7.5 - HPSBUX03102 SSRT101681

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Execution of Arbitrary Code and Denial of Service (DoS) and Other Vulnerabilities

Informations
Name	HPSBUX03102 SSRT101681	First vendor Publication	2014-09-04
Vendor	HP	Last vendor Modification	2014-09-04
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified with the HP-UX Apache Web Server Suite, Tomcat Servlet Engine, and PHP. These vulnerabilities could be exploited remotely to execute arbitrary code, create a Denial of Service (DoS), or other vulnerabilities.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04223376

CWE : Common Weakness Enumeration

%	Id	Name
33 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
22 %	CWE-264	Permissions, Privileges, and Access Controls
22 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
11 %	CWE-59	Improper Link Resolution Before File Access ('Link Following')
11 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:23810

Oval ID:	oval:org.mitre.oval:def:23810
Title:	USN-2152-1 -- apache2 vulnerabilities
Description:	Apache HTTP server could be made to crash if it received specially crafted network traffic.
Family:	unix	Class:	patch
Reference(s):	USN-2152-1 CVE-2013-6438 CVE-2014-0098	Version:	5
Platform(s):	Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	apache2
Definition Synopsis:
Ubuntu 13.10 release section Ubuntu 13.10 is installed AND apache2.2-bin DPKG is earlier than 0:2.4.6-2ubuntu2.2 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed AND apache2.2-bin DPKG is earlier than 0:2.2.22-6ubuntu2.4 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND apache2.2-bin DPKG is earlier than 0:2.2.22-1ubuntu1.5 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND apache2.2-bin DPKG is earlier than 0:2.2.14-5ubuntu8.13

Definition Id: oval:org.mitre.oval:def:24046

Oval ID:	oval:org.mitre.oval:def:24046
Title:	DEPRECATED: ELSA-2014:0246: gnutls security update (Important)
Description:	The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0246-01 CVE-2014-0096	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	gnutls
Definition Synopsis:
Oracle Linux 6.x rpm test gnutls-guile is earlier than 0:2.8.5-13.el6_5 AND gnutls-utils is earlier than 0:2.8.5-13.el6_5 AND gnutls-devel is earlier than 0:2.8.5-13.el6_5 AND gnutls is earlier than 0:2.8.5-13.el6_5

Definition Id: oval:org.mitre.oval:def:24067

Oval ID:	oval:org.mitre.oval:def:24067
Title:	RHSA-2014:0370: httpd security update (Moderate)
Description:	The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0370-00 CESA-2014:0370 CVE-2013-6438 CVE-2014-0098	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	httpd
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section httpd-tools is earlier than 0:2.2.15-30.el6_5 AND mod_ssl is earlier than 1:2.2.15-30.el6_5 AND httpd is earlier than 0:2.2.15-30.el6_5 AND httpd-devel is earlier than 0:2.2.15-30.el6_5 AND httpd-manual is earlier than 0:2.2.15-30.el6_5 OR Centos 6 section The operating system installed on the system is CentOS Linux 6.x AND Packages section httpd-tools is earlier than 0:2.2.15-30.el6.centos AND mod_ssl is earlier than 1:2.2.15-30.el6.centos AND httpd is earlier than 0:2.2.15-30.el6.centos AND httpd-devel is earlier than 0:2.2.15-30.el6.centos AND httpd-manual is earlier than 0:2.2.15-30.el6.centos

Definition Id: oval:org.mitre.oval:def:24101

Oval ID:	oval:org.mitre.oval:def:24101
Title:	Apache HTTP vulnerability before 2.2.27 or before 2.4.8 in VisualSVN Server (CVE-2014-0098)
Description:	The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-0098	Version:	5
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	VisualSVN Server
Definition Synopsis:
VisualSVN Server is installed Check the version of Apache HTTP from 2.2.0 before 2.2.27 and from 2.3.0 before 2.4.8 in Visual SVN Server Check the version of Apache HTTP 2.2.x before 2.2.27 in VisualSVN Server Check if Apache HTTP version is greater than or equals to 2.2.0 in VisualSVN Server AND Check if Apache HTTP version is less than 2.2.27 in VisualSVN Server AND Check the version of Apache HTTP 2.3.x before 2.2.25 in VisualSVN Server Check if Apache HTTP version is greater than or equals to 2.3.0 in VisualSVN Server AND Check if Apache HTTP version is less than 2.4.8 in VisualSVN Server

Definition Id: oval:org.mitre.oval:def:24159

Oval ID:	oval:org.mitre.oval:def:24159
Title:	USN-2254-1 -- php5 vulnerabilities
Description:	Several security issues were fixed in PHP.
Family:	unix	Class:	patch
Reference(s):	USN-2254-1 CVE-2014-0185 CVE-2014-0237 CVE-2014-0238 CVE-2014-4049	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	php5
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.1 AND php5-cgi DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.1 AND php5-cli DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.1 AND php5-fpm DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.1 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.4 AND php5-cgi DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.4 AND php5-cli DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.4 AND php5-fpm DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.4 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.3.10-1ubuntu3.12 AND php5-cgi DPKG is earlier than 0:5.3.10-1ubuntu3.12 AND php5-cli DPKG is earlier than 0:5.3.10-1ubuntu3.12 AND php5-fpm DPKG is earlier than 0:5.3.10-1ubuntu3.12 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.3.2-1ubuntu4.25 AND php5-cgi DPKG is earlier than 0:5.3.2-1ubuntu4.25 AND php5-cli DPKG is earlier than 0:5.3.2-1ubuntu4.25

Definition Id: oval:org.mitre.oval:def:24283

Oval ID:	oval:org.mitre.oval:def:24283
Title:	Apache HTTP vulnerability before 2.2.27 or before 2.4.8 in VisualSVN Server (CVE-2013-6438)
Description:	The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-6438	Version:	5
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	VisualSVN Server
Definition Synopsis:
VisualSVN Server is installed Check the version of Apache HTTP from 2.2.0 before 2.2.27 and from 2.3.0 before 2.4.8 in Visual SVN Server Check the version of Apache HTTP 2.2.x before 2.2.27 in VisualSVN Server Check if Apache HTTP version is greater than or equals to 2.2.0 in VisualSVN Server AND Check if Apache HTTP version is less than 2.2.27 in VisualSVN Server AND Check the version of Apache HTTP 2.3.x before 2.2.25 in VisualSVN Server Check if Apache HTTP version is greater than or equals to 2.3.0 in VisualSVN Server AND Check if Apache HTTP version is less than 2.4.8 in VisualSVN Server

Definition Id: oval:org.mitre.oval:def:24331

Oval ID:	oval:org.mitre.oval:def:24331
Title:	ELSA-2014:0369: httpd security update (Moderate)
Description:	The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module (for example when using the mod_dav_svn module), a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2013-6438) A buffer over-read flaw was found in the httpd mod_log_config module. In configurations where cookie logging is enabled (on Red Hat Enterprise Linux it is disabled by default), a remote attacker could use this flaw to crash the httpd child process via an HTTP request with a malformed cookie header. (CVE-2014-0098) All httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0369-00 CVE-2013-6438 CVE-2014-0098	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	httpd
Definition Synopsis:
Oracle Linux 5.x rpm test mod_ssl is earlier than 1:2.2.3-85.el5_10 AND httpd is earlier than 0:2.2.3-85.el5_10 AND httpd-manual is earlier than 0:2.2.3-85.el5_10 AND httpd-devel is earlier than 0:2.2.3-85.el5_10

Definition Id: oval:org.mitre.oval:def:24427

Oval ID:	oval:org.mitre.oval:def:24427
Title:	RHSA-2014:0827: tomcat security update (Moderate)
Description:	Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075) It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099) It was found that the org.apache.catalina.servlets.DefaultServlet implementation in Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096) The CVE-2014-0075 issue was discovered by David Jorm of Red Hat Product Security. All Tomcat 7 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0827-00 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099	Version:	4
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	tomcat
Definition Synopsis:
RHEL 7 The operating system installed on the system is Red Hat Enterprise Linux 7 AND Packages section tomcat-el-2.2-api is earlier than 0:7.0.42-6.el7_0 AND tomcat is earlier than 0:7.0.42-6.el7_0 AND tomcat-lib is earlier than 0:7.0.42-6.el7_0 AND tomcat-jsp-2.2-api is earlier than 0:7.0.42-6.el7_0 AND tomcat-docs-webapp is earlier than 0:7.0.42-6.el7_0 AND tomcat-admin-webapps is earlier than 0:7.0.42-6.el7_0 AND tomcat-jsvc is earlier than 0:7.0.42-6.el7_0 AND tomcat-webapps is earlier than 0:7.0.42-6.el7_0 AND tomcat-servlet-3.0-api is earlier than 0:7.0.42-6.el7_0 AND tomcat-javadoc is earlier than 0:7.0.42-6.el7_0 OR CentOS 7 The operating system installed on the system is CentOS Linux 7.x AND tomcat is earlier than 0:7.0.42-6.el7_0

Definition Id: oval:org.mitre.oval:def:24499

Oval ID:	oval:org.mitre.oval:def:24499
Title:	RHSA-2014:0369: httpd security update (Moderate)
Description:	The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0369-00 CESA-2014:0369 CVE-2013-6438 CVE-2014-0098	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	httpd
Definition Synopsis:
Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND Packages section mod_ssl is earlier than 1:2.2.3-85.el5_10 AND httpd is earlier than 0:2.2.3-85.el5_10 AND httpd-manual is earlier than 0:2.2.3-85.el5_10 AND httpd-devel is earlier than 0:2.2.3-85.el5_10 OR Centos 5 section The operating system installed on the system is CentOS Linux 5.x AND Packages section mod_ssl is earlier than 1:2.2.3-85.el5.centos AND httpd is earlier than 0:2.2.3-85.el5.centos AND httpd-manual is earlier than 0:2.2.3-85.el5.centos AND httpd-devel is earlier than 0:2.2.3-85.el5.centos

Definition Id: oval:org.mitre.oval:def:24542

Oval ID:	oval:org.mitre.oval:def:24542
Title:	ELSA-2014:0370: httpd security update (Moderate)
Description:	The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module (for example when using the mod_dav_svn module), a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2013-6438) A buffer over-read flaw was found in the httpd mod_log_config module. In configurations where cookie logging is enabled (on Red Hat Enterprise Linux it is disabled by default), a remote attacker could use this flaw to crash the httpd child process via an HTTP request with a malformed cookie header. (CVE-2014-0098) All httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0370-00 CVE-2013-6438 CVE-2014-0098	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	httpd
Definition Synopsis:
Oracle Linux 6.x rpm test httpd-tools is earlier than 0:2.2.15-30.el6_5 AND mod_ssl is earlier than 1:2.2.15-30.el6_5 AND httpd is earlier than 0:2.2.15-30.el6_5 AND httpd-devel is earlier than 0:2.2.15-30.el6_5 AND httpd-manual is earlier than 0:2.2.15-30.el6_5

Definition Id: oval:org.mitre.oval:def:24883

Oval ID:	oval:org.mitre.oval:def:24883
Title:	RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)
Description:	Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075) It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099) It was found that the org.apache.catalina.servlets.DefaultServlet implementation in Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096) The CVE-2014-0075 issue was discovered by David Jorm of Red Hat Product Security. This update also fixes the following bugs: * The patch that resolved the CVE-2014-0050 issue contained redundant code. This update removes the redundant code. (BZ#1094528) * The patch that resolved the CVE-2013-4322 issue contained an invalid check that triggered a java.io.EOFException while reading trailer headers for chunked requests. This update fixes the check and the aforementioned exception is no longer triggered in the described scenario. (BZ#1095602) All Tomcat 6 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0865-00 CESA-2014:0865 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	tomcat6
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section tomcat6-lib is earlier than 0:6.0.24-72.el6_5 AND tomcat6-servlet-2.5-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-javadoc is earlier than 0:6.0.24-72.el6_5 AND tomcat6-docs-webapp is earlier than 0:6.0.24-72.el6_5 AND tomcat6 is earlier than 0:6.0.24-72.el6_5 AND tomcat6-el-2.1-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-jsp-2.1-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-webapps is earlier than 0:6.0.24-72.el6_5 AND tomcat6-admin-webapps is earlier than 0:6.0.24-72.el6_5

Definition Id: oval:org.mitre.oval:def:24930

Oval ID:	oval:org.mitre.oval:def:24930
Title:	USN-2254-2 -- php5 updates
Description:	An improvement was made for PHP FPM environments.
Family:	unix	Class:	patch
Reference(s):	USN-2254-2 CVE-2014-0185 CVE-2014-0237 CVE-2014-0238 CVE-2014-4049	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 13.10	Product(s):	php5
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed AND php5-fpm DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.2 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed AND php5-fpm DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.5

Definition Id: oval:org.mitre.oval:def:24951

Oval ID:	oval:org.mitre.oval:def:24951
Title:	DSA-2961-1 php5 - security update
Description:	It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query.
Family:	unix	Class:	patch
Reference(s):	DSA-2961-1 CVE-2014-4049	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	php5
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND php5 DPKG is earlier than 0:5.4.4-14+deb7u11

Definition Id: oval:org.mitre.oval:def:25013

Oval ID:	oval:org.mitre.oval:def:25013
Title:	DEPRECATED: RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)
Description:	Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075) It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099) It was found that the org.apache.catalina.servlets.DefaultServlet implementation in Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096) The CVE-2014-0075 issue was discovered by David Jorm of Red Hat Product Security. This update also fixes the following bugs: * The patch that resolved the CVE-2014-0050 issue contained redundant code. This update removes the redundant code. (BZ#1094528) * The patch that resolved the CVE-2013-4322 issue contained an invalid check that triggered a java.io.EOFException while reading trailer headers for chunked requests. This update fixes the check and the aforementioned exception is no longer triggered in the described scenario. (BZ#1095602) All Tomcat 6 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0865-00 CESA-2014:0865 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	tomcat6
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section tomcat6-lib is earlier than 0:6.0.24-72.el6_5 AND tomcat6-servlet-2.5-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-javadoc is earlier than 0:6.0.24-72.el6_5 AND tomcat6-docs-webapp is earlier than 0:6.0.24-72.el6_5 AND tomcat6 is earlier than 0:6.0.24-72.el6_5 AND tomcat6-el-2.1-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-jsp-2.1-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-webapps is earlier than 0:6.0.24-72.el6_5 AND tomcat6-admin-webapps is earlier than 0:6.0.24-72.el6_5

