHER_INFO
2014-06-11	Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2014-0006.nasl - Type : ACT_GATHER_INFO
2014-06-11	Name : The remote VMware ESXi 5.5 host is affected by multiple vulnerabilities. File : vmware_esxi_5_5_build_1881737_remote.nasl - Type : ACT_GATHER_INFO
2014-06-10	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-106.nasl - Type : ACT_GATHER_INFO
2014-06-10	Name : The remote Windows host contains a program that is affected by multiple vulne... File : stunnel_5_02.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-156-03.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0625.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2950.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Fedora host is missing a security update. File : fedora_2014-7101.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Fedora host is missing a security update. File : fedora_2014-7102.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_5ac53801ec2e11e39cf33c970e169bc2.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote service is affected by multiple vulnerabilities. File : openssl_0_9_8za.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1h.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0625.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0625.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140605_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-140604.nasl - Type : ACT_GATHER_INFO
2014-06-06	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2232-1.nasl - Type : ACT_GATHER_INFO
2014-06-05	Name : The remote host is potentially affected by a vulnerability that could allow s... File : openssl_ccs.nasl - Type : ACT_ATTACK
2014-04-08	Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_0m.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 12:40:52	Multiple Updates
2024-08-02 12:28:20	Multiple Updates
2024-08-02 01:08:29	Multiple Updates
2024-02-02 01:27:32	Multiple Updates
2024-02-01 12:08:10	Multiple Updates
2023-11-07 21:45:28	Multiple Updates
2023-09-05 12:26:05	Multiple Updates
2023-09-05 01:08:04	Multiple Updates
2023-09-02 12:26:05	Multiple Updates
2023-09-02 01:08:10	Multiple Updates
2023-08-12 12:28:24	Multiple Updates
2023-08-12 01:07:41	Multiple Updates
2023-08-11 12:24:13	Multiple Updates
2023-08-11 01:07:52	Multiple Updates
2023-08-06 12:23:32	Multiple Updates
2023-08-06 01:07:39	Multiple Updates
2023-08-04 12:23:35	Multiple Updates
2023-08-04 01:07:43	Multiple Updates
2023-07-14 12:23:34	Multiple Updates
2023-07-14 01:07:42	Multiple Updates
2023-03-29 01:25:25	Multiple Updates
2023-03-28 12:08:03	Multiple Updates
2022-10-11 12:21:16	Multiple Updates
2022-10-11 01:07:51	Multiple Updates
2022-09-20 09:27:26	Multiple Updates
2022-09-17 02:15:36	Multiple Updates
2022-08-30 00:27:39	Multiple Updates
2021-05-04 12:32:50	Multiple Updates
2021-04-22 01:39:23	Multiple Updates
2020-05-23 01:52:08	Multiple Updates
2020-05-23 00:41:03	Multiple Updates
2019-04-22 21:19:10	Multiple Updates
2018-10-10 00:19:49	Multiple Updates
2018-08-10 12:04:24	Multiple Updates
2017-11-15 09:23:51	Multiple Updates
2017-10-20 09:22:59	Multiple Updates
2017-01-19 09:23:58	Multiple Updates
2017-01-11 13:25:28	Multiple Updates
2017-01-07 09:25:35	Multiple Updates
2017-01-03 09:22:52	Multiple Updates
2016-12-03 09:23:57	Multiple Updates
2016-10-12 09:24:05	Multiple Updates
2016-08-23 09:24:50	Multiple Updates
2016-07-08 21:24:16	Multiple Updates