Definition Id: oval:org.mitre.oval:def:26063

Oval ID:	oval:org.mitre.oval:def:26063
Title:	USN-2302-1 -- tomcat6, tomcat7 vulnerabilities
Description:	Several security issues were fixed in Tomcat.
Family:	unix	Class:	patch
Reference(s):	USN-2302-1 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04	Product(s):	tomcat7 tomcat6
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed AND libtomcat7-java DPKG is earlier than 0:7.0.52-1ubuntu0.1 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND libtomcat6-java DPKG is earlier than 0:6.0.35-1ubuntu3.5 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND libtomcat6-java DPKG is earlier than 0:6.0.24-2ubuntu1.16

Definition Id: oval:org.mitre.oval:def:26183

Oval ID:	oval:org.mitre.oval:def:26183
Title:	RHSA-2014:1034: tomcat security update (Low)
Description:	Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could then bypass the limits imposed on XML external entities and/or gain access to the XML files processed for other web applications deployed on the same Apache Tomcat instance. (CVE-2014-0119) All Tomcat users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Tomcat must be restarted for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1034-00 CESA-2014:1034 CVE-2014-0119	Version:	3
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	tomcat
Definition Synopsis:
Redhat 7 or Centos 7 release The operating system installed on the system is Red Hat Enterprise Linux 7 AND The operating system installed on the system is CentOS Linux 7.x Packages section tomcat is earlier than 0:7.0.42-8.el7_0 AND tomcat-admin-webapps is earlier than 0:7.0.42-8.el7_0 AND tomcat-docs-webapp is earlier than 0:7.0.42-8.el7_0 AND tomcat-el-2.2-api is earlier than 0:7.0.42-8.el7_0 AND tomcat-javadoc is earlier than 0:7.0.42-8.el7_0 AND tomcat-jsp-2.2-api is earlier than 0:7.0.42-8.el7_0 AND tomcat-jsvc is earlier than 0:7.0.42-8.el7_0 AND tomcat-lib is earlier than 0:7.0.42-8.el7_0 AND tomcat-servlet-3.0-api is earlier than 0:7.0.42-8.el7_0 AND tomcat-webapps is earlier than 0:7.0.42-8.el7_0

Definition Id: oval:org.mitre.oval:def:26374

Oval ID:	oval:org.mitre.oval:def:26374
Title:	RHSA-2014:1038: tomcat6 security update (Low)
Description:	Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that several application-provided XML files, such as web.xml, content.xml, .tld, .tagx, and *.jspx, resolved external entities, permitting XML External Entity (XXE) attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by the JSM, and gain access to sensitive information on the system. Note that this flaw only affected deployments in which Tomcat is running applications from untrusted sources, such as in a shared hosting environment. (CVE-2013-4590) It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could then bypass the limits imposed on XML external entities and/or gain access to the XML files processed for other web applications deployed on the same Apache Tomcat instance. (CVE-2014-0119) All Tomcat users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1038-00 CESA-2014:1038 CVE-2013-4590 CVE-2014-0119	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	tomcat6
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section tomcat6 is earlier than 0:6.0.24-78.el6_5 AND tomcat6-admin-webapps is earlier than 0:6.0.24-78.el6_5 AND tomcat6-docs-webapp is earlier than 0:6.0.24-78.el6_5 AND tomcat6-el-2.1-api is earlier than 0:6.0.24-78.el6_5 AND tomcat6-javadoc is earlier than 0:6.0.24-78.el6_5 AND tomcat6-jsp-2.1-api is earlier than 0:6.0.24-78.el6_5 AND tomcat6-lib is earlier than 0:6.0.24-78.el6_5 AND tomcat6-servlet-2.5-api is earlier than 0:6.0.24-78.el6_5 AND tomcat6-webapps is earlier than 0:6.0.24-78.el6_5

Definition Id: oval:org.mitre.oval:def:26498

Oval ID:	oval:org.mitre.oval:def:26498
Title:	SUSE-SU-2014:1080-1 -- Security update for apache2
Description:	This apache2 update fixes the following security and non security issues: * mod_cgid denial of service (CVE-2014-0231, bnc#887768) * mod_status heap-based buffer overflow (CVE-2014-0226, bnc#887765) * mod_dav denial of service (CVE-2013-6438, bnc#869105) * log_cookie mod_log_config.c remote denial of service (CVE-2014-0098, bnc#869106) * Support ECDH in Apache2 (bnc#859916) Security Issues: * CVE-2014-0098 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098> * CVE-2013-6438 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438> * CVE-2014-0226 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226> * CVE-2014-0231 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1080-1 CVE-2014-0231 CVE-2014-0226 CVE-2013-6438 CVE-2014-0098	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	apache2
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section apache2 RPM is earlier than 0:2.2.12-1.48.1 AND apache2-doc RPM is earlier than 0:2.2.12-1.48.1 AND apache2-example-pages RPM is earlier than 0:2.2.12-1.48.1 AND apache2-prefork RPM is earlier than 0:2.2.12-1.48.1 AND apache2-utils RPM is earlier than 0:2.2.12-1.48.1 AND apache2-worker RPM is earlier than 0:2.2.12-1.48.1

Definition Id: oval:org.mitre.oval:def:26666

Oval ID:	oval:org.mitre.oval:def:26666
Title:	DEPRECATED: ELSA-2014-0370 -- httpd security update (Moderate)
Description:	The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module (for example when using the mod_dav_svn module), a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2013-6438) A buffer over-read flaw was found in the httpd mod_log_config module. In configurations where cookie logging is enabled (on Red Hat Enterprise Linux it is disabled by default), a remote attacker could use this flaw to crash the httpd child process via an HTTP request with a malformed cookie header. (CVE-2014-0098) All httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0370 CVE-2013-6438 CVE-2014-0098	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	httpd
Definition Synopsis:
Oracle Linux 6.x Packages match section httpd RPM is earlier than 0:2.2.15-30.0.1.el6_5 AND httpd-devel RPM is earlier than 0:2.2.15-30.0.1.el6_5 AND httpd-manual RPM is earlier than 0:2.2.15-30.0.1.el6_5 AND httpd-tools RPM is earlier than 0:2.2.15-30.0.1.el6_5 AND mod_ssl RPM is earlier than 0:2.2.15-30.0.1.el6_5

Definition Id: oval:org.mitre.oval:def:26689

Oval ID:	oval:org.mitre.oval:def:26689
Title:	DSA-3008-1 php5 - security update
Description:	Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
Family:	unix	Class:	patch
Reference(s):	DSA-3008-1 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670 CVE-2013-7345 CVE-2014-4049	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	php5
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND php5 DPKG is earlier than 0:5.4.4-14+deb7u13

Definition Id: oval:org.mitre.oval:def:26803

Oval ID:	oval:org.mitre.oval:def:26803
Title:	DEPRECATED: ELSA-2014-0369 -- httpd security update (Moderate)
Description:	The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module (for example when using the mod_dav_svn module), a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2013-6438) A buffer over-read flaw was found in the httpd mod_log_config module. In configurations where cookie logging is enabled (on Red Hat Enterprise Linux it is disabled by default), a remote attacker could use this flaw to crash the httpd child process via an HTTP request with a malformed cookie header. (CVE-2014-0098) All httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0369 CVE-2014-0098 CVE-2013-6438	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	httpd
Definition Synopsis:
Oracle Linux 5.x Packages match section httpd RPM is earlier than 0:2.2.3-85.0.1.el5_10 AND httpd-devel RPM is earlier than 0:2.2.3-85.0.1.el5_10 AND httpd-manual RPM is earlier than 0:2.2.3-85.0.1.el5_10 AND mod_ssl RPM is earlier than 0:2.2.3-85.0.1.el5_10

Definition Id: oval:org.mitre.oval:def:26845

Oval ID:	oval:org.mitre.oval:def:26845
Title:	SUSE-SU-2014:1081-1 -- Security update for apache2
Description:	This apache2 update fixes the following security and non-security issues: * mod_cgid denial of service (CVE-2014-0231, bnc#887768) * mod_status heap-based buffer overflow (CVE-2014-0226, bnc#887765) * mod_dav denial of service (CVE-2013-6438, bnc#869105) * log_cookie mod_log_config.c remote denial of service (CVE-2014-0098, bnc#869106) * Support ECDH in Apache2 (bnc#859916) * apache fails to start with SSL on Xen kernel at boot time (bnc#852401) Security Issues: * CVE-2014-0098 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098> * CVE-2013-6438 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438> * CVE-2014-0226 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226> * CVE-2014-0231 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1081-1 CVE-2014-0231 CVE-2014-0226 CVE-2013-6438 CVE-2014-0098	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	apache2
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section apache2 RPM is earlier than 0:2.2.12-1.48.1 AND apache2-doc RPM is earlier than 0:2.2.12-1.48.1 AND apache2-example-pages RPM is earlier than 0:2.2.12-1.48.1 AND apache2-prefork RPM is earlier than 0:2.2.12-1.48.1 AND apache2-utils RPM is earlier than 0:2.2.12-1.48.1 AND apache2-worker RPM is earlier than 0:2.2.12-1.48.1

Definition Id: oval:org.mitre.oval:def:26889

Oval ID:	oval:org.mitre.oval:def:26889
Title:	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Description:	The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-0098	Version:	4
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.23 AND filesets test hpuxws22APCH32.APACHE version is less than B.2.2.15.21 AND hpuxws22APCH32.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22TOMCAT.TOMCAT version is less than B.2.2.15.21

Definition Id: oval:org.mitre.oval:def:26966

Oval ID:	oval:org.mitre.oval:def:26966
Title:	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Description:	acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-3981	Version:	4
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.23 AND filesets test hpuxws22APCH32.APACHE version is less than B.2.2.15.21 AND hpuxws22APCH32.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22TOMCAT.TOMCAT version is less than B.2.2.15.21

Definition Id: oval:org.mitre.oval:def:26971

Oval ID:	oval:org.mitre.oval:def:26971
Title:	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Description:	Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-0099	Version:	4
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.23 AND filesets test hpuxws22APCH32.APACHE version is less than B.2.2.15.21 AND hpuxws22APCH32.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22TOMCAT.TOMCAT version is less than B.2.2.15.21

Definition Id: oval:org.mitre.oval:def:27100

Oval ID:	oval:org.mitre.oval:def:27100
Title:	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Description:	Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-0075	Version:	4
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.23 AND filesets test hpuxws22APCH32.APACHE version is less than B.2.2.15.21 AND hpuxws22APCH32.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22TOMCAT.TOMCAT version is less than B.2.2.15.21

Definition Id: oval:org.mitre.oval:def:27101

Oval ID:	oval:org.mitre.oval:def:27101
Title:	RHSA-2014:1606: file security and bug fix update (Moderate)
Description:	The "file" command is used to identify a particular file according to the type of data contained in the file. The command can identify various file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571) Two denial of service flaws were found in the way file handled indirect and search rules. A remote attacker could use either of these flaws to cause file, or an application using file, to crash or consume an excessive amount of CPU. (CVE-2014-1943, CVE-2014-2270) This update also fixes the following bugs: * Previously, the output of the "file" command contained redundant white spaces. With this update, the new STRING_TRIM flag has been introduced to remove the unnecessary white spaces. (BZ#664513) * Due to a bug, the "file" command could incorrectly identify an XML document as a LaTex document. The underlying source code has been modified to fix this bug and the command now works as expected. (BZ#849621) * Previously, the "file" command could not recognize .JPG files and incorrectly labeled them as "Minix filesystem". This bug has been fixed and the command now properly detects .JPG files. (BZ#873997) * Under certain circumstances, the "file" command incorrectly detected NETpbm files as "x86 boot sector". This update applies a patch to fix this bug and the command now detects NETpbm files as expected. (BZ#884396) * Previously, the "file" command incorrectly identified ASCII text files as a .PIC image file. With this update, a patch has been provided to address this bug and the command now correctly recognizes ASCII text files. (BZ#980941) * On 32-bit PowerPC systems, the "from" field was missing from the output of the "file" command. The underlying source code has been modified to fix this bug and "file" output now contains the "from" field as expected. (BZ#1037279) * The "file" command incorrectly detected text files as "RRDTool DB version ool - Round Robin Database Tool". This update applies a patch to fix this bug and the command now correctly detects text files. (BZ#1064463) * Previously, the "file" command supported only version 1 and 2 of the QCOW format. As a consequence, file was unable to detect a "qcow2 compat=1.1" file created on Red Hat Enterprise Linux 7. With this update, support for QCOW version 3 has been added so that the command now detects such files as expected. (BZ#1067771) All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1606-01 CVE-2012-1571 CVE-2014-0237 CVE-2014-0238 CVE-2014-1943 CVE-2014-2270 CVE-2014-3479 CVE-2014-3480 CESA-2014:1606	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	file
Definition Synopsis:
Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section file is earlier than 0:5.04-21.el6 AND file-devel is earlier than 0:5.04-21.el6 AND file-libs is earlier than 0:5.04-21.el6 AND file-static is earlier than 0:5.04-21.el6 AND python-magic is earlier than 0:5.04-21.el6 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND file-debuginfo is earlier than 0:5.04-21.el6

Definition Id: oval:org.mitre.oval:def:27179

Oval ID:	oval:org.mitre.oval:def:27179
Title:	ELSA-2014-1034 -- tomcat security update (low)
Description:	[0:7.0.42-8] - Resolves: CVE-2013-4590 - Resolves: CVE-2014-0119
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1034 CVE-2014-0119	Version:	3
Platform(s):	Oracle Linux 7	Product(s):	tomcat
Definition Synopsis:
Oracle Linux 7.x Packages match section tomcat is earlier than 0:7.0.42-8.el7_0 AND tomcat-admin-webapps is earlier than 0:7.0.42-8.el7_0 AND tomcat-docs-webapp is earlier than 0:7.0.42-8.el7_0 AND tomcat-el-2.2-api is earlier than 0:7.0.42-8.el7_0 AND tomcat-javadoc is earlier than 0:7.0.42-8.el7_0 AND tomcat-jsp-2.2-api is earlier than 0:7.0.42-8.el7_0 AND tomcat-jsvc is earlier than 0:7.0.42-8.el7_0 AND tomcat-lib is earlier than 0:7.0.42-8.el7_0 AND tomcat-servlet-3.0-api is earlier than 0:7.0.42-8.el7_0 AND tomcat-webapps is earlier than 0:7.0.42-8.el7_0

Definition Id: oval:org.mitre.oval:def:27231

Oval ID:	oval:org.mitre.oval:def:27231
Title:	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Description:	The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-6438	Version:	4
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.23 AND filesets test hpuxws22APCH32.APACHE version is less than B.2.2.15.21 AND hpuxws22APCH32.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22TOMCAT.TOMCAT version is less than B.2.2.15.21

Definition Id: oval:org.mitre.oval:def:27263

Oval ID:	oval:org.mitre.oval:def:27263
Title:	ELSA-2014-0827 -- tomcat security update (moderate)
Description:	[0:7.0.42-6] - Resolves: CVE-2014-0099 Fix possible overflow when parsing - long values from byte array - Resolves: CVE-2014-0096 Information discloser process XSLT - files not subject to same constraint running under - java security manager - Resolves: CVE-2014-0075 Avoid overflow in ChunkedInputFilter.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0827 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099	Version:	3
Platform(s):	Oracle Linux 7	Product(s):	tomcat
Definition Synopsis:
Oracle Linux 7.x Packages match section tomcat is earlier than 0:7.0.42-6.el7_0 AND tomcat-admin-webapps is earlier than 0:7.0.42-6.el7_0 AND tomcat-docs-webapp is earlier than 0:7.0.42-6.el7_0 AND tomcat-el-2.2-api is earlier than 0:7.0.42-6.el7_0 AND tomcat-javadoc is earlier than 0:7.0.42-6.el7_0 AND tomcat-jsp-2.2-api is earlier than 0:7.0.42-6.el7_0 AND tomcat-jsvc is earlier than 0:7.0.42-6.el7_0 AND tomcat-lib is earlier than 0:7.0.42-6.el7_0 AND tomcat-servlet-3.0-api is earlier than 0:7.0.42-6.el7_0 AND tomcat-webapps is earlier than 0:7.0.42-6.el7_0

Definition Id: oval:org.mitre.oval:def:27293

Oval ID:	oval:org.mitre.oval:def:27293
Title:	ELSA-2014-0865 -- tomcat6 security and bug fix update (moderate)
Description:	[0:6.0.24-72] - Related: CVE-2014-0075 - rebuild to generate javadoc - correctly. previous build generated 0-length javadoc [0:6.0.24-69] - Related: CVE-2014-0075 incomplete [0:6.0.24-68] - Related: CVE-2013-4322. arches needs to be specified - as in arches noarch, so docs/webapps will produce - full files. building for ppc will generate empty - javadoc. [0:6.0.24-67] - Related: CVE-2014-0050 - Related: CVE-2013-4322 [0:6.0.24-66] - Resolves: CVE-2014-0099 - Resolves: CVE-2014-0096 - Resolves: CVE-2014-0075 [0:6.0.24-65] - Related: CVE-2014-0050 copy paste error
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0865 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099	Version:	3
Platform(s):	Oracle Linux 6	Product(s):	tomcat6
Definition Synopsis:
Oracle Linux 6.x Packages match section tomcat6 is earlier than 0:6.0.24-72.el6_5 AND tomcat6-admin-webapps is earlier than 0:6.0.24-72.el6_5 AND tomcat6-docs-webapp is earlier than 0:6.0.24-72.el6_5 AND tomcat6-el-2.1-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-javadoc is earlier than 0:6.0.24-72.el6_5 AND tomcat6-jsp-2.1-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-lib is earlier than 0:6.0.24-72.el6_5 AND tomcat6-servlet-2.5-api is earlier than 0:6.0.24-72.el6_5 AND tomcat6-webapps is earlier than 0:6.0.24-72.el6_5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apache Http Server cpe:2.3:a:apache:http_server:2.4.8:::::::* cpe:2.3:a:apache:http_server:2.4.7:::::::* cpe:2.3:a:apache:http_server:2.4.6:::::::* cpe:2.3:a:apache:http_server:2.4.4:::::::* cpe:2.3:a:apache:http_server:2.4.3:::::::* cpe:2.3:a:apache:http_server:2.4.2:::::::* cpe:2.3:a:apache:http_server:2.4.1:::::::* cpe:2.3:a:apache:http_server:2.4.0:::::::* cpe:2.3:a:apache:http_server:2.3.9:::::::* cpe:2.3:a:apache:http_server:2.3.8:::::::* cpe:2.3:a:apache:http_server:2.3.7:::::::* cpe:2.3:a:apache:http_server:2.3.6:::::::* cpe:2.3:a:apache:http_server:2.3.5:::::::* cpe:2.3:a:apache:http_server:2.3.5:alpha:::::: cpe:2.3:a:apache:http_server:2.3.4:::::::* cpe:2.3:a:apache:http_server:2.3.4:alpha:::::: cpe:2.3:a:apache:http_server:2.3.3:::::::* cpe:2.3:a:apache:http_server:2.3.2:::::::* cpe:2.3:a:apache:http_server:2.3.16:::::::* cpe:2.3:a:apache:http_server:2.3.15:::::::* cpe:2.3:a:apache:http_server:2.3.14:::::::* cpe:2.3:a:apache:http_server:2.3.13:::::::* cpe:2.3:a:apache:http_server:2.3.12:::::::* cpe:2.3:a:apache:http_server:2.3.11:::::::* cpe:2.3:a:apache:http_server:2.3.10:::::::* cpe:2.3:a:apache:http_server:2.3.1:::::::* cpe:2.3:a:apache:http_server:2.3.0:::::::* cpe:2.3:a:apache:http_server:2.2.9:::::::* cpe:2.3:a:apache:http_server:2.2.8:::::::* cpe:2.3:a:apache:http_server:2.2.7:::::::* cpe:2.3:a:apache:http_server:2.2.6:::::::* cpe:2.3:a:apache:http_server:2.2.5:::::::* cpe:2.3:a:apache:http_server:2.2.4:::::::* cpe:2.3:a:apache:http_server:2.2.32:::::::* cpe:2.3:a:apache:http_server:2.2.31:::::::* cpe:2.3:a:apache:http_server:2.2.30:::::::* cpe:2.3:a:apache:http_server:2.2.3:::::::* cpe:2.3:a:apache:http_server:2.2.3::windows::::: cpe:2.3:a:apache:http_server:2.2.29:::::::* cpe:2.3:a:apache:http_server:2.2.27:::::::* cpe:2.3:a:apache:http_server:2.2.26:::::::* cpe:2.3:a:apache:http_server:2.2.25:::::::* cpe:2.3:a:apache:http_server:2.2.24:::::::* cpe:2.3:a:apache:http_server:2.2.23:::::::* cpe:2.3:a:apache:http_server:2.2.22:::::::* cpe:2.3:a:apache:http_server:2.2.21:::::::* cpe:2.3:a:apache:http_server:2.2.20:::::::* cpe:2.3:a:apache:http_server:2.2.2:::::::* cpe:2.3:a:apache:http_server:2.2.2::windows::::: cpe:2.3:a:apache:http_server:2.2.19:::::::* cpe:2.3:a:apache:http_server:2.2.18:::::::* cpe:2.3:a:apache:http_server:2.2.17:::::::* cpe:2.3:a:apache:http_server:2.2.16:::::::* cpe:2.3:a:apache:http_server:2.2.15-60:::::::* cpe:2.3:a:apache:http_server:2.2.15:::::::* cpe:2.3:a:apache:http_server:2.2.14:::::::* cpe:2.3:a:apache:http_server:2.2.13:::::::* cpe:2.3:a:apache:http_server:2.2.12:::::::* cpe:2.3:a:apache:http_server:2.2.11:::::::* cpe:2.3:a:apache:http_server:2.2.10:::::::* cpe:2.3:a:apache:http_server:2.2.1:::::::* cpe:2.3:a:apache:http_server:2.2.0:::::::* cpe:2.3:a:apache:http_server:2.2:::::::* cpe:2.3:a:apache:http_server:2.1.9:::::::* cpe:2.3:a:apache:http_server:2.1.8:::::::* cpe:2.3:a:apache:http_server:2.1.7:::::::* cpe:2.3:a:apache:http_server:2.1.6:::::::* cpe:2.3:a:apache:http_server:2.1.5:::::::* cpe:2.3:a:apache:http_server:2.1.4:::::::* cpe:2.3:a:apache:http_server:2.1.3:::::::* cpe:2.3:a:apache:http_server:2.1.2:::::::* cpe:2.3:a:apache:http_server:2.1.1:::::::* cpe:2.3:a:apache:http_server:2.1.0:::::::* cpe:2.3:a:apache:http_server:2.1:::::::* cpe:2.3:a:apache:http_server:2.0.9:::::::* cpe:2.3:a:apache:http_server:2.0.65:::::::* cpe:2.3:a:apache:http_server:2.0.64:::::::* cpe:2.3:a:apache:http_server:2.0.63:::::::* cpe:2.3:a:apache:http_server:2.0.61:::::::* cpe:2.3:a:apache:http_server:2.0.60:::::::* cpe:2.3:a:apache:http_server:2.0.59:::::::* cpe:2.3:a:apache:http_server:2.0.58:::::::* cpe:2.3:a:apache:http_server:2.0.58::win32::::: cpe:2.3:a:apache:http_server:2.0.57:::::::* cpe:2.3:a:apache:http_server:2.0.56:::::::* cpe:2.3:a:apache:http_server:2.0.55:::::::* cpe:2.3:a:apache:http_server:2.0.54:::::::* cpe:2.3:a:apache:http_server:2.0.53:::::::* cpe:2.3:a:apache:http_server:2.0.52:::::::* cpe:2.3:a:apache:http_server:2.0.51:::::::* cpe:2.3:a:apache:http_server:2.0.50:::::::* cpe:2.3:a:apache:http_server:2.0.49:::::::* cpe:2.3:a:apache:http_server:2.0.48:::::::* cpe:2.3:a:apache:http_server:2.0.47:::::::* cpe:2.3:a:apache:http_server:2.0.46:::::::* cpe:2.3:a:apache:http_server:2.0.46::win32::::: cpe:2.3:a:apache:http_server:2.0.45:::::::* cpe:2.3:a:apache:http_server:2.0.44:::::::* cpe:2.3:a:apache:http_server:2.0.43:::::::* cpe:2.3:a:apache:http_server:2.0.42:::::::* cpe:2.3:a:apache:http_server:2.0.41:::::::* cpe:2.3:a:apache:http_server:2.0.40:::::::* cpe:2.3:a:apache:http_server:2.0.39:::::::* cpe:2.3:a:apache:http_server:2.0.38:::::::* cpe:2.3:a:apache:http_server:2.0.37:::::::* cpe:2.3:a:apache:http_server:2.0.36:::::::* cpe:2.3:a:apache:http_server:2.0.35:::::::* cpe:2.3:a:apache:http_server:2.0.34:beta:::::: cpe:2.3:a:apache:http_server:2.0.34:beta:win32:::::* cpe:2.3:a:apache:http_server:2.0.34:::::::* cpe:2.3:a:apache:http_server:2.0.33:::::::* cpe:2.3:a:apache:http_server:2.0.32:beta:::::: cpe:2.3:a:apache:http_server:2.0.32:::::::* cpe:2.3:a:apache:http_server:2.0.32:beta:win32:::::* cpe:2.3:a:apache:http_server:2.0.31:::::::* cpe:2.3:a:apache:http_server:2.0.30:::::::* cpe:2.3:a:apache:http_server:2.0.29:::::::* cpe:2.3:a:apache:http_server:2.0.28:beta:::::: cpe:2.3:a:apache:http_server:2.0.28:::::::* cpe:2.3:a:apache:http_server:2.0.28:beta:win32:::::* cpe:2.3:a:apache:http_server:2.0.27:::::::* cpe:2.3:a:apache:http_server:2.0.26:::::::* cpe:2.3:a:apache:http_server:2.0.25:::::::* cpe:2.3:a:apache:http_server:2.0.24:::::::* cpe:2.3:a:apache:http_server:2.0.23:::::::* cpe:2.3:a:apache:http_server:2.0.22:::::::* cpe:2.3:a:apache:http_server:2.0.21:::::::* cpe:2.3:a:apache:http_server:2.0.20:::::::* cpe:2.3:a:apache:http_server:2.0.19:::::::* cpe:2.3:a:apache:http_server:2.0.18:::::::* cpe:2.3:a:apache:http_server:2.0.17:::::::* cpe:2.3:a:apache:http_server:2.0.16:::::::* cpe:2.3:a:apache:http_server:2.0.15:::::::* cpe:2.3:a:apache:http_server:2.0.14:::::::* cpe:2.3:a:apache:http_server:2.0.13:::::::* cpe:2.3:a:apache:http_server:2.0.12:::::::* cpe:2.3:a:apache:http_server:2.0.11:::::::* cpe:2.3:a:apache:http_server:2.0.0:::::::* cpe:2.3:a:apache:http_server:2.0:::::::* cpe:2.3:a:apache:http_server:2.0:alpha9:::::: cpe:2.3:a:apache:http_server:1.99:::::::* cpe:2.3:a:apache:http_server:1.4.0:::::::* cpe:2.3:a:apache:http_server:1.3.9:::::::* cpe:2.3:a:apache:http_server:1.3.9::win32::::: cpe:2.3:a:apache:http_server:1.3.8:::::::* cpe:2.3:a:apache:http_server:1.3.7:::::::* cpe:2.3:a:apache:http_server:1.3.7::dev::::: cpe:2.3:a:apache:http_server:1.3.68:::::::* cpe:2.3:a:apache:http_server:1.3.65:::::::* cpe:2.3:a:apache:http_server:1.3.6:::::::* cpe:2.3:a:apache:http_server:1.3.6::win32::::: cpe:2.3:a:apache:http_server:1.3.5:::::::* cpe:2.3:a:apache:http_server:1.3.42:::::::* cpe:2.3:a:apache:http_server:1.3.41:::::::* cpe:2.3:a:apache:http_server:1.3.40:::::::* cpe:2.3:a:apache:http_server:1.3.4:::::::* cpe:2.3:a:apache:http_server:1.3.39:::::::* cpe:2.3:a:apache:http_server:1.3.38:::::::* cpe:2.3:a:apache:http_server:1.3.37:::::::* cpe:2.3:a:apache:http_server:1.3.36:::::::* cpe:2.3:a:apache:http_server:1.3.35:::::::* cpe:2.3:a:apache:http_server:1.3.34:::::::* cpe:2.3:a:apache:http_server:1.3.33:::::::* cpe:2.3:a:apache:http_server:1.3.32:::::::* cpe:2.3:a:apache:http_server:1.3.31:::::::* cpe:2.3:a:apache:http_server:1.3.30:::::::* cpe:2.3:a:apache:http_server:1.3.3:::::::* cpe:2.3:a:apache:http_server:1.3.29:::::::* cpe:2.3:a:apache:http_server:1.3.28:::::::* cpe:2.3:a:apache:http_server:1.3.27:::::::* cpe:2.3:a:apache:http_server:1.3.26:::::::* cpe:2.3:a:apache:http_server:1.3.26::win32::::: cpe:2.3:a:apache:http_server:1.3.25:::::::* cpe:2.3:a:apache:http_server:1.3.25::win32::::: cpe:2.3:a:apache:http_server:1.3.24:::::::* cpe:2.3:a:apache:http_server:1.3.24::win32::::: cpe:2.3:a:apache:http_server:1.3.23:::::::* cpe:2.3:a:apache:http_server:1.3.23::win32::::: cpe:2.3:a:apache:http_server:1.3.22:::::::* cpe:2.3:a:apache:http_server:1.3.22::win32::::: cpe:2.3:a:apache:http_server:1.3.20:::::::* cpe:2.3:a:apache:http_server:1.3.20::win32::::: cpe:2.3:a:apache:http_server:1.3.2:::::::* cpe:2.3:a:apache:http_server:1.3.19:::::::* cpe:2.3:a:apache:http_server:1.3.19::win32::::: cpe:2.3:a:apache:http_server:1.3.18:::::::* cpe:2.3:a:apache:http_server:1.3.18::win32::::: cpe:2.3:a:apache:http_server:1.3.17:::::::* cpe:2.3:a:apache:http_server:1.3.17::win32::::: cpe:2.3:a:apache:http_server:1.3.16:::::::* cpe:2.3:a:apache:http_server:1.3.16::win32::::: cpe:2.3:a:apache:http_server:1.3.15:::::::* cpe:2.3:a:apache:http_server:1.3.15::win32::::: cpe:2.3:a:apache:http_server:1.3.14:::::::* cpe:2.3:a:apache:http_server:1.3.14::win32::::: cpe:2.3:a:apache:http_server:1.3.14::mac_os::::: cpe:2.3:a:apache:http_server:1.3.13:::::::* cpe:2.3:a:apache:http_server:1.3.13::win32::::: cpe:2.3:a:apache:http_server:1.3.12:::::::* cpe:2.3:a:apache:http_server:1.3.12::win32::::: cpe:2.3:a:apache:http_server:1.3.11:::::::* cpe:2.3:a:apache:http_server:1.3.11::win32::::: cpe:2.3:a:apache:http_server:1.3.10:::::::* cpe:2.3:a:apache:http_server:1.3.1.1:::::::* cpe:2.3:a:apache:http_server:1.3.1:::::::* cpe:2.3:a:apache:http_server:1.3.0:::::::* cpe:2.3:a:apache:http_server:1.3:::::::* cpe:2.3:a:apache:http_server:1.2.9:::::::* cpe:2.3:a:apache:http_server:1.2.6:::::::* cpe:2.3:a:apache:http_server:1.2.5:::::::* cpe:2.3:a:apache:http_server:1.2.4:::::::* cpe:2.3:a:apache:http_server:1.2.0:::::::* cpe:2.3:a:apache:http_server:1.15.17:::::::* cpe:2.3:a:apache:http_server:1.1.1:::::::* cpe:2.3:a:apache:http_server:1.1:::::::* cpe:2.3:a:apache:http_server:1.0.5:::::::* cpe:2.3:a:apache:http_server:1.0.3:::::::* cpe:2.3:a:apache:http_server:1.0.2:::::::* cpe:2.3:a:apache:http_server:1.0:::::::* cpe:2.3:a:apache:http_server:0.8.14:::::::* cpe:2.3:a:apache:http_server:0.8.11:::::::* cpe:2.3:a:apache:http_server:::::::: cpe:2.3:a:apache:http_server:::win32:::::* cpe:2.3:a:apache:http_server:-:::::::*	224
Application	Apache Tomcat cpe:2.3:a:apache:tomcat:8.0.5:::::::* cpe:2.3:a:apache:tomcat:8.0.3:::::::* cpe:2.3:a:apache:tomcat:8.0.1:::::::* cpe:2.3:a:apache:tomcat:8.0.0:rc1:::::: cpe:2.3:a:apache:tomcat:8.0.0:rc2:::::: cpe:2.3:a:apache:tomcat:8.0.0:rc5:::::: cpe:2.3:a:apache:tomcat:8.0.0:rc10:::::: cpe:2.3:a:apache:tomcat:7.0.9:::::::* cpe:2.3:a:apache:tomcat:7.0.8:::::::* cpe:2.3:a:apache:tomcat:7.0.7:::::::* cpe:2.3:a:apache:tomcat:7.0.6:::::::* cpe:2.3:a:apache:tomcat:7.0.53:::::::* cpe:2.3:a:apache:tomcat:7.0.52:::::::* cpe:2.3:a:apache:tomcat:7.0.50:::::::* cpe:2.3:a:apache:tomcat:7.0.5:::::::* cpe:2.3:a:apache:tomcat:7.0.49:::::::* cpe:2.3:a:apache:tomcat:7.0.48:::::::* cpe:2.3:a:apache:tomcat:7.0.47:::::::* cpe:2.3:a:apache:tomcat:7.0.46:::::::* cpe:2.3:a:apache:tomcat:7.0.45:::::::* cpe:2.3:a:apache:tomcat:7.0.44:::::::* cpe:2.3:a:apache:tomcat:7.0.43:::::::* cpe:2.3:a:apache:tomcat:7.0.42:::::::* cpe:2.3:a:apache:tomcat:7.0.41:::::::* cpe:2.3:a:apache:tomcat:7.0.40:::::::* cpe:2.3:a:apache:tomcat:7.0.4:::::::* cpe:2.3:a:apache:tomcat:7.0.4:beta:::::: cpe:2.3:a:apache:tomcat:7.0.39:::::::* cpe:2.3:a:apache:tomcat:7.0.38:::::::* cpe:2.3:a:apache:tomcat:7.0.37:::::::* cpe:2.3:a:apache:tomcat:7.0.36:::::::* cpe:2.3:a:apache:tomcat:7.0.35:::::::* cpe:2.3:a:apache:tomcat:7.0.34:::::::* cpe:2.3:a:apache:tomcat:7.0.33:::::::* cpe:2.3:a:apache:tomcat:7.0.32:::::::* cpe:2.3:a:apache:tomcat:7.0.31:::::::* cpe:2.3:a:apache:tomcat:7.0.30:::::::* cpe:2.3:a:apache:tomcat:7.0.3:::::::* cpe:2.3:a:apache:tomcat:7.0.29:::::::* cpe:2.3:a:apache:tomcat:7.0.28:::::::* cpe:2.3:a:apache:tomcat:7.0.27:::::::* cpe:2.3:a:apache:tomcat:7.0.26:::::::* cpe:2.3:a:apache:tomcat:7.0.25:::::::* cpe:2.3:a:apache:tomcat:7.0.24:::::::* cpe:2.3:a:apache:tomcat:7.0.23:::::::* cpe:2.3:a:apache:tomcat:7.0.22:::::::* cpe:2.3:a:apache:tomcat:7.0.21:::::::* cpe:2.3:a:apache:tomcat:7.0.20:::::::* cpe:2.3:a:apache:tomcat:7.0.2:::::::* cpe:2.3:a:apache:tomcat:7.0.2:beta:::::: cpe:2.3:a:apache:tomcat:7.0.19:::::::* cpe:2.3:a:apache:tomcat:7.0.18:::::::* cpe:2.3:a:apache:tomcat:7.0.17:::::::* cpe:2.3:a:apache:tomcat:7.0.16:::::::* cpe:2.3:a:apache:tomcat:7.0.15:::::::* cpe:2.3:a:apache:tomcat:7.0.14:::::::* cpe:2.3:a:apache:tomcat:7.0.13:::::::* cpe:2.3:a:apache:tomcat:7.0.12:::::::* cpe:2.3:a:apache:tomcat:7.0.11:::::::* cpe:2.3:a:apache:tomcat:7.0.10:::::::* cpe:2.3:a:apache:tomcat:7.0.1:::::::* cpe:2.3:a:apache:tomcat:7.0.0:::::::* cpe:2.3:a:apache:tomcat:7.0.0:beta:::::: cpe:2.3:a:apache:tomcat:6.0.9:::::::* cpe:2.3:a:apache:tomcat:6.0.9:beta:::::: cpe:2.3:a:apache:tomcat:6.0.8:::::::* cpe:2.3:a:apache:tomcat:6.0.8:alpha:::::: cpe:2.3:a:apache:tomcat:6.0.7:::::::* cpe:2.3:a:apache:tomcat:6.0.7:alpha:::::: cpe:2.3:a:apache:tomcat:6.0.7:beta:::::: cpe:2.3:a:apache:tomcat:6.0.6:::::::* cpe:2.3:a:apache:tomcat:6.0.6:alpha:::::: cpe:2.3:a:apache:tomcat:6.0.5:::::::* cpe:2.3:a:apache:tomcat:6.0.4:::::::* cpe:2.3:a:apache:tomcat:6.0.4:alpha:::::: cpe:2.3:a:apache:tomcat:6.0.39:::::::* cpe:2.3:a:apache:tomcat:6.0.38:::::::* cpe:2.3:a:apache:tomcat:6.0.37:::::::* cpe:2.3:a:apache:tomcat:6.0.36:::::::* cpe:2.3:a:apache:tomcat:6.0.35:::::::* cpe:2.3:a:apache:tomcat:6.0.34:::::::* cpe:2.3:a:apache:tomcat:6.0.33:::::::* cpe:2.3:a:apache:tomcat:6.0.32:::::::* cpe:2.3:a:apache:tomcat:6.0.31:::::::* cpe:2.3:a:apache:tomcat:6.0.30:::::::* cpe:2.3:a:apache:tomcat:6.0.3:::::::* cpe:2.3:a:apache:tomcat:6.0.29:::::::* cpe:2.3:a:apache:tomcat:6.0.28:::::::* cpe:2.3:a:apache:tomcat:6.0.27:::::::* cpe:2.3:a:apache:tomcat:6.0.26:::::::* cpe:2.3:a:apache:tomcat:6.0.25:::::::* cpe:2.3:a:apache:tomcat:6.0.24:::::::* cpe:2.3:a:apache:tomcat:6.0.23:::::::* cpe:2.3:a:apache:tomcat:6.0.22:::::::* cpe:2.3:a:apache:tomcat:6.0.21:::::::* cpe:2.3:a:apache:tomcat:6.0.20:::::::* cpe:2.3:a:apache:tomcat:6.0.2:::::::* cpe:2.3:a:apache:tomcat:6.0.2:alpha:::::: cpe:2.3:a:apache:tomcat:6.0.2:beta:::::: cpe:2.3:a:apache:tomcat:6.0.19:::::::* cpe:2.3:a:apache:tomcat:6.0.18:::::::* cpe:2.3:a:apache:tomcat:6.0.17:::::::* cpe:2.3:a:apache:tomcat:6.0.16:::::::* cpe:2.3:a:apache:tomcat:6.0.15:::::::* cpe:2.3:a:apache:tomcat:6.0.14:::::::* cpe:2.3:a:apache:tomcat:6.0.13:::::::* cpe:2.3:a:apache:tomcat:6.0.12:::::::* cpe:2.3:a:apache:tomcat:6.0.11:::::::* cpe:2.3:a:apache:tomcat:6.0.10:::::::* cpe:2.3:a:apache:tomcat:6.0.1:::::::* cpe:2.3:a:apache:tomcat:6.0.1:alpha:::::: cpe:2.3:a:apache:tomcat:6.0.0:::::::* cpe:2.3:a:apache:tomcat:6.0.0:alpha:::::: cpe:2.3:a:apache:tomcat:6.0:::::::* cpe:2.3:a:apache:tomcat:6:::::::* cpe:2.3:a:apache:tomcat:5.5.9:::::::* cpe:2.3:a:apache:tomcat:5.5.8:::::::* cpe:2.3:a:apache:tomcat:5.5.7:::::::* cpe:2.3:a:apache:tomcat:5.5.6:::::::* cpe:2.3:a:apache:tomcat:5.5.5:::::::* cpe:2.3:a:apache:tomcat:5.5.4:::::::* cpe:2.3:a:apache:tomcat:5.5.35:::::::* cpe:2.3:a:apache:tomcat:5.5.34:::::::* cpe:2.3:a:apache:tomcat:5.5.33:::::::* cpe:2.3:a:apache:tomcat:5.5.32:::::::* cpe:2.3:a:apache:tomcat:5.5.31:::::::* cpe:2.3:a:apache:tomcat:5.5.30:::::::* cpe:2.3:a:apache:tomcat:5.5.3:::::::* cpe:2.3:a:apache:tomcat:5.5.29:::::::* cpe:2.3:a:apache:tomcat:5.5.28:::::::* cpe:2.3:a:apache:tomcat:5.5.27:::::::* cpe:2.3:a:apache:tomcat:5.5.26:::::::* cpe:2.3:a:apache:tomcat:5.5.25:::::::* cpe:2.3:a:apache:tomcat:5.5.24:::::::* cpe:2.3:a:apache:tomcat:5.5.23:::::::* cpe:2.3:a:apache:tomcat:5.5.22:::::::* cpe:2.3:a:apache:tomcat:5.5.21:::::::* cpe:2.3:a:apache:tomcat:5.5.20:::::::* cpe:2.3:a:apache:tomcat:5.5.2:::::::* cpe:2.3:a:apache:tomcat:5.5.19:::::::* cpe:2.3:a:apache:tomcat:5.5.18:::::::* cpe:2.3:a:apache:tomcat:5.5.17:::::::* cpe:2.3:a:apache:tomcat:5.5.16:::::::* cpe:2.3:a:apache:tomcat:5.5.15:::::::* cpe:2.3:a:apache:tomcat:5.5.14:::::::* cpe:2.3:a:apache:tomcat:5.5.13:::::::* cpe:2.3:a:apache:tomcat:5.5.12:::::::* cpe:2.3:a:apache:tomcat:5.5.11:::::::* cpe:2.3:a:apache:tomcat:5.5.10:::::::* cpe:2.3:a:apache:tomcat:5.5.1:::::::* cpe:2.3:a:apache:tomcat:5.5.0:::::::* cpe:2.3:a:apache:tomcat:5.0.9:::::::* cpe:2.3:a:apache:tomcat:5.0.8:::::::* cpe:2.3:a:apache:tomcat:5.0.7:::::::* cpe:2.3:a:apache:tomcat:5.0.6:::::::* cpe:2.3:a:apache:tomcat:5.0.5:::::::* cpe:2.3:a:apache:tomcat:5.0.4:::::::* cpe:2.3:a:apache:tomcat:5.0.30:::::::* cpe:2.3:a:apache:tomcat:5.0.3:::::::* cpe:2.3:a:apache:tomcat:5.0.29:::::::* cpe:2.3:a:apache:tomcat:5.0.28:::::::* cpe:2.3:a:apache:tomcat:5.0.27:::::::* cpe:2.3:a:apache:tomcat:5.0.26:::::::* cpe:2.3:a:apache:tomcat:5.0.25:::::::* cpe:2.3:a:apache:tomcat:5.0.24:::::::* cpe:2.3:a:apache:tomcat:5.0.23:::::::* cpe:2.3:a:apache:tomcat:5.0.22:::::::* cpe:2.3:a:apache:tomcat:5.0.21:::::::* cpe:2.3:a:apache:tomcat:5.0.2:::::::* cpe:2.3:a:apache:tomcat:5.0.19:::::::* cpe:2.3:a:apache:tomcat:5.0.18:::::::* cpe:2.3:a:apache:tomcat:5.0.17:::::::* cpe:2.3:a:apache:tomcat:5.0.16:::::::* cpe:2.3:a:apache:tomcat:5.0.15:::::::* cpe:2.3:a:apache:tomcat:5.0.14:::::::* cpe:2.3:a:apache:tomcat:5.0.13:::::::* cpe:2.3:a:apache:tomcat:5.0.12:::::::* cpe:2.3:a:apache:tomcat:5.0.11:::::::* cpe:2.3:a:apache:tomcat:5.0.10:::::::* cpe:2.3:a:apache:tomcat:5.0.1:::::::* cpe:2.3:a:apache:tomcat:5.0.0:::::::* cpe:2.3:a:apache:tomcat:5:::::::* cpe:2.3:a:apache:tomcat:4.1.9:beta:::::: cpe:2.3:a:apache:tomcat:4.1.9:::::::* cpe:2.3:a:apache:tomcat:4.1.8:::::::* cpe:2.3:a:apache:tomcat:4.1.7:::::::* cpe:2.3:a:apache:tomcat:4.1.6:::::::* cpe:2.3:a:apache:tomcat:4.1.5:::::::* cpe:2.3:a:apache:tomcat:4.1.40:::::::* cpe:2.3:a:apache:tomcat:4.1.4:::::::* cpe:2.3:a:apache:tomcat:4.1.39:::::::* cpe:2.3:a:apache:tomcat:4.1.38:::::::* cpe:2.3:a:apache:tomcat:4.1.37:::::::* cpe:2.3:a:apache:tomcat:4.1.36:::::::* cpe:2.3:a:apache:tomcat:4.1.35:::::::* cpe:2.3:a:apache:tomcat:4.1.34:::::::* cpe:2.3:a:apache:tomcat:4.1.33:::::::* cpe:2.3:a:apache:tomcat:4.1.32:::::::* cpe:2.3:a:apache:tomcat:4.1.31:::::::* cpe:2.3:a:apache:tomcat:4.1.30:::::::* cpe:2.3:a:apache:tomcat:4.1.3:::::::* cpe:2.3:a:apache:tomcat:4.1.3:beta:::::: cpe:2.3:a:apache:tomcat:4.1.29:::::::* cpe:2.3:a:apache:tomcat:4.1.29:alpha:::::: cpe:2.3:a:apache:tomcat:4.1.28:::::::* cpe:2.3:a:apache:tomcat:4.1.28:alpha:::::: cpe:2.3:a:apache:tomcat:4.1.27:::::::* cpe:2.3:a:apache:tomcat:4.1.26:::::::* cpe:2.3:a:apache:tomcat:4.1.25:::::::* cpe:2.3:a:apache:tomcat:4.1.24:::::::* cpe:2.3:a:apache:tomcat:4.1.23:::::::* cpe:2.3:a:apache:tomcat:4.1.22:::::::* cpe:2.3:a:apache:tomcat:4.1.21:::::::* cpe:2.3:a:apache:tomcat:4.1.20:::::::* cpe:2.3:a:apache:tomcat:4.1.2:::::::* cpe:2.3:a:apache:tomcat:4.1.19:::::::* cpe:2.3:a:apache:tomcat:4.1.18:::::::* cpe:2.3:a:apache:tomcat:4.1.17:::::::* cpe:2.3:a:apache:tomcat:4.1.16:::::::* cpe:2.3:a:apache:tomcat:4.1.15:::::::* cpe:2.3:a:apache:tomcat:4.1.14:::::::* cpe:2.3:a:apache:tomcat:4.1.13:::::::* cpe:2.3:a:apache:tomcat:4.1.12:::::::* cpe:2.3:a:apache:tomcat:4.1.11:::::::* cpe:2.3:a:apache:tomcat:4.1.10:::::::* cpe:2.3:a:apache:tomcat:4.1.1:::::::* cpe:2.3:a:apache:tomcat:4.1.0:::::::* cpe:2.3:a:apache:tomcat:4.0.6:::::::* cpe:2.3:a:apache:tomcat:4.0.5:::::::* cpe:2.3:a:apache:tomcat:4.0.4:::::::* cpe:2.3:a:apache:tomcat:4.0.3:::::::* cpe:2.3:a:apache:tomcat:4.0.2:::::::* cpe:2.3:a:apache:tomcat:4.0.1:::::::* cpe:2.3:a:apache:tomcat:4.0.0:::::::* cpe:2.3:a:apache:tomcat:4:::::::* cpe:2.3:a:apache:tomcat:3.3.2:::::::* cpe:2.3:a:apache:tomcat:3.3.1a:::::::* cpe:2.3:a:apache:tomcat:3.3.1:::::::* cpe:2.3:a:apache:tomcat:3.3:::::::* cpe:2.3:a:apache:tomcat:3.2.4:::::::* cpe:2.3:a:apache:tomcat:3.2.3:::::::* cpe:2.3:a:apache:tomcat:3.2.2:::::::* cpe:2.3:a:apache:tomcat:3.2.2:beta2:::::: cpe:2.3:a:apache:tomcat:3.2.1:::::::* cpe:2.3:a:apache:tomcat:3.2:::::::* cpe:2.3:a:apache:tomcat:3.1.1:::::::* cpe:2.3:a:apache:tomcat:3.1:::::::* cpe:2.3:a:apache:tomcat:3.0:::::::* cpe:2.3:a:apache:tomcat:1.1.3:::::::* cpe:2.3:a:apache:tomcat:::::::: cpe:2.3:a:apache:tomcat:-:::::::*	251
Application	Christos Zoulas File cpe:2.3:a:christos_zoulas:file:5.18:::::::* cpe:2.3:a:christos_zoulas:file:5.17:::::::* cpe:2.3:a:christos_zoulas:file:5.16:::::::* cpe:2.3:a:christos_zoulas:file:5.15:::::::* cpe:2.3:a:christos_zoulas:file:5.14:::::::* cpe:2.3:a:christos_zoulas:file:5.13:::::::* cpe:2.3:a:christos_zoulas:file:5.12:::::::* cpe:2.3:a:christos_zoulas:file:5.11:::::::* cpe:2.3:a:christos_zoulas:file:5.10:::::::* cpe:2.3:a:christos_zoulas:file:5.09:::::::* cpe:2.3:a:christos_zoulas:file:5.08:::::::* cpe:2.3:a:christos_zoulas:file:5.07:::::::* cpe:2.3:a:christos_zoulas:file:5.06:::::::* cpe:2.3:a:christos_zoulas:file:5.05:::::::* cpe:2.3:a:christos_zoulas:file:5.04:::::::* cpe:2.3:a:christos_zoulas:file:5.03:::::::* cpe:2.3:a:christos_zoulas:file:5.02:::::::* cpe:2.3:a:christos_zoulas:file:5.01:::::::* cpe:2.3:a:christos_zoulas:file:5.00:::::::* cpe:2.3:a:christos_zoulas:file:4.26:::::::* cpe:2.3:a:christos_zoulas:file:4.25:::::::* cpe:2.3:a:christos_zoulas:file:4.24:::::::* cpe:2.3:a:christos_zoulas:file:4.23:::::::* cpe:2.3:a:christos_zoulas:file:4.21:::::::* cpe:2.3:a:christos_zoulas:file:4.20:::::::* cpe:2.3:a:christos_zoulas:file:4.19:::::::* cpe:2.3:a:christos_zoulas:file:4.17:::::::* cpe:2.3:a:christos_zoulas:file:4.16:::::::* cpe:2.3:a:christos_zoulas:file:4.15:::::::* cpe:2.3:a:christos_zoulas:file:4.14:::::::* cpe:2.3:a:christos_zoulas:file:4.13:::::::* cpe:2.3:a:christos_zoulas:file:4.12:::::::* cpe:2.3:a:christos_zoulas:file:4.11:::::::* cpe:2.3:a:christos_zoulas:file:4.09:::::::* cpe:2.3:a:christos_zoulas:file:4.08:::::::* cpe:2.3:a:christos_zoulas:file:4.07:::::::* cpe:2.3:a:christos_zoulas:file:4.06:::::::* cpe:2.3:a:christos_zoulas:file:4.04:::::::* cpe:2.3:a:christos_zoulas:file:4.03:::::::* cpe:2.3:a:christos_zoulas:file:4.02:::::::* cpe:2.3:a:christos_zoulas:file:4.01:::::::* cpe:2.3:a:christos_zoulas:file:3.41:::::::* cpe:2.3:a:christos_zoulas:file:3.40:::::::* cpe:2.3:a:christos_zoulas:file:3.39:::::::* cpe:2.3:a:christos_zoulas:file:3.38:::::::* cpe:2.3:a:christos_zoulas:file:3.37:::::::* cpe:2.3:a:christos_zoulas:file:3.36:::::::* cpe:2.3:a:christos_zoulas:file:3.34:::::::* cpe:2.3:a:christos_zoulas:file:3.33:::::::* cpe:2.3:a:christos_zoulas:file:3.32:::::::* cpe:2.3:a:christos_zoulas:file:3.31:::::::* cpe:2.3:a:christos_zoulas:file:3.30:::::::* cpe:2.3:a:christos_zoulas:file::::::::	53
Application	File Project File cpe:2.3:a:file_project:file:5.18:::::::* cpe:2.3:a:file_project:file:5.17:::::::* cpe:2.3:a:file_project:file:5.16:::::::* cpe:2.3:a:file_project:file:5.15:::::::* cpe:2.3:a:file_project:file:5.14:::::::* cpe:2.3:a:file_project:file:5.13:::::::* cpe:2.3:a:file_project:file:5.12:::::::* cpe:2.3:a:file_project:file:5.11:::::::* cpe:2.3:a:file_project:file:5.10:::::::* cpe:2.3:a:file_project:file:5.09:::::::* cpe:2.3:a:file_project:file:5.08:::::::* cpe:2.3:a:file_project:file::::::::	12
Application	Oracle Http Server cpe:2.3:a:oracle:http_server:12.1.3.0:::::::* cpe:2.3:a:oracle:http_server:12.1.2.0:::::::* cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::* cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*	4
Application	Oracle Secure Global Desktop cpe:2.3:a:oracle:secure_global_desktop:5.1:::::::* cpe:2.3:a:oracle:secure_global_desktop:5.0:::::::* cpe:2.3:a:oracle:secure_global_desktop:4.71:::::::* cpe:2.3:a:oracle:secure_global_desktop:4.63:::::::*	4
Application	Php cpe:2.3:a:php:php:5.6.0:alpha1:::::: cpe:2.3:a:php:php:5.6.0:beta2:::::: cpe:2.3:a:php:php:5.6.0:beta3:::::: cpe:2.3:a:php:php:5.6.0:beta1:::::: cpe:2.3:a:php:php:5.6.0:alpha4:::::: cpe:2.3:a:php:php:5.6.0:alpha5:::::: cpe:2.3:a:php:php:5.6.0:alpha2:::::: cpe:2.3:a:php:php:5.6.0:alpha3:::::: cpe:2.3:a:php:php:5.5.9:-:::::: cpe:2.3:a:php:php:5.5.9:rc1:::::: cpe:2.3:a:php:php:5.5.8:-:::::: cpe:2.3:a:php:php:5.5.8:rc1:::::: cpe:2.3:a:php:php:5.5.7:-:::::: cpe:2.3:a:php:php:5.5.7:rc1:::::: cpe:2.3:a:php:php:5.5.6:-:::::: cpe:2.3:a:php:php:5.5.6:rc1:::::: cpe:2.3:a:php:php:5.5.5:-:::::: cpe:2.3:a:php:php:5.5.5:rc1:::::: cpe:2.3:a:php:php:5.5.4:-:::::: cpe:2.3:a:php:php:5.5.4:rc1:::::: cpe:2.3:a:php:php:5.5.3:::::::* cpe:2.3:a:php:php:5.5.2:-:::::: cpe:2.3:a:php:php:5.5.2:rc1:::::: cpe:2.3:a:php:php:5.5.13:-:::::: cpe:2.3:a:php:php:5.5.13:rc1:::::: cpe:2.3:a:php:php:5.5.12:-:::::: cpe:2.3:a:php:php:5.5.12:rc1:::::: cpe:2.3:a:php:php:5.5.11:-:::::: cpe:2.3:a:php:php:5.5.11:rc1:::::: cpe:2.3:a:php:php:5.5.10:-:::::: cpe:2.3:a:php:php:5.5.10:rc1:::::: cpe:2.3:a:php:php:5.5.1:::::::* cpe:2.3:a:php:php:5.5.0:alpha1:::::: cpe:2.3:a:php:php:5.5.0:beta4:::::: cpe:2.3:a:php:php:5.5.0:alpha6:::::: cpe:2.3:a:php:php:5.5.0:alpha2:::::: cpe:2.3:a:php:php:5.5.0:alpha5:::::: cpe:2.3:a:php:php:5.5.0:beta3:::::: cpe:2.3:a:php:php:5.5.0:beta2:::::: cpe:2.3:a:php:php:5.5.0:rc1:::::: cpe:2.3:a:php:php:5.5.0:alpha4:::::: cpe:2.3:a:php:php:5.5.0:beta1:::::: cpe:2.3:a:php:php:5.5.0:alpha3:::::: cpe:2.3:a:php:php:5.5.0:rc2:::::: cpe:2.3:a:php:php:5.5.0:-:::::: cpe:2.3:a:php:php:5.5.0:rc3:::::: cpe:2.3:a:php:php:5.4.9:-:::::: cpe:2.3:a:php:php:5.4.9:rc1:::::: cpe:2.3:a:php:php:5.4.8:-:::::: cpe:2.3:a:php:php:5.4.8:rc1:::::: cpe:2.3:a:php:php:5.4.7:-:::::: cpe:2.3:a:php:php:5.4.7:rc1:::::: cpe:2.3:a:php:php:5.4.6:-:::::: cpe:2.3:a:php:php:5.4.6:rc1:::::: cpe:2.3:a:php:php:5.4.5:-:::::: cpe:2.3:a:php:php:5.4.5:rc1:::::: cpe:2.3:a:php:php:5.4.45:::::::* cpe:2.3:a:php:php:5.4.44:::::::* cpe:2.3:a:php:php:5.4.43:::::::* cpe:2.3:a:php:php:5.4.42:::::::* cpe:2.3:a:php:php:5.4.41:::::::* cpe:2.3:a:php:php:5.4.40:::::::* cpe:2.3:a:php:php:5.4.4:-:::::: cpe:2.3:a:php:php:5.4.4:rc1:::::: cpe:2.3:a:php:php:5.4.4:rc2:::::: cpe:2.3:a:php:php:5.4.39:::::::* cpe:2.3:a:php:php:5.4.38:::::::* cpe:2.3:a:php:php:5.4.37:::::::* cpe:2.3:a:php:php:5.4.36:::::::* cpe:2.3:a:php:php:5.4.35:::::::* cpe:2.3:a:php:php:5.4.34:::::::* cpe:2.3:a:php:php:5.4.33:-:::::: cpe:2.3:a:php:php:5.4.33:rc1:::::: cpe:2.3:a:php:php:5.4.32:-:::::: cpe:2.3:a:php:php:5.4.32:rc1:::::: cpe:2.3:a:php:php:5.4.31:-:::::: cpe:2.3:a:php:php:5.4.31:rc1:::::: cpe:2.3:a:php:php:5.4.30:-:::::: cpe:2.3:a:php:php:5.4.30:rc1:::::: cpe:2.3:a:php:php:5.4.3:::::::* cpe:2.3:a:php:php:5.4.29:-:::::: cpe:2.3:a:php:php:5.4.29:rc1:::::: cpe:2.3:a:php:php:5.4.28:-:::::: cpe:2.3:a:php:php:5.4.28:rc1:::::: cpe:2.3:a:php:php:5.4.27:-:::::: cpe:2.3:a:php:php:5.4.27:rc1:::::: cpe:2.3:a:php:php:5.4.26:-:::::: cpe:2.3:a:php:php:5.4.26:rc1:::::: cpe:2.3:a:php:php:5.4.25:-:::::: cpe:2.3:a:php:php:5.4.25:rc1:::::: cpe:2.3:a:php:php:5.4.24:-:::::: cpe:2.3:a:php:php:5.4.24:rc1:::::: cpe:2.3:a:php:php:5.4.23:-:::::: cpe:2.3:a:php:php:5.4.23:rc1:::::: cpe:2.3:a:php:php:5.4.22:-:::::: cpe:2.3:a:php:php:5.4.22:rc1:::::: cpe:2.3:a:php:php:5.4.21:-:::::: cpe:2.3:a:php:php:5.4.21:rc1:::::: cpe:2.3:a:php:php:5.4.20:-:::::: cpe:2.3:a:php:php:5.4.20:rc1:::::: cpe:2.3:a:php:php:5.4.2:::::::* cpe:2.3:a:php:php:5.4.19:::::::* cpe:2.3:a:php:php:5.4.18:-:::::: cpe:2.3:a:php:php:5.4.18:rc1:::::: cpe:2.3:a:php:php:5.4.18:rc2:::::: cpe:2.3:a:php:php:5.4.17:-:::::: cpe:2.3:a:php:php:5.4.17:rc1:::::: cpe:2.3:a:php:php:5.4.16:rc1:::::: cpe:2.3:a:php:php:5.4.16:-:::::: cpe:2.3:a:php:php:5.4.15:rc1:::::: cpe:2.3:a:php:php:5.4.15:-:::::: cpe:2.3:a:php:php:5.4.14:rc1:::::: cpe:2.3:a:php:php:5.4.14:-:::::: cpe:2.3:a:php:php:5.4.13:rc1:::::: cpe:2.3:a:php:php:5.4.13:-:::::: cpe:2.3:a:php:php:5.4.12:rc2:::::: cpe:2.3:a:php:php:5.4.12:rc1:::::: cpe:2.3:a:php:php:5.4.12:-:::::: cpe:2.3:a:php:php:5.4.11:-:::::: cpe:2.3:a:php:php:5.4.11:rc1:::::: cpe:2.3:a:php:php:5.4.10:-:::::: cpe:2.3:a:php:php:5.4.10:rc1:::::: cpe:2.3:a:php:php:5.4.1:::::::* cpe:2.3:a:php:php:5.4.1:rc1:::::: cpe:2.3:a:php:php:5.4.1:rc2:::::: cpe:2.3:a:php:php:5.4.0:beta2:::::: cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::* cpe:2.3:a:php:php:5.4.0:rc2:::::: cpe:2.3:a:php:php:5.4.0:-:::::: cpe:2.3:a:php:php:5.4.0:alpha1:::::: cpe:2.3:a:php:php:5.4.0:alpha2:::::: cpe:2.3:a:php:php:5.4.0:alpha3:::::: cpe:2.3:a:php:php:5.4.0:beta1:::::: cpe:2.3:a:php:php:5.4.0:rc1:::::: cpe:2.3:a:php:php:5.4.0:rc3:::::: cpe:2.3:a:php:php:5.4.0:rc4:::::: cpe:2.3:a:php:php:5.4.0:rc5:::::: cpe:2.3:a:php:php:5.4.0:rc6:::::: cpe:2.3:a:php:php:5.4.0:rc7:::::: cpe:2.3:a:php:php:5.4.0:rc8:::::: cpe:2.3:a:php:php:5.3.9:-:::::: cpe:2.3:a:php:php:5.3.9:rc1:::::: cpe:2.3:a:php:php:5.3.9:rc2:::::: cpe:2.3:a:php:php:5.3.9:rc3:::::: cpe:2.3:a:php:php:5.3.9:rc4:::::: cpe:2.3:a:php:php:5.3.8:::::::* cpe:2.3:a:php:php:5.3.7:-:::::: cpe:2.3:a:php:php:5.3.7:rc1:::::: cpe:2.3:a:php:php:5.3.7:rc2:::::: cpe:2.3:a:php:php:5.3.7:rc3:::::: cpe:2.3:a:php:php:5.3.7:rc4:::::: cpe:2.3:a:php:php:5.3.7:rc5:::::: cpe:2.3:a:php:php:5.3.6:::::::* cpe:2.3:a:php:php:5.3.6:rc1:::::: cpe:2.3:a:php:php:5.3.6:rc2:::::: cpe:2.3:a:php:php:5.3.6:rc3:::::: cpe:2.3:a:php:php:5.3.5:::::::* cpe:2.3:a:php:php:5.3.4:-:::::: cpe:2.3:a:php:php:5.3.4:rc1:::::: cpe:2.3:a:php:php:5.3.4:rc2:::::: cpe:2.3:a:php:php:5.3.3:-:::::: cpe:2.3:a:php:php:5.3.3:rc1:::::: cpe:2.3:a:php:php:5.3.3:rc2:::::: cpe:2.3:a:php:php:5.3.3:rc3:::::: cpe:2.3:a:php:php:5.3.29:-:::::: cpe:2.3:a:php:php:5.3.29:rc1:::::: cpe:2.3:a:php:php:5.3.28:::::::* cpe:2.3:a:php:php:5.3.27:-:::::: cpe:2.3:a:php:php:5.3.27:rc1:::::: cpe:2.3:a:php:php:5.3.26:-:::::: cpe:2.3:a:php:php:5.3.26:rc1:::::: cpe:2.3:a:php:php:5.3.25:-:::::: cpe:2.3:a:php:php:5.3.25:rc1:::::: cpe:2.3:a:php:php:5.3.24:-:::::: cpe:2.3:a:php:php:5.3.24:rc1:::::: cpe:2.3:a:php:php:5.3.23:-:::::: cpe:2.3:a:php:php:5.3.23:rc1:::::: cpe:2.3:a:php:php:5.3.22:-:::::: cpe:2.3:a:php:php:5.3.22:rc1:::::: cpe:2.3:a:php:php:5.3.22:rc2:::::: cpe:2.3:a:php:php:5.3.21:-:::::: cpe:2.3:a:php:php:5.3.21:rc1:::::: cpe:2.3:a:php:php:5.3.20:-:::::: cpe:2.3:a:php:php:5.3.20:rc1:::::: cpe:2.3:a:php:php:5.3.2:-:::::: cpe:2.3:a:php:php:5.3.2:rc1:::::: cpe:2.3:a:php:php:5.3.2:rc2:::::: cpe:2.3:a:php:php:5.3.2:rc3:::::: cpe:2.3:a:php:php:5.3.19:-:::::: cpe:2.3:a:php:php:5.3.19:rc1:::::: cpe:2.3:a:php:php:5.3.18:-:::::: cpe:2.3:a:php:php:5.3.18:rc1:::::: cpe:2.3:a:php:php:5.3.17:::::::* cpe:2.3:a:php:php:5.3.16:::::::* cpe:2.3:a:php:php:5.3.15:-:::::: cpe:2.3:a:php:php:5.3.15:rc1:::::: cpe:2.3:a:php:php:5.3.14:-:::::: cpe:2.3:a:php:php:5.3.14:rc1:::::: cpe:2.3:a:php:php:5.3.14:rc2:::::: cpe:2.3:a:php:php:5.3.13:::::::* cpe:2.3:a:php:php:5.3.12:::::::* cpe:2.3:a:php:php:5.3.11:-:::::: cpe:2.3:a:php:php:5.3.11:rc1:::::: cpe:2.3:a:php:php:5.3.11:rc2:::::: cpe:2.3:a:php:php:5.3.10:::::::* cpe:2.3:a:php:php:5.3.1:-:::::: cpe:2.3:a:php:php:5.3.1:rc1:::::: cpe:2.3:a:php:php:5.3.1:rc2:::::: cpe:2.3:a:php:php:5.3.1:rc3:::::: cpe:2.3:a:php:php:5.3.1:rc4:::::: cpe:2.3:a:php:php:5.3.0:-:::::: cpe:2.3:a:php:php:5.3.0:alpha1:::::: cpe:2.3:a:php:php:5.3.0:alpha2:::::: cpe:2.3:a:php:php:5.3.0:alpha3:::::: cpe:2.3:a:php:php:5.3.0:beta1:::::: cpe:2.3:a:php:php:5.3.0:rc1:::::: cpe:2.3:a:php:php:5.3.0:rc2:::::: cpe:2.3:a:php:php:5.3.0:rc3:::::: cpe:2.3:a:php:php:5.3.0:rc4:::::: cpe:2.3:a:php:php:5.2.9:-:::::: cpe:2.3:a:php:php:5.2.9:rc1:::::: cpe:2.3:a:php:php:5.2.9:rc2:::::: cpe:2.3:a:php:php:5.2.9:rc3:::::: cpe:2.3:a:php:php:5.2.8:::::::* cpe:2.3:a:php:php:5.2.7:-:::::: cpe:2.3:a:php:php:5.2.7:rc1:::::: cpe:2.3:a:php:php:5.2.7:rc2:::::: cpe:2.3:a:php:php:5.2.7:rc3:::::: cpe:2.3:a:php:php:5.2.7:rc4:::::: cpe:2.3:a:php:php:5.2.7:rc5:::::: cpe:2.3:a:php:php:5.2.6:-:::::: cpe:2.3:a:php:php:5.2.6:rc1:::::: cpe:2.3:a:php:php:5.2.6:rc2:::::: cpe:2.3:a:php:php:5.2.6:rc3:::::: cpe:2.3:a:php:php:5.2.6:rc4:::::: cpe:2.3:a:php:php:5.2.6:rc5:::::: cpe:2.3:a:php:php:5.2.5:-:::::: cpe:2.3:a:php:php:5.2.5:rc1:::::: cpe:2.3:a:php:php:5.2.5:rc2:::::: cpe:2.3:a:php:php:5.2.4::windows::::: cpe:2.3:a:php:php:5.2.4:-:::::: cpe:2.3:a:php:php:5.2.4:rc1:::::: cpe:2.3:a:php:php:5.2.4:rc2:::::: cpe:2.3:a:php:php:5.2.4:rc3:::::: cpe:2.3:a:php:php:5.2.3:-:::::: cpe:2.3:a:php:php:5.2.3:rc1:::::: cpe:2.3:a:php:php:5.2.2:-:::::: cpe:2.3:a:php:php:5.2.2:rc1:::::: cpe:2.3:a:php:php:5.2.2:rc2:::::: cpe:2.3:a:php:php:5.2.17:::::::* cpe:2.3:a:php:php:5.2.16:::::::* cpe:2.3:a:php:php:5.2.15:-:::::: cpe:2.3:a:php:php:5.2.15:rc1:::::: cpe:2.3:a:php:php:5.2.15:rc2:::::: cpe:2.3:a:php:php:5.2.14:-:::::: cpe:2.3:a:php:php:5.2.14:rc1:::::: cpe:2.3:a:php:php:5.2.14:rc2:::::: cpe:2.3:a:php:php:5.2.14:rc3:::::: cpe:2.3:a:php:php:5.2.13:-:::::: cpe:2.3:a:php:php:5.2.13:rc1:::::: cpe:2.3:a:php:php:5.2.13:rc2:::::: cpe:2.3:a:php:php:5.2.12:-:::::: cpe:2.3:a:php:php:5.2.12:rc1:::::: cpe:2.3:a:php:php:5.2.12:rc2:::::: cpe:2.3:a:php:php:5.2.12:rc3:::::: cpe:2.3:a:php:php:5.2.12:rc4:::::: cpe:2.3:a:php:php:5.2.11:-:::::: cpe:2.3:a:php:php:5.2.11:rc1:::::: cpe:2.3:a:php:php:5.2.11:rc2:::::: cpe:2.3:a:php:php:5.2.11:rc3:::::: cpe:2.3:a:php:php:5.2.10:-:::::: cpe:2.3:a:php:php:5.2.10:rc1:::::: cpe:2.3:a:php:php:5.2.10:rc2:::::: cpe:2.3:a:php:php:5.2.1:-:::::: cpe:2.3:a:php:php:5.2.1:rc1:::::: cpe:2.3:a:php:php:5.2.1:rc2:::::: cpe:2.3:a:php:php:5.2.1:rc3:::::: cpe:2.3:a:php:php:5.2.1:rc4:::::: cpe:2.3:a:php:php:5.2.0:::::::* cpe:2.3:a:php:php:5.2.0:rc1:::::: cpe:2.3:a:php:php:5.2.0:rc2:::::: cpe:2.3:a:php:php:5.2.0:rc3:::::: cpe:2.3:a:php:php:5.2.0:rc4:::::: cpe:2.3:a:php:php:5.2.0:rc5:::::: cpe:2.3:a:php:php:5.2.0:rc6:::::: cpe:2.3:a:php:php:5.1.6:::::::* cpe:2.3:a:php:php:5.1.5:-:::::: cpe:2.3:a:php:php:5.1.5:rc1:::::: cpe:2.3:a:php:php:5.1.4:::::::* cpe:2.3:a:php:php:5.1.3:::::::* cpe:2.3:a:php:php:5.1.3:rc1:::::: cpe:2.3:a:php:php:5.1.3:rc2:::::: cpe:2.3:a:php:php:5.1.3:rc3:::::: cpe:2.3:a:php:php:5.1.2:-:::::: cpe:2.3:a:php:php:5.1.2:rc1:::::: cpe:2.3:a:php:php:5.1.2:rc2:::::: cpe:2.3:a:php:php:5.1.1:::::::* cpe:2.3:a:php:php:5.1.0:-:::::: cpe:2.3:a:php:php:5.1.0:beta1:::::: cpe:2.3:a:php:php:5.1.0:beta2:::::: cpe:2.3:a:php:php:5.1.0:beta3:::::: cpe:2.3:a:php:php:5.1.0:rc1:::::: cpe:2.3:a:php:php:5.1.0:rc2:::::: cpe:2.3:a:php:php:5.1.0:rc2-pre:::::: cpe:2.3:a:php:php:5.1.0:rc3:::::: cpe:2.3:a:php:php:5.1.0:rc4:::::: cpe:2.3:a:php:php:5.1.0:rc5:::::: cpe:2.3:a:php:php:5.1.0:rc6:::::: cpe:2.3:a:php:php:5.0.5:-:::::: cpe:2.3:a:php:php:5.0.5:rc1:::::: cpe:2.3:a:php:php:5.0.5:rc2:::::: cpe:2.3:a:php:php:5.0.4:-:::::: cpe:2.3:a:php:php:5.0.4:rc1:::::: cpe:2.3:a:php:php:5.0.4:rc2:::::: cpe:2.3:a:php:php:5.0.3:-:::::: cpe:2.3:a:php:php:5.0.3:rc1:::::: cpe:2.3:a:php:php:5.0.3:rc2:::::: cpe:2.3:a:php:php:5.0.2:-:::::: cpe:2.3:a:php:php:5.0.2:rc1:::::: cpe:2.3:a:php:php:5.0.1:-:::::: cpe:2.3:a:php:php:5.0.1:beta1:::::: cpe:2.3:a:php:php:5.0.1:rc1:::::: cpe:2.3:a:php:php:5.0.1:rc2:::::: cpe:2.3:a:php:php:5.0.0:beta3:::::: cpe:2.3:a:php:php:5.0.0:rc3:::::: cpe:2.3:a:php:php:5.0.0:beta1:::::: cpe:2.3:a:php:php:5.0.0:beta4:::::: cpe:2.3:a:php:php:5.0.0:rc1:::::: cpe:2.3:a:php:php:5.0.0:beta2:::::: cpe:2.3:a:php:php:5.0.0:rc2:::::: cpe:2.3:a:php:php:5.0.0:-:::::: cpe:2.3:a:php:php:5.0:rc1:::::: cpe:2.3:a:php:php:5.0:rc3:::::: cpe:2.3:a:php:php:5.0:rc2:::::: cpe:2.3:a:php:php:5:::::::* cpe:2.3:a:php:php:4.4.9:-:::::: cpe:2.3:a:php:php:4.4.9:rc1:::::: cpe:2.3:a:php:php:4.4.8:-:::::: cpe:2.3:a:php:php:4.4.8:rc1:::::: cpe:2.3:a:php:php:4.4.7:-:::::: cpe:2.3:a:php:php:4.4.7:rc1:::::: cpe:2.3:a:php:php:4.4.6:-:::::: cpe:2.3:a:php:php:4.4.6:rc1:::::: cpe:2.3:a:php:php:4.4.5:-:::::: cpe:2.3:a:php:php:4.4.5:rc1:::::: cpe:2.3:a:php:php:4.4.5:rc2:::::: cpe:2.3:a:php:php:4.4.4:-:::::: cpe:2.3:a:php:php:4.4.4:rc1:::::: cpe:2.3:a:php:php:4.4.3:-:::::: cpe:2.3:a:php:php:4.4.3:rc1:::::: cpe:2.3:a:php:php:4.4.3:rc2:::::: cpe:2.3:a:php:php:4.4.2:-:::::: cpe:2.3:a:php:php:4.4.2:rc1:::::: cpe:2.3:a:php:php:4.4.2:rc2:::::: cpe:2.3:a:php:php:4.4.1:-:::::: cpe:2.3:a:php:php:4.4.1:rc1:::::: cpe:2.3:a:php:php:4.4.0:-:::::: cpe:2.3:a:php:php:4.4.0:rc1:::::: cpe:2.3:a:php:php:4.4.0:rc2:::::: cpe:2.3:a:php:php:4.3.9:::::::* cpe:2.3:a:php:php:4.3.9:rc1:::::: cpe:2.3:a:php:php:4.3.9:rc2:::::: cpe:2.3:a:php:php:4.3.9:rc3:::::: cpe:2.3:a:php:php:4.3.8:::::::* cpe:2.3:a:php:php:4.3.7:-:::::: cpe:2.3:a:php:php:4.3.7:rc1:::::: cpe:2.3:a:php:php:4.3.6:-:::::: cpe:2.3:a:php:php:4.3.6:rc1:::::: cpe:2.3:a:php:php:4.3.6:rc2:::::: cpe:2.3:a:php:php:4.3.6:rc3:::::: cpe:2.3:a:php:php:4.3.5:-:::::: cpe:2.3:a:php:php:4.3.5:rc1:::::: cpe:2.3:a:php:php:4.3.5:rc2:::::: cpe:2.3:a:php:php:4.3.5:rc3:::::: cpe:2.3:a:php:php:4.3.5:rc4:::::: cpe:2.3:a:php:php:4.3.4:-:::::: cpe:2.3:a:php:php:4.3.4:rc1:::::: cpe:2.3:a:php:php:4.3.4:rc2:::::: cpe:2.3:a:php:php:4.3.4:rc3:::::: cpe:2.3:a:php:php:4.3.3:-:::::: cpe:2.3:a:php:php:4.3.3:rc1:::::: cpe:2.3:a:php:php:4.3.3:rc2:::::: cpe:2.3:a:php:php:4.3.3:rc3:::::: cpe:2.3:a:php:php:4.3.3:rc4:::::: cpe:2.3:a:php:php:4.3.2:-:::::: cpe:2.3:a:php:php:4.3.2:rc1:::::: cpe:2.3:a:php:php:4.3.2:rc2:::::: cpe:2.3:a:php:php:4.3.2:rc3:::::: cpe:2.3:a:php:php:4.3.2:rc4:::::: cpe:2.3:a:php:php:4.3.11:-:::::: cpe:2.3:a:php:php:4.3.11:rc1:::::: cpe:2.3:a:php:php:4.3.11:rc2:::::: cpe:2.3:a:php:php:4.3.10:-:::::: cpe:2.3:a:php:php:4.3.10:rc1:::::: cpe:2.3:a:php:php:4.3.10:rc2:::::: cpe:2.3:a:php:php:4.3.1:::::::* cpe:2.3:a:php:php:4.3.0:-:::::: cpe:2.3:a:php:php:4.3.0:alpha1:::::: cpe:2.3:a:php:php:4.3.0:alpha2:::::: cpe:2.3:a:php:php:4.3.0:alpha3:::::: cpe:2.3:a:php:php:4.3.0:dev:::::: cpe:2.3:a:php:php:4.3.0:pre1:::::: cpe:2.3:a:php:php:4.3.0:pre2:::::: cpe:2.3:a:php:php:4.3.0:rc1:::::: cpe:2.3:a:php:php:4.3.0:rc2:::::: cpe:2.3:a:php:php:4.3.0:rc3:::::: cpe:2.3:a:php:php:4.3.0:rc4:::::: cpe:2.3:a:php:php:4.2.3:-:::::: cpe:2.3:a:php:php:4.2.3:rc1:::::: cpe:2.3:a:php:php:4.2.3:rc2:::::: cpe:2.3:a:php:php:4.2.2:::::::* cpe:2.3:a:php:php:4.2.1:-:::::: cpe:2.3:a:php:php:4.2.1:rc1:::::: cpe:2.3:a:php:php:4.2.1:rc2:::::: cpe:2.3:a:php:php:4.2.0:-:::::: cpe:2.3:a:php:php:4.2.0:rc1:::::: cpe:2.3:a:php:php:4.2.0:rc2:::::: cpe:2.3:a:php:php:4.2.0:rc3:::::: cpe:2.3:a:php:php:4.2.0:rc4:::::: cpe:2.3:a:php:php:4.2::dev::::: cpe:2.3:a:php:php:4.1.2:::::::* cpe:2.3:a:php:php:4.1.1:::::::* cpe:2.3:a:php:php:4.1.0:-:::::: cpe:2.3:a:php:php:4.1.0:rc1:::::: cpe:2.3:a:php:php:4.1.0:rc2:::::: cpe:2.3:a:php:php:4.1.0:rc3:::::: cpe:2.3:a:php:php:4.1.0:rc4:::::: cpe:2.3:a:php:php:4.1.0:rc5:::::: cpe:2.3:a:php:php:4.0.7:rc3:::::: cpe:2.3:a:php:php:4.0.7:rc2:::::: cpe:2.3:a:php:php:4.0.7:rc4:::::: cpe:2.3:a:php:php:4.0.7:rc1:::::: cpe:2.3:a:php:php:4.0.7:-:::::: cpe:2.3:a:php:php:4.0.6:-:::::: cpe:2.3:a:php:php:4.0.6:rc1:::::: cpe:2.3:a:php:php:4.0.6:rc2:::::: cpe:2.3:a:php:php:4.0.6:rc3:::::: cpe:2.3:a:php:php:4.0.6:rc4:::::: cpe:2.3:a:php:php:4.0.5:-:::::: cpe:2.3:a:php:php:4.0.5:rc1:::::: cpe:2.3:a:php:php:4.0.5:rc2:::::: cpe:2.3:a:php:php:4.0.5:rc3:::::: cpe:2.3:a:php:php:4.0.5:rc4:::::: cpe:2.3:a:php:php:4.0.5:rc5:::::: cpe:2.3:a:php:php:4.0.5:rc6:::::: cpe:2.3:a:php:php:4.0.5:rc7:::::: cpe:2.3:a:php:php:4.0.5:rc8:::::: cpe:2.3:a:php:php:4.0.4pl1:::::::* cpe:2.3:a:php:php:4.0.4:patch1:::::: cpe:2.3:a:php:php:4.0.4:-:::::: cpe:2.3:a:php:php:4.0.4:rc1:::::: cpe:2.3:a:php:php:4.0.4:rc2:::::: cpe:2.3:a:php:php:4.0.4:rc3:::::: cpe:2.3:a:php:php:4.0.4:rc4:::::: cpe:2.3:a:php:php:4.0.4:rc5:::::: cpe:2.3:a:php:php:4.0.4:rc6:::::: cpe:2.3:a:php:php:4.0.3:::::::* cpe:2.3:a:php:php:4.0.3:patch1:::::: cpe:2.3:a:php:php:4.0.3:rc1:::::: cpe:2.3:a:php:php:4.0.3:rc2:::::: cpe:2.3:a:php:php:4.0.2:::::::* cpe:2.3:a:php:php:4.0.2:rc1:::::: cpe:2.3:a:php:php:4.0.1:patch2:::::: cpe:2.3:a:php:php:4.0.1:patch1:::::: cpe:2.3:a:php:php:4.0.1:-:::::: cpe:2.3:a:php:php:4.0.1:rc:::::: cpe:2.3:a:php:php:4.0.1:rc2:::::: cpe:2.3:a:php:php:4.0.0:::::::* cpe:2.3:a:php:php:4.0:beta1:::::: cpe:2.3:a:php:php:4.0:beta2:::::: cpe:2.3:a:php:php:4.0:beta3:::::: cpe:2.3:a:php:php:4.0:beta4:::::: cpe:2.3:a:php:php:4.0:beta_4_patch1:::::: cpe:2.3:a:php:php:4.0:rc1:::::: cpe:2.3:a:php:php:4.0:rc2:::::: cpe:2.3:a:php:php:4.0:-:::::: cpe:2.3:a:php:php:4:::::::* cpe:2.3:a:php:php:3.0.9:::::::* cpe:2.3:a:php:php:3.0.8:::::::* cpe:2.3:a:php:php:3.0.7:::::::* cpe:2.3:a:php:php:3.0.6:::::::* cpe:2.3:a:php:php:3.0.5:::::::* cpe:2.3:a:php:php:3.0.4:::::::* cpe:2.3:a:php:php:3.0.3:::::::* cpe:2.3:a:php:php:3.0.2:::::::* cpe:2.3:a:php:php:3.0.18:::::::* cpe:2.3:a:php:php:3.0.17:::::::* cpe:2.3:a:php:php:3.0.16:::::::* cpe:2.3:a:php:php:3.0.15:::::::* cpe:2.3:a:php:php:3.0.14:::::::* cpe:2.3:a:php:php:3.0.13:::::::* cpe:2.3:a:php:php:3.0.12:::::::* cpe:2.3:a:php:php:3.0.11:::::::* cpe:2.3:a:php:php:3.0.10:::::::* cpe:2.3:a:php:php:3.0.1:::::::* cpe:2.3:a:php:php:3.0:::::::* cpe:2.3:a:php:php:2.0b10:::::::* cpe:2.3:a:php:php:2.0.2:::::::* cpe:2.3:a:php:php:2.0.1:::::::* cpe:2.3:a:php:php:2.0.0:-:::::: cpe:2.3:a:php:php:2.0.0:alpha1:::::: cpe:2.3:a:php:php:2.0.0:alpha2:::::: cpe:2.3:a:php:php:2.0.0:beta1:::::: cpe:2.3:a:php:php:2.0.0:rc1:::::: cpe:2.3:a:php:php:2.0:::::::* cpe:2.3:a:php:php:1.5:::::::* cpe:2.3:a:php:php:1.4:::::::* cpe:2.3:a:php:php:1.3.5:::::::* cpe:2.3:a:php:php:1.3.1:::::::* cpe:2.3:a:php:php:1.3:-:::::: cpe:2.3:a:php:php:1.3:beta2:::::: cpe:2.3:a:php:php:1.3:beta3:::::: cpe:2.3:a:php:php:1.3:beta6:::::: cpe:2.3:a:php:php:1.2.5:::::::* cpe:2.3:a:php:php:1.2.4:::::::* cpe:2.3:a:php:php:1.2.3:::::::* cpe:2.3:a:php:php:1.2.2:::::::* cpe:2.3:a:php:php:1.2.1:::::::* cpe:2.3:a:php:php:1.2.0:::::::* cpe:2.3:a:php:php:1.2:::::::* cpe:2.3:a:php:php:1.1.1:::::::* cpe:2.3:a:php:php:1.1.0:::::::* cpe:2.3:a:php:php:1.1:::::::* cpe:2.3:a:php:php:1.0.4:::::::* cpe:2.3:a:php:php:1.0.3:::::::* cpe:2.3:a:php:php:1.0.2:::::::* cpe:2.3:a:php:php:1.0.1:::::::* cpe:2.3:a:php:php:1.0.0:-:::::: cpe:2.3:a:php:php:1.0.0:rc1:::::: cpe:2.3:a:php:php:1.0:beta1:::::: cpe:2.3:a:php:php:1.0:beta2:::::: cpe:2.3:a:php:php:1.0:beta3:::::: cpe:2.3:a:php:php:1.0:rc1:::::: cpe:2.3:a:php:php:1.0:rc2:::::: cpe:2.3:a:php:php:0.91:::::::* cpe:2.3:a:php:php:0.90:::::::* cpe:2.3:a:php:php:0.9.4:::::::* cpe:2.3:a:php:php:0.9.3:::::::* cpe:2.3:a:php:php:0.9.2:::::::* cpe:2.3:a:php:php:0.9.1:::::::* cpe:2.3:a:php:php:0.9.0:::::::* cpe:2.3:a:php:php:0.9:::::::* cpe:2.3:a:php:php:0.7:::::::* cpe:2.3:a:php:php:0.6:::::::* cpe:2.3:a:php:php:0.5.3:::::::* cpe:2.3:a:php:php:0.5.2:::::::* cpe:2.3:a:php:php:0.5:::::::* cpe:2.3:a:php:php:0.4:::::::* cpe:2.3:a:php:php:0.3:::::::* cpe:2.3:a:php:php:0.2.4:::::::* cpe:2.3:a:php:php:0.2.3:::::::* cpe:2.3:a:php:php:0.2.2:::::::* cpe:2.3:a:php:php:0.2.1:::::::* cpe:2.3:a:php:php:0.2.0:::::::* cpe:2.3:a:php:php:0.2:::::::* cpe:2.3:a:php:php:0.11:::::::* cpe:2.3:a:php:php:0.10:::::::* cpe:2.3:a:php:php:0.1.1:::::::* cpe:2.3:a:php:php:0.1:::::::* cpe:2.3:a:php:php:::::::: cpe:2.3:a:php:php:-:::::::*	561
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::	4
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::*	2
Os	Opensuse cpe:2.3:o:opensuse:opensuse:11.4:::::::* cpe:2.3:o:opensuse:opensuse:11.3:::::::*	2
Os	Oracle Linux cpe:2.3:o:oracle:linux:7:-::::::	1

Information Assurance Vulnerability Management (IAVM)

Date	Description
2015-07-16	IAVM : 2015-A-0149 - Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance Severity : Category I - VMSKEY : V0061101
2015-06-25	IAVM : 2015-B-0083 - Multiple Vulnerabilities in IBM Storwize V7000 Unified Severity : Category I - VMSKEY : V0060983
2014-07-03	IAVM : 2014-B-0086 - Multiple Vulnerabilities in PHP Severity : Category I - VMSKEY : V0052897
2014-06-19	IAVM : 2014-A-0084 - Multiple Vulnerabilities in Apache HTTP Server Severity : Category I - VMSKEY : V0052631
2014-05-29	IAVM : 2014-B-0063 - Multiple Vulnerabilities in Apache Tomcat Severity : Category I - VMSKEY : V0051613
2014-05-29	IAVM : 2014-B-0065 - Multiple Vulnerabilities in IBM WebSphere Application Server Severity : Category I - VMSKEY : V0051617

Snort® IPS/IDS

Date	Description
2019-10-17	Apache cookie logging denial of service attempt RuleID : 51547 - Revision : 1 - Type : SERVER-APACHE
2017-12-13	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 44749 - Revision : 2 - Type : SERVER-WEBAPP
2017-12-13	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 44748 - Revision : 2 - Type : SERVER-WEBAPP
2017-12-13	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 44747 - Revision : 2 - Type : SERVER-WEBAPP
2017-12-13	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 44746 - Revision : 2 - Type : SERVER-WEBAPP
2017-12-13	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 44745 - Revision : 2 - Type : SERVER-WEBAPP
2017-12-13	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 44744 - Revision : 2 - Type : SERVER-WEBAPP
2015-08-04	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 35011 - Revision : 2 - Type : SERVER-WEBAPP
2015-08-04	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 35010 - Revision : 2 - Type : SERVER-WEBAPP
2015-08-04	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 35009 - Revision : 3 - Type : SERVER-WEBAPP
2015-08-04	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 35008 - Revision : 3 - Type : SERVER-WEBAPP
2015-08-04	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 35007 - Revision : 3 - Type : SERVER-WEBAPP
2015-08-04	PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a... RuleID : 35006 - Revision : 3 - Type : SERVER-WEBAPP
2014-11-16	PHP DNS parsing heap overflow attempt RuleID : 31460 - Revision : 3 - Type : SERVER-WEBAPP
2014-11-16	http POST request smuggling attempt RuleID : 31213 - Revision : 2 - Type : INDICATOR-COMPROMISE
2014-11-16	http GET request smuggling attempt RuleID : 31212 - Revision : 2 - Type : INDICATOR-COMPROMISE

Nessus® Vulnerability Scanner

Date	Description
2016-08-29	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1638-1.nasl - Type : ACT_GATHER_INFO
2016-06-23	Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10698.nasl - Type : ACT_GATHER_INFO
2016-04-18	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3552.nasl - Type : ACT_GATHER_INFO
2016-03-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3530.nasl - Type : ACT_GATHER_INFO
2016-01-19	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3447.nasl - Type : ACT_GATHER_INFO
2015-12-22	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20151119_file_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-2155.nasl - Type : ACT_GATHER_INFO
2015-11-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-2155.nasl - Type : ACT_GATHER_INFO
2015-11-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2155.nasl - Type : ACT_GATHER_INFO
2015-07-20	Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10685.nasl - Type : ACT_GATHER_INFO
2015-07-20	Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10685_cred.nasl - Type : ACT_GATHER_INFO
2015-06-26	Name : The remote IBM Storwize device is affected by multiple vulnerabilities. File : ibm_storwize_1_5_0_2.nasl - Type : ACT_GATHER_INFO
2015-06-26	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2654-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1082-1.nasl - Type : ACT_GATHER_INFO
2015-05-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-526.nasl - Type : ACT_GATHER_INFO
2015-05-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-527.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-080.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-084.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-093.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-145.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-18.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-27.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-66.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-67.nasl - Type : ACT_GATHER_INFO
2015-03-19	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-052.nasl - Type : ACT_GATHER_INFO
2015-03-19	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-053.nasl - Type : ACT_GATHER_INFO
2015-02-24	Name : The remote Fedora host is missing a security update. File : fedora_2015-2109.nasl - Type : ACT_GATHER_INFO
2015-01-27	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_apache_20140915.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_tomcat_20140715.nasl - Type : ACT_GATHER_INFO
2014-12-16	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-770.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-29.nasl - Type : ACT_GATHER_INFO
2014-12-03	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15428.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1606.nasl - Type : ACT_GATHER_INFO
2014-11-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_file_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-30	Name : The remote host is affected by multiple vulnerabilities. File : oracle_edq_oct_2014_cpu.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_10.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1606.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1606.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-331.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-367.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-372.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-382.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-393.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15426.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15429.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15432.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1327.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1327.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1327.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_9_5.nasl - Type : ACT_GATHER_INFO
2014-09-17	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-546.nasl - Type : ACT_GATHER_INFO
2014-09-12	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-172.nasl - Type : ACT_GATHER_INFO
2014-09-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3021.nasl - Type : ACT_GATHER_INFO
2014-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-11.nasl - Type : ACT_GATHER_INFO
2014-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-12.nasl - Type : ACT_GATHER_INFO
2014-08-29	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5_3.nasl - Type : ACT_GATHER_INFO
2014-08-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1087.nasl - Type : ACT_GATHER_INFO
2014-08-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1088.nasl - Type : ACT_GATHER_INFO
2014-08-22	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3008.nasl - Type : ACT_GATHER_INFO
2014-08-21	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-502.nasl - Type : ACT_GATHER_INFO
2014-08-21	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-503.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_29.nasl - Type : ACT_GATHER_INFO
2014-08-19	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d2a892b9260511e49da000a0986f28c4.nasl - Type : ACT_GATHER_INFO
2014-08-14	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_tomcat6-201407-140706.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1038.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1038.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1038.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140811_tomcat6_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-08-08	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1034.nasl - Type : ACT_GATHER_INFO
2014-08-08	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1034.nasl - Type : ACT_GATHER_INFO
2014-08-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1034.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140806_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-140721.nasl - Type : ACT_GATHER_INFO
2014-08-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-04	Name : The remote application server is affected by multiple vulnerabilities. File : websphere_8_0_0_9.nasl - Type : ACT_GATHER_INFO
2014-08-01	Name : The remote application server is affected by multiple vulnerabilities. File : websphere_7_0_0_33.nasl - Type : ACT_GATHER_INFO
2014-07-31	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2302-1.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0827.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-140720.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_81fc1076128611e4bebd000c2980a9f3.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-464.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0827.nasl - Type : ACT_GATHER_INFO
2014-07-17	Name : The remote host has a version of Oracle Secure Global Desktop that is affecte... File : oracle_secure_global_desktop_jul_2014_cpu.nasl - Type : ACT_GATHER_INFO
2014-07-16	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2278-1.nasl - Type : ACT_GATHER_INFO
2014-07-14	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-192-01.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0865.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-130.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-131.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0865.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0865.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140709_tomcat6_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2276-1.nasl - Type : ACT_GATHER_INFO
2014-07-09	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2974.nasl - Type : ACT_GATHER_INFO
2014-07-08	Name : The remote Fedora host is missing a security update. File : fedora_2014-7782.nasl - Type : ACT_GATHER_INFO
2014-07-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0826.nasl - Type : ACT_GATHER_INFO
2014-07-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0834.nasl - Type : ACT_GATHER_INFO
2014-07-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0835.nasl - Type : ACT_GATHER_INFO
2014-07-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0843.nasl - Type : ACT_GATHER_INFO
2014-07-06	Name : The remote Fedora host is missing a security update. File : fedora_2014-7992.nasl - Type : ACT_GATHER_INFO
2014-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2014-7765.nasl - Type : ACT_GATHER_INFO
2014-06-27	Name : The remote web server is running a version of PHP that is affected by multipl... File : php_5_4_30.nasl - Type : ACT_GATHER_INFO
2014-06-27	Name : The remote web server is running a version of PHP that is affected by multipl... File : php_5_5_14.nasl - Type : ACT_GATHER_INFO
2014-06-26	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-443.nasl - Type : ACT_GATHER_INFO
2014-06-26	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0783.nasl - Type : ACT_GATHER_INFO
2014-06-26	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2254-2.nasl - Type : ACT_GATHER_INFO
2014-06-24	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2254-1.nasl - Type : ACT_GATHER_INFO
2014-06-17	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2961.nasl - Type : ACT_GATHER_INFO
2014-05-30	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_41.nasl - Type : ACT_GATHER_INFO
2014-05-30	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_7_0_53.nasl - Type : ACT_GATHER_INFO
2014-05-30	Name : The remote Apache Tomcat server is affected by an information disclosure vuln... File : tomcat_7_0_54.nasl - Type : ACT_GATHER_INFO
2014-05-30	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_8_0_5.nasl - Type : ACT_GATHER_INFO
2014-05-30	Name : The remote Apache Tomcat server is affected by an information disclosure vuln... File : tomcat_8_0_8.nasl - Type : ACT_GATHER_INFO
2014-05-29	Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5_2.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Fedora host is missing a security update. File : fedora_2014-5004.nasl - Type : ACT_GATHER_INFO
2014-04-08	Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_27.nasl - Type : ACT_GATHER_INFO
2014-04-07	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140403_httpd_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-04-07	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140403_httpd_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-04-04	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0369.nasl - Type : ACT_GATHER_INFO
2014-04-04	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0370.nasl - Type : ACT_GATHER_INFO
2014-04-04	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0369.nasl - Type : ACT_GATHER_INFO
2014-04-04	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0370.nasl - Type : ACT_GATHER_INFO
2014-04-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0369.nasl - Type : ACT_GATHER_INFO
2014-04-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0370.nasl - Type : ACT_GATHER_INFO
2014-03-31	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-086-02.nasl - Type : ACT_GATHER_INFO
2014-03-31	Name : The remote Fedora host is missing a security update. File : fedora_2014-4555.nasl - Type : ACT_GATHER_INFO
2014-03-28	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-309.nasl - Type : ACT_GATHER_INFO
2014-03-25	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2152-1.nasl - Type : ACT_GATHER_INFO
2014-03-24	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_91ecb546b1e611e3980f20cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2014-03-21	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-065.nasl - Type : ACT_GATHER_INFO
2014-03-18	Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_4_8.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-09-08 17:21:27	First insertion

Global Informations

Type	Count
CWE ID(s)	9
Oval ID(s)	31
CPE ID(s)	1118
IAVM(s)	6
Snort® Rule(s)	16
Nessus® Exploit(s)	138

	Related
7.5	CVE-2014-3515
5.1	CVE-2014-4049
5	CVE-2014-3478
5	CVE-2014-0098
5	CVE-2014-0075
5	CVE-2013-6438
4.3	CVE-2014-3487
4.3	CVE-2014-3480
4.3	CVE-2014-3479
4.3	CVE-2014-0207
4.3	CVE-2014-0119
4.3	CVE-2014-0099
4.3	CVE-2014-0096
3.3	CVE-2014-3981
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 14 more Alert(s)