2016-06-28 22:50:56	Multiple Updates
2016-06-17 09:28:17	Multiple Updates
2016-04-27 00:50:41	Multiple Updates
2016-03-05 13:26:42	Multiple Updates
2016-02-27 13:27:00	Multiple Updates
2015-12-31 13:26:07	Multiple Updates
2015-11-04 13:24:01	Multiple Updates
2015-10-18 17:22:34	Multiple Updates
2015-05-21 13:31:20	Multiple Updates
2015-04-22 00:26:01	Multiple Updates
2015-04-21 09:24:53	Multiple Updates
2015-04-15 09:27:55	Multiple Updates
2015-04-01 09:26:22	Multiple Updates
2015-03-31 13:28:28	Multiple Updates
2015-03-27 09:26:38	Multiple Updates
2015-03-06 13:25:45	Multiple Updates
2015-01-23 13:24:38	Multiple Updates
2015-01-22 17:23:06	Multiple Updates
2015-01-21 13:26:51	Multiple Updates
2015-01-03 13:25:53	Multiple Updates
2014-12-12 09:23:23	Multiple Updates
2014-12-06 13:27:00	Multiple Updates
2014-11-27 13:28:29	Multiple Updates
2014-11-08 13:31:45	Multiple Updates
2014-10-12 13:27:19	Multiple Updates
2014-10-03 13:27:18	Multiple Updates
2014-09-23 13:28:00	Multiple Updates
2014-09-19 13:27:35	Multiple Updates
2014-09-12 13:27:16	Multiple Updates
2014-09-04 13:25:40	Multiple Updates
2014-09-03 13:25:15	Multiple Updates
2014-08-27 13:24:34	Multiple Updates
2014-08-23 13:27:42	Multiple Updates
2014-08-20 13:25:57	Multiple Updates
2014-08-15 13:27:48	Multiple Updates
2014-08-13 13:24:52	Multiple Updates
2014-08-08 13:24:45	Multiple Updates
2014-08-07 13:25:13	Multiple Updates
2014-08-06 13:24:50	Multiple Updates
2014-08-05 13:25:54	Multiple Updates
2014-08-04 17:21:38	Multiple Updates
2014-08-02 13:24:23	Multiple Updates
2014-08-01 13:25:01	Multiple Updates
2014-07-31 13:25:21	Multiple Updates
2014-07-29 13:25:41	Multiple Updates
2014-07-26 00:20:35	Multiple Updates
2014-07-25 13:21:50	Multiple Updates
2014-07-24 09:24:16	Multiple Updates
2014-07-19 21:23:16	Multiple Updates
2014-07-18 13:24:31	Multiple Updates
2014-07-18 09:23:23	Multiple Updates
2014-07-17 13:24:35	Multiple Updates
2014-07-17 09:23:27	Multiple Updates
2014-07-16 13:25:04	Multiple Updates
2014-07-15 13:25:44	Multiple Updates
2014-07-12 00:21:49	Multiple Updates
2014-07-11 13:25:09	Multiple Updates
2014-07-10 13:25:09	Multiple Updates
2014-07-08 13:24:35	Multiple Updates
2014-07-05 13:24:55	Multiple Updates
2014-07-04 13:24:52	Multiple Updates
2014-07-03 13:24:52	Multiple Updates
2014-06-26 09:25:10	Multiple Updates
2014-06-25 13:26:09	Multiple Updates
2014-06-21 13:28:50	Multiple Updates
2014-06-21 09:26:16	Multiple Updates
2014-06-20 17:23:24	Multiple Updates
2014-06-20 13:24:48	Multiple Updates
2014-06-19 13:23:01	Multiple Updates
2014-06-16 05:23:17	Multiple Updates
2014-06-14 13:37:25	Multiple Updates
2014-06-13 09:22:29	Multiple Updates
2014-06-12 13:24:10	Multiple Updates
2014-06-11 13:24:40	Multiple Updates
2014-06-11 05:25:08	Multiple Updates
2014-06-07 13:23:22	Multiple Updates
2014-06-07 00:21:34	Multiple Updates
2014-06-06 05:19:52	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	15
CPE ID(s)	402
Sources(s)	151
IAVM(s)	26
Snort® Rule(s)	2
Nessus® Exploit(s)	111

	Related
10	VMSA-2014-0012
7.1	MDVSA-2015:062
6.8	VMSA-2014-0006
6.8	USN-2232-4
6.8	USN-2232-3
6.8	USN-2232-2
6.8	USN-2232-1
6.8	RHSA-2014:0679
6.8	RHSA-2014:0625
6.8	MDVSA-2014:106
6.8	HPSBUX03046 SSR...
6.8	GLSA-201407-05
6.8	DSA-2950
6.8	cisco-sa-201406...
5.8	MDVSA-2014:105
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 15 more Alert(s)

4.3 - CVE-2014-3470

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU