Test Kennung:	1.3.6.1.4.1.25623.1.0.103454
Kategorie:	VMware Local Security Checks
Titel:	VMware ESXi/ESX Third party component updates (VMSA-2011-0003.2)
Zusammenfassung:	The remote ESXi is missing one or more security related Updates from VMSA-2011-0003.2.
Beschreibung:	Summary: The remote ESXi is missing one or more security related Updates from VMSA-2011-0003.2. Vulnerability Insight: a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database solutions need not update for these issues. b. vCenter Apache Tomcat Management Application Credential Disclosure The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update. c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21 Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28 Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat f. vCenter Server third party component OpenSSL updated to version 0.9.8n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n. g. ESX third party component OpenSSL updated to version 0.9.8p The version of the ESX OpenSSL library is updated to 0.9.8p. h. ESXi third party component cURL updated The version of cURL library in ESXi is updated. i. ESX third party component pam_krb5 updated The version of pam_krb5 library is updated. j. ESX third party update for Service Console kernel The Service Console kernel is updated to include kernel version 2.6.18-194.11.1. Affected Software/OS: ESXi 4.1 without patch ESXi410-201101201-SG ESXi 4.0 without patch ESXi400-201103401-SG ESX 4.1 without patch ESX410-201101201-SG ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103403-SG Solution: Apply the missing patch(es). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2693 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 37944 http://www.securityfocus.com/bid/37944 Bugtraq: 20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration (Google Search) http://www.securityfocus.com/archive/1/509148/100/0/threaded Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search) http://www.securityfocus.com/archive/1/516397/100/0/threaded Debian Security Information: DSA-2207 (Google Search) http://www.debian.org/security/2011/dsa-2207 HPdes Security Advisory: HPSBMA02535 http://marc.info/?l=bugtraq&m=127420533226623&w=2 HPdes Security Advisory: HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPdes Security Advisory: HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 HPdes Security Advisory: HPSBUX02541 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100029 HPdes Security Advisory: SSRT100145 HPdes Security Advisory: SSRT100825 HPdes Security Advisory: SSRT101146 http://www.mandriva.com/security/advisories?name=MDVSA-2010:176 http://www.mandriva.com/security/advisories?name=MDVSA-2010:177 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017 http://www.redhat.com/support/errata/RHSA-2010-0119.html http://www.redhat.com/support/errata/RHSA-2010-0580.html http://www.redhat.com/support/errata/RHSA-2010-0582.html http://securitytracker.com/id?1023505 http://secunia.com/advisories/38316 http://secunia.com/advisories/38346 http://secunia.com/advisories/38541 http://secunia.com/advisories/38687 http://secunia.com/advisories/39317 http://secunia.com/advisories/40330 http://secunia.com/advisories/40813 http://secunia.com/advisories/43310 http://secunia.com/advisories/57126 SuSE Security Announcement: SUSE-SR:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html SuSE Security Announcement: openSUSE-SU-2012:1700 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html SuSE Security Announcement: openSUSE-SU-2012:1701 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html SuSE Security Announcement: openSUSE-SU-2013:0147 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://ubuntu.com/usn/usn-899-1 http://www.vupen.com/english/advisories/2010/0213 http://www.vupen.com/english/advisories/2010/1559 http://www.vupen.com/english/advisories/2010/1986 XForce ISS Database: tomcat-war-directory-traversal(55855) https://exchange.xforce.ibmcloud.com/vulnerabilities/55855 Common Vulnerability Exposure (CVE) ID: CVE-2009-2901 1023503 http://securitytracker.com/id?1023503 20100124 [SECURITY] CVE-2009-2901 Apache Tomcat insecure partial deploy after failed undeploy http://www.securityfocus.com/archive/1/509151/100/0/threaded 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX 37942 http://www.securityfocus.com/bid/37942 38316 38346 38541 39317 43310 57126 ADV-2010-0213 APPLE-SA-2010-03-29-1 HPSBMA02535 HPSBOV02762 HPSBST02955 MDVSA-2010:176 MDVSA-2010:177 SSRT100029 SSRT100825 SUSE-SR:2010:008 USN-899-1 [tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E http://support.apple.com/kb/HT4077 http://svn.apache.org/viewvc?rev=892815&view=rev http://svn.apache.org/viewvc?rev=902650&view=rev http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html openSUSE-SU-2012:1700 openSUSE-SU-2012:1701 openSUSE-SU-2013:0147 tomcat-autodeploy-security-bypass(55856) https://exchange.xforce.ibmcloud.com/vulnerabilities/55856 Common Vulnerability Exposure (CVE) ID: CVE-2009-2902 1023504 http://securitytracker.com/id?1023504 20100124 [SECURITY] CVE-2009-2902 Apache Tomcat unexpected file deletion in work directory http://www.securityfocus.com/archive/1/509150/100/0/threaded 37945 http://www.securityfocus.com/bid/37945 38687 40330 40813 ADV-2010-1559 ADV-2010-1986 DSA-2207 HPSBUX02541 HPSBUX02860 RHSA-2010:0119 RHSA-2010:0580 RHSA-2010:0582 SSRT100145 SSRT101146 apache-tomcat-war-directory-traversal(55857) https://exchange.xforce.ibmcloud.com/vulnerabilities/55857 oval:org.mitre.oval:def:19431 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19431 oval:org.mitre.oval:def:7092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7092 Common Vulnerability Exposure (CVE) ID: CVE-2009-3548 BugTraq ID: 36954 http://www.securityfocus.com/bid/36954 Bugtraq: 20091109 [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password (Google Search) http://www.securityfocus.com/archive/1/507720/100/0/threaded http://markmail.org/thread/wfu4nff5chvkb6xp https://lists.apache.org/thread.html/df497a37fbf98e38d4c83e44829745fe9851b5fde928409c950f80e6@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7033 http://www.securitytracker.com/id?1023146 http://www.vupen.com/english/advisories/2009/3185 XForce ISS Database: tomcat-admin-default-password(54182) https://exchange.xforce.ibmcloud.com/vulnerabilities/54182 Common Vulnerability Exposure (CVE) ID: CVE-2010-2227 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html BugTraq ID: 41544 http://www.securityfocus.com/bid/41544 Bugtraq: 20100709 [SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability (Google Search) http://www.securityfocus.com/archive/1/512272/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050214.html HPdes Security Advisory: HPSBUX02579 http://marc.info/?l=bugtraq&m=129070310906557&w=2 HPdes Security Advisory: SSRT100203 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18532 http://www.redhat.com/support/errata/RHSA-2010-0581.html http://www.redhat.com/support/errata/RHSA-2010-0583.html http://securitytracker.com/id?1024180 http://secunia.com/advisories/41025 http://secunia.com/advisories/42079 http://secunia.com/advisories/42368 http://secunia.com/advisories/42454 http://secunia.com/advisories/44183 SuSE Security Announcement: SUSE-SR:2010:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://www.vupen.com/english/advisories/2010/2868 http://www.vupen.com/english/advisories/2010/3056 XForce ISS Database: tomcat-transferencoding-dos(60264) https://exchange.xforce.ibmcloud.com/vulnerabilities/60264 Common Vulnerability Exposure (CVE) ID: CVE-2010-1157 20100421 [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability http://www.securityfocus.com/archive/1/510879/100/0/threaded 39574 http://secunia.com/advisories/39574 39635 http://www.securityfocus.com/bid/39635 42368 ADV-2010-0980 http://www.vupen.com/english/advisories/2010/0980 ADV-2010-3056 APPLE-SA-2011-10-12-3 HPSBUX02579 RHSA-2011:0896 http://www.redhat.com/support/errata/RHSA-2011-0896.html RHSA-2011:0897 http://www.redhat.com/support/errata/RHSA-2011-0897.html SSRT100203 SUSE-SR:2010:017 http://support.apple.com/kb/HT5002 http://svn.apache.org/viewvc?view=revision&revision=936540 http://svn.apache.org/viewvc?view=revision&revision=936541 oval:org.mitre.oval:def:19492 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19492 Common Vulnerability Exposure (CVE) ID: CVE-2010-2928 http://osvdb.org/70859 http://secunia.com/advisories/43307 http://securityreason.com/securityalert/8079 Common Vulnerability Exposure (CVE) ID: CVE-2010-0734 20101027 rPSA-2010-0072-1 curl http://www.securityfocus.com/archive/1/514490/100/0/threaded 38843 http://secunia.com/advisories/38843 38981 http://secunia.com/advisories/38981 39087 http://secunia.com/advisories/39087 39734 http://secunia.com/advisories/39734 40220 http://secunia.com/advisories/40220 45047 http://secunia.com/advisories/45047 48256 http://secunia.com/advisories/48256 ADV-2010-0571 http://www.vupen.com/english/advisories/2010/0571 ADV-2010-0602 http://www.vupen.com/english/advisories/2010/0602 ADV-2010-0660 http://www.vupen.com/english/advisories/2010/0660 ADV-2010-0725 http://www.vupen.com/english/advisories/2010/0725 ADV-2010-1481 http://www.vupen.com/english/advisories/2010/1481 APPLE-SA-2010-06-15-1 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html DSA-2023 http://www.debian.org/security/2010/dsa-2023 FEDORA-2010-2720 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037143.html FEDORA-2010-2762 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036744.html GLSA-201203-02 http://security.gentoo.org/glsa/glsa-201203-02.xml MDVSA-2010:062 http://www.mandriva.com/security/advisories?name=MDVSA-2010:062 RHSA-2010:0329 http://www.redhat.com/support/errata/RHSA-2010-0329.html USN-1158-1 http://www.ubuntu.com/usn/USN-1158-1 [oss-security] 20100209 CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/02/09/5 [oss-security] 20100309 Re: CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/03/09/1 [oss-security] 20100316 Re: CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/03/16/11 http://curl.haxx.se/docs/adv_20100209.html http://curl.haxx.se/docs/security.html#20100209 http://curl.haxx.se/libcurl-contentencoding.patch http://support.apple.com/kb/HT4188 http://support.avaya.com/css/P8/documents/100081819 http://wiki.rpath.com/Advisories:rPSA-2010-0072 https://bugzilla.redhat.com/show_bug.cgi?id=563220 oval:org.mitre.oval:def:10760 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10760 oval:org.mitre.oval:def:6756 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6756 Common Vulnerability Exposure (CVE) ID: CVE-2010-1084 BugTraq ID: 38898 http://www.securityfocus.com/bid/38898 Debian Security Information: DSA-2053 (Google Search) http://www.debian.org/security/2010/dsa-2053 http://security-tracker.debian.org/tracker/CVE-2010-1084 http://www.openwall.com/lists/oss-security/2010/03/23/1 http://www.redhat.com/support/errata/RHSA-2010-0610.html http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 Common Vulnerability Exposure (CVE) ID: CVE-2010-2066 43315 RHSA-2010:0610 SUSE-SA:2010:033 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html USN-1000-1 http://www.ubuntu.com/usn/USN-1000-1 [oss-security] 20100607 CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files http://www.openwall.com/lists/oss-security/2010/06/07/1 [oss-security] 20100609 Re: CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files http://www.openwall.com/lists/oss-security/2010/06/09/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 https://bugzilla.redhat.com/show_bug.cgi?id=601006 Common Vulnerability Exposure (CVE) ID: CVE-2010-2070 40776 http://www.securityfocus.com/bid/40776 65541 http://osvdb.org/65541 [oss-security] 20100611 CVE-2010-2070 kernel-xen: ia64-xen: unset be from the task psr http://www.openwall.com/lists/oss-security/2010/06/10/2 http://xenbits.xensource.com/xen-4.0-testing.hg?rev/42caadb14edb https://bugzilla.redhat.com/show_bug.cgi?id=586415 xen-faults-dos(59373) https://exchange.xforce.ibmcloud.com/vulnerabilities/59373 Common Vulnerability Exposure (CVE) ID: CVE-2010-2226 40920 http://www.securityfocus.com/bid/40920 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 DSA-2094 http://www.debian.org/security/2010/dsa-2094 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 SUSE-SA:2010:060 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html [oss-security] 20100617 CVE request - kernel: xfs swapext ioctl issue http://marc.info/?l=oss-security&m=127677135609357&w=2 [oss-security] 20100618 Re: CVE request - kernel: xfs swapext ioctl issue http://marc.info/?l=oss-security&m=127687486331790&w=2 [xfs] 20100616 Re: [Security] XFS swapext ioctl minor security issues http://archives.free.net.ph/message/20100616.130710.301704aa.en.html http://archives.free.net.ph/message/20100616.135735.40f53a32.en.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1817176a86352f65210139d4c794ad2d19fc6b63 https://bugzilla.redhat.com/show_bug.cgi?id=605158 Common Vulnerability Exposure (CVE) ID: CVE-2010-2248 1024285 http://securitytracker.com/id?1024285 42242 http://www.securityfocus.com/bid/42242 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 RHSA-2010:0606 https://rhn.redhat.com/errata/RHSA-2010-0606.html [oss-security] 20100628 CVE request - kernel: cifs: Fix a kernel BUG with remote OS/2 server http://www.openwall.com/lists/oss-security/2010/06/28/1 [oss-security] 20100628 Re: CVE request - kernel: cifs: Fix a kernel BUG with remote OS/2 server http://www.openwall.com/lists/oss-security/2010/06/28/6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6513a81e9325d712f1bfb9a1d7b750134e49ff18 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc4 https://bugzilla.redhat.com/show_bug.cgi?id=608583 Common Vulnerability Exposure (CVE) ID: CVE-2010-2521 1024286 http://securitytracker.com/id?1024286 42249 http://www.securityfocus.com/bid/42249 ADV-2010-3050 http://www.vupen.com/english/advisories/2010/3050 RHSA-2010:0893 http://www.redhat.com/support/errata/RHSA-2010-0893.html RHSA-2010:0907 http://www.redhat.com/support/errata/RHSA-2010-0907.html SUSE-SA:2010:040 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html [oss-security] 20100707 CVE request - kernel: nfsd4: bug in read_buf http://www.openwall.com/lists/oss-security/2010/07/07/1 [oss-security] 20100708 Re: CVE request - kernel: nfsd4: bug in read_buf http://www.openwall.com/lists/oss-security/2010/07/09/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2bc3c1179c781b359d4f2f3439cb3df72afc17fc http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=612028 Common Vulnerability Exposure (CVE) ID: CVE-2010-2524 MDVSA-2010:172 http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 [oss-security] 20100802 CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128072090331700&w=2 [oss-security] 20100802 Re: CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128078387328921&w=2 [oss-security] 20100803 Re: CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128080755321157&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7 https://bugzilla.redhat.com/show_bug.cgi?id=612166 Common Vulnerability Exposure (CVE) ID: CVE-2010-0008 39295 http://secunia.com/advisories/39295 RHSA-2010:0146 https://rhn.redhat.com/errata/RHSA-2010-0146.html RHSA-2010:0147 http://www.redhat.com/support/errata/RHSA-2010-0147.html RHSA-2010:0342 http://www.redhat.com/support/errata/RHSA-2010-0342.html [oss-security] 20100317 CVE-2010-0008 kernel: sctp remote denial of service http://www.openwall.com/lists/oss-security/2010/03/17/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23 https://bugzilla.redhat.com/show_bug.cgi?id=555658 oval:org.mitre.oval:def:11160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11160 Common Vulnerability Exposure (CVE) ID: CVE-2010-0415 38144 http://www.securityfocus.com/bid/38144 38492 http://secunia.com/advisories/38492 38557 http://secunia.com/advisories/38557 38779 http://secunia.com/advisories/38779 38922 http://secunia.com/advisories/38922 39033 http://secunia.com/advisories/39033 ADV-2010-0638 http://www.vupen.com/english/advisories/2010/0638 DSA-1996 http://www.debian.org/security/2010/dsa-1996 DSA-2005 http://www.debian.org/security/2010/dsa-2005 FEDORA-2010-1787 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html FEDORA-2010-1804 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html MDVSA-2010:066 http://www.mandriva.com/security/advisories?name=MDVSA-2010:066 RHSA-2010:0161 http://www.redhat.com/support/errata/RHSA-2010-0161.html SUSE-SA:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html SUSE-SA:2010:018 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html USN-914-1 http://www.ubuntu.com/usn/USN-914-1 [oss-security] 20100207 CVE request: information leak / potential crash in sys_move_pages http://www.openwall.com/lists/oss-security/2010/02/07/1 [oss-security] 20100207 Re: CVE request: information leak / potential crash in sys_move_pages http://www.openwall.com/lists/oss-security/2010/02/07/2 [oss-security] 20100208 Re: CVE request: information leak / potential crash in sys_move_pages http://www.openwall.com/lists/oss-security/2010/02/08/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7 https://bugzilla.redhat.com/show_bug.cgi?id=562582 oval:org.mitre.oval:def:9399 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399 Common Vulnerability Exposure (CVE) ID: CVE-2010-0437 [oss-security] 20100211 CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference http://www.openwall.com/lists/oss-security/2010/02/11/1 [oss-security] 20100304 Re: CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference http://www.openwall.com/lists/oss-security/2010/03/04/4 http://bugzilla.kernel.org/show_bug.cgi?id=11469 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9b http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27 https://bugzilla.redhat.com/show_bug.cgi?id=563781 oval:org.mitre.oval:def:10061 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10061 Common Vulnerability Exposure (CVE) ID: CVE-2009-4308 Debian Security Information: DSA-2005 (Google Search) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11103 http://secunia.com/advisories/37658 http://secunia.com/advisories/38017 http://secunia.com/advisories/38276 SuSE Security Announcement: SUSE-SA:2010:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html SuSE Security Announcement: SUSE-SA:2010:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html SuSE Security Announcement: SUSE-SA:2010:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2010-0003 37724 http://www.securityfocus.com/bid/37724 38333 http://secunia.com/advisories/38333 FEDORA-2010-0919 http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html SUSE-SA:2010:010 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html SUSE-SA:2010:012 [oss-security] 20100112 CVE request - kernel: infoleak if print-fatal-signals=1 http://www.openwall.com/lists/oss-security/2010/01/12/1 [oss-security] 20100113 Re: CVE request - kernel: infoleak if print-fatal-signals=1 http://www.openwall.com/lists/oss-security/2010/01/13/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0 http://patchwork.kernel.org/patch/69752/ http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4 https://bugzilla.redhat.com/show_bug.cgi?id=554578 oval:org.mitre.oval:def:10550 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550 Common Vulnerability Exposure (CVE) ID: CVE-2010-0007 37762 http://www.securityfocus.com/bid/37762 38133 http://secunia.com/advisories/38133 38296 http://secunia.com/advisories/38296 ADV-2010-0109 http://www.vupen.com/english/advisories/2010/0109 SUSE-SA:2010:007 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html SUSE-SA:2010:013 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html [oss-security] 20100113 CVE Request: kernel ebtables perm check http://www.openwall.com/lists/oss-security/2010/01/14/1 [oss-security] 20100114 Re: CVE Request: kernel ebtables perm check http://www.openwall.com/lists/oss-security/2010/01/14/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dce766af541f6605fa9889892c0280bab31c66ab http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc4 https://bugzilla.redhat.com/show_bug.cgi?id=555238 kernel-ebtables-security-bypass(55602) https://exchange.xforce.ibmcloud.com/vulnerabilities/55602 oval:org.mitre.oval:def:9630 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9630 Common Vulnerability Exposure (CVE) ID: CVE-2010-0307 38027 http://www.securityfocus.com/bid/38027 39649 http://secunia.com/advisories/39649 RHSA-2010:0398 http://www.redhat.com/support/errata/RHSA-2010-0398.html RHSA-2010:0771 http://www.redhat.com/support/errata/RHSA-2010-0771.html [linux-mm] 20100128 DoS on x86_64 http://marc.info/?l=linux-mm&m=126466407724382&w=2 [oss-security] 20100201 CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/01/1 [oss-security] 20100201 Re: CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/01/5 [oss-security] 20100203 Re: CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/04/1 [oss-security] 20100204 Re: CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/04/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=221af7f87b97431e3ee21ce4b0e77d5411cf1549 http://marc.info/?t=126466700200002&r=1&w=2 http://support.avaya.com/css/P8/documents/100088287 http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of%2C20100202%2C15754.html http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8 https://bugzilla.redhat.com/show_bug.cgi?id=560547 oval:org.mitre.oval:def:10870 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10870 Common Vulnerability Exposure (CVE) ID: CVE-2010-1086 BugTraq ID: 38479 http://www.securityfocus.com/bid/38479 http://www.openwall.com/lists/oss-security/2010/03/01/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569 http://www.redhat.com/support/errata/RHSA-2010-0394.html http://secunia.com/advisories/39742 SuSE Security Announcement: SUSE-SA:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html SuSE Security Announcement: SUSE-SA:2010:023 (Google Search) http://www.novell.com/linux/security/advisories/2010_23_kernel.html Common Vulnerability Exposure (CVE) ID: CVE-2010-0410 38058 http://www.securityfocus.com/bid/38058 39742 MDVSA-2010:088 http://www.mandriva.com/security/advisories?name=MDVSA-2010:088 SUSE-SA:2010:019 SUSE-SA:2010:023 [oss-security] 20100203 CVE request: kernel OOM/crash in drivers/connector http://www.openwall.com/lists/oss-security/2010/02/03/1 [oss-security] 20100203 Re: CVE request: kernel OOM/crash in drivers/connector http://www.openwall.com/lists/oss-security/2010/02/03/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f98bfbd78c37c5946cc53089da32a5f741efdeb7 https://bugzilla.redhat.com/show_bug.cgi?id=561682 oval:org.mitre.oval:def:10903 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10903 Common Vulnerability Exposure (CVE) ID: CVE-2010-0730 39979 http://www.securityfocus.com/bid/39979 [oss-security] 20100507 CVE-2010-0730 xen: emulator instruction decoding inconsistency http://www.openwall.com/lists/oss-security/2010/05/07/1 https://bugzilla.redhat.com/show_bug.cgi?id=572971 oval:org.mitre.oval:def:11430 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11430 Common Vulnerability Exposure (CVE) ID: CVE-2010-1085 BugTraq ID: 38348 http://www.securityfocus.com/bid/38348 http://nctritech.net/bugreport.txt http://lkml.org/lkml/2010/2/5/322 http://www.openwall.com/lists/oss-security/2010/02/22/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10027 Common Vulnerability Exposure (CVE) ID: CVE-2010-0291 37906 http://www.securityfocus.com/bid/37906 [linux-kernel] 20091205 [RFC][PATCHSET] mremap/mmap mess http://marc.info/?l=linux-arch&m=126004438008670&w=2 [linux-kernel] 20100114 [PATCH 01/52] untangle the do_mremap() mess http://groups.google.com/group/linux.kernel/msg/895f20870532241e [oss-security] 20100119 CVE request - kernel: untangle the do_mremap() mess http://marc.info/?l=oss-security&m=126388181420690&w=2 [oss-security] 20100119 Re: CVE request - kernel: untangle the do_mremap() mess http://marc.info/?l=oss-security&m=126393370931972&w=2 [oss-security] 20100120 Re: CVE request - kernel: untangle the do_mremap() mess http://marc.info/?l=oss-security&m=126395874130875&w=2 http://marc.info/?l=oss-security&m=126396065732697&w=2 http://marc.info/?l=oss-security&m=126396609004884&w=2 http://marc.info/?l=oss-security&m=126399980216047&w=2 http://marc.info/?l=oss-security&m=126400443123998&w=2 [oss-security] 20100121 Re: CVE request - kernel: untangle the do_mremap() mess http://marc.info/?l=oss-security&m=126406814304720&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0067bd8a55862ac9dd212bd1c4f6f5bff1ca1301 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05d72faa6d13c9d857478a5d35c85db9adada685 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=097eed103862f9c6a97f2e415e21d1134017b135 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0ec62d290912bb4b989be7563851bc364ec73b56 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1a0ef85f84feb13f07b604fcf5b90ef7c2b5c82f http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2c6a10161d0b5fc047b5bd81b03693b9af99fab5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ea1d13f64efdf49319e86c87d9ba38c30902782 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=54f5de709984bae0d31d823ff03de755f9dcac54 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=564b3bffc619dcbdd160de597b0547a7017ea010 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=570dcf2c15463842e384eb597a87c1e39bead99b http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c7b49b3ecd48923eb64ff57e07a1cdb74782970 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9206de95b1ea68357996ec02be5db0638a0de2c1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=935874141df839c706cd6cdc438e85eb69d1525e http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=aa65607373a4daf2010e8c3867b6317619f3c1a3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bb52d6694002b9d632bb355f64daa045c6293a4e http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c4caa778157dbbf04116f0ac2111e389b5cd7a29 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e77414e0aad6a1b063ba5e5750c582c75327ea6a http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ecc1a8993751de4e82eb18640d631dae1f626bd6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f106af4e90eadd76cfc0b5325f659619e08fb762 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8b7256096a20436f6d0926747e3ac3d64c81d24 http://groups.google.co.jp/group/fa.linux.kernel/browse_thread/thread/8bf22336b1082090 https://bugzilla.redhat.com/show_bug.cgi?id=556703 oval:org.mitre.oval:def:11824 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11824 Common Vulnerability Exposure (CVE) ID: CVE-2010-0622 http://www.openwall.com/lists/oss-security/2010/02/09/2 http://www.openwall.com/lists/oss-security/2010/02/11/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9655 http://secunia.com/advisories/38905 SuSE Security Announcement: SUSE-SA:2010:014 (Google Search) SuSE Security Announcement: SUSE-SA:2010:018 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-1087 BugTraq ID: 39569 http://www.securityfocus.com/bid/39569 http://www.openwall.com/lists/oss-security/2010/03/03/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10442 http://secunia.com/advisories/40645 SuSE Security Announcement: SUSE-SA:2010:031 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://www.vupen.com/english/advisories/2010/1857 Common Vulnerability Exposure (CVE) ID: CVE-2010-1173 39830 40218 http://secunia.com/advisories/40218 DSA-2053 RHSA-2010:0474 http://www.redhat.com/support/errata/RHSA-2010-0474.html [netdev] 20100428 Re: [PATCH]: sctp: Fix skb_over_panic resulting from multiple invalid parameter errors (CVE-2010-1173) (v4) http://article.gmane.org/gmane.linux.network/159531 [oss-security] 20100429 CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors http://www.openwall.com/lists/oss-security/2010/04/29/1 [oss-security] 20100429 Re: CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors http://marc.info/?l=oss-security&m=127251068407878&w=2 http://www.openwall.com/lists/oss-security/2010/04/29/6 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=5fa782c2f5ef6c2e4f04d3e228412c9b4a4c8809 http://kbase.redhat.com/faq/docs/DOC-31052 https://bugzilla.redhat.com/show_bug.cgi?id=584645 oval:org.mitre.oval:def:11416 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11416 Common Vulnerability Exposure (CVE) ID: CVE-2010-1437 39719 http://www.securityfocus.com/bid/39719 40645 ADV-2010-1857 SUSE-SA:2010:031 [linux-kernel] 20100422 [PATCH 0/1][BUG][IMPORTANT] KEYRINGS: find_keyring_by_name() can gain the freed keyring http://marc.info/?l=linux-kernel&m=127192182917857&w=2 [linux-kernel] 20100430 [PATCH 2/7] KEYS: find_keyring_by_name() can gain access to a freed keyring http://marc.info/?l=linux-kernel&m=127274294622730&w=2 [linux-kernel] 20100503 Re: [PATCH 2/7] KEYS: find_keyring_by_name() can gain access to a freed keyring http://marc.info/?l=linux-kernel&m=127292492727029&w=2 [oss-security] 20100427 CVE request - kernel: find_keyring_by_name() can gain the freed keyring http://www.openwall.com/lists/oss-security/2010/04/27/2 [oss-security] 20100427 Re: CVE request - kernel: find_keyring_by_name() can gain the freed keyring http://www.openwall.com/lists/oss-security/2010/04/28/2 https://bugzilla.redhat.com/show_bug.cgi?id=585094 https://patchwork.kernel.org/patch/94038/ https://patchwork.kernel.org/patch/94664/ kernel-findkeyringbyname-dos(58254) https://exchange.xforce.ibmcloud.com/vulnerabilities/58254 oval:org.mitre.oval:def:9715 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9715 Common Vulnerability Exposure (CVE) ID: CVE-2010-1088 BugTraq ID: 39044 http://www.securityfocus.com/bid/39044 http://www.openwall.com/lists/oss-security/2010/02/24/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10093 Common Vulnerability Exposure (CVE) ID: CVE-2010-1187 BugTraq ID: 39120 http://www.securityfocus.com/bid/39120 http://www.openwall.com/lists/oss-security/2010/03/30/1 http://www.openwall.com/lists/oss-security/2010/03/31/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9832 Common Vulnerability Exposure (CVE) ID: CVE-2010-1436 [oss-security] 20100427 CVE request - gfs2 kernel issue http://www.openwall.com/lists/oss-security/2010/04/27/1 [oss-security] 20100427 Re: CVE request - gfs2 kernel issue http://www.openwall.com/lists/oss-security/2010/04/28/1 https://bugzilla.redhat.com/show_bug.cgi?id=586006 kernel-gfs2quota-dos(58839) https://exchange.xforce.ibmcloud.com/vulnerabilities/58839 oval:org.mitre.oval:def:10652 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10652 Common Vulnerability Exposure (CVE) ID: CVE-2010-1641 40356 http://www.securityfocus.com/bid/40356 [cluster-devel] 20100525 [PATCH 3/3] GFS2: Fix permissions checking for setflags ioctl() https://www.redhat.com/archives/cluster-devel/2010-May/msg00049.html [oss-security] 20100525 CVE request - kernel: GFS2: The setflags ioctl() doesn't check file ownership http://www.openwall.com/lists/oss-security/2010/05/25/1 [oss-security] 20100525 Re: CVE request - kernel: GFS2: The setflags ioctl() doesn't check file ownership http://www.openwall.com/lists/oss-security/2010/05/25/12 [oss-security] 20100526 Re: CVE request - kernel: GFS2: The setflags ioctl() doesn't check file ownership http://www.openwall.com/lists/oss-security/2010/05/26/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7df0e0397b9a18358573274db9fdab991941062f http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/incr/patch-2.6.34-git9-git10.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=595579 kernel-gfs2-security-bypass(58926) https://exchange.xforce.ibmcloud.com/vulnerabilities/58926 oval:org.mitre.oval:def:9916 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9916 Common Vulnerability Exposure (CVE) ID: CVE-2010-3081 20100916 Ac1db1tch3z vs x86_64 Linux Kernel http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html 20100916 Workaround for Ac1db1tch3z exploit. http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html 20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne http://www.securityfocus.com/archive/1/514938/30/30/threaded 42384 http://secunia.com/advisories/42384 ADV-2010-3083 http://www.vupen.com/english/advisories/2010/3083 ADV-2010-3117 http://www.vupen.com/english/advisories/2010/3117 MDVSA-2010:214 http://www.mandriva.com/security/advisories?name=MDVSA-2010:214 MDVSA-2010:247 http://www.mandriva.com/security/advisories?name=MDVSA-2010:247 RHSA-2010:0758 http://www.redhat.com/support/errata/RHSA-2010-0758.html RHSA-2010:0842 http://www.redhat.com/support/errata/RHSA-2010-0842.html RHSA-2010:0882 http://www.redhat.com/support/errata/RHSA-2010-0882.html SUSE-SA:2010:050 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html [oss-security] 20100916 CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow http://marc.info/?l=oss-security&m=128461522230211&w=2 http://blog.ksplice.com/2010/09/cve-2010-3081/ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6 http://isc.sans.edu/diary.html?storyid=9574 http://sota.gen.nz/compat1/ http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log http://www.vmware.com/security/advisories/VMSA-2010-0017.html https://access.redhat.com/kb/docs/DOC-40265 https://bugzilla.redhat.com/show_bug.cgi?id=634457 Common Vulnerability Exposure (CVE) ID: CVE-2010-2240 1024344 http://securitytracker.com/id?1024344 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://www.securityfocus.com/archive/1/517739/100/0/threaded RHSA-2010:0660 http://www.redhat.com/support/errata/RHSA-2010-0660.html RHSA-2010:0661 https://rhn.redhat.com/errata/RHSA-2010-0661.html RHSA-2010:0670 http://www.redhat.com/support/errata/RHSA-2010-0670.html [security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2 http://www.vmware.com/security/advisories/VMSA-2011-0007.html http://www.vmware.com/security/advisories/VMSA-2011-0009.html https://bugzilla.redhat.com/show_bug.cgi?id=606611 oval:org.mitre.oval:def:13247 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247 Common Vulnerability Exposure (CVE) ID: CVE-2008-5416 BugTraq ID: 32710 http://www.securityfocus.com/bid/32710 Bugtraq: 20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability (Google Search) http://www.securityfocus.com/archive/1/499042/100/0/threaded Bugtraq: 20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209) (Google Search) http://www.securityfocus.com/archive/1/499085/100/0/threaded Cert/CC Advisory: TA09-041A http://www.us-cert.gov/cas/techalerts/TA09-041A.html CERT/CC vulnerability note: VU#696644 http://www.kb.cert.org/vuls/id/696644 https://www.exploit-db.com/exploits/7501 http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt Microsoft Security Bulletin: MS09-004 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004 http://osvdb.org/50917 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217 http://securitytracker.com/id?1021363 http://securitytracker.com/id?1021490 http://secunia.com/advisories/33034 http://securityreason.com/securityalert/4706 http://www.vupen.com/english/advisories/2008/3380 XForce ISS Database: mssql-spreplwritetovarbin-bo(47182) https://exchange.xforce.ibmcloud.com/vulnerabilities/47182 Common Vulnerability Exposure (CVE) ID: CVE-2008-0085 Cert/CC Advisory: TA08-190A http://www.us-cert.gov/cas/techalerts/TA08-190A.html Microsoft Security Bulletin: MS08-040 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14213 http://www.securitytracker.com/id?1020441 http://secunia.com/advisories/30970 http://www.vupen.com/english/advisories/2008/2022/references Common Vulnerability Exposure (CVE) ID: CVE-2008-0086 Bugtraq: 20080708 Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/494082/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14052 Common Vulnerability Exposure (CVE) ID: CVE-2008-0107 BugTraq ID: 30119 http://www.securityfocus.com/bid/30119 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=723 http://www.insomniasec.com/advisories/ISVA-080709.1.htm https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13936 Common Vulnerability Exposure (CVE) ID: CVE-2008-0106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13785 Common Vulnerability Exposure (CVE) ID: CVE-2010-0740 1023748 http://www.securitytracker.com/id?1023748 39932 http://secunia.com/advisories/39932 42724 http://secunia.com/advisories/42724 42733 http://secunia.com/advisories/42733 43311 http://secunia.com/advisories/43311 ADV-2010-0710 http://www.vupen.com/english/advisories/2010/0710 ADV-2010-0839 http://www.vupen.com/english/advisories/2010/0839 ADV-2010-0933 http://www.vupen.com/english/advisories/2010/0933 ADV-2010-1216 http://www.vupen.com/english/advisories/2010/1216 APPLE-SA-2011-06-23-1 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html FEDORA-2010-5744 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html HPSBUX02517 http://marc.info/?l=bugtraq&m=127128920008563&w=2 HPSBUX02531 http://marc.info/?l=bugtraq&m=127557640302499&w=2 MDVSA-2010:076 http://www.mandriva.com/security/advisories?name=MDVSA-2010:076 SSRT100058 SSRT100108 [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc http://support.apple.com/kb/HT4723 http://www.openssl.org/news/secadv_20100324.txt https://kb.bluecoat.com/index?page=content&id=SA50 oval:org.mitre.oval:def:11731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731 Common Vulnerability Exposure (CVE) ID: CVE-2010-0433 39461 http://secunia.com/advisories/39461 ADV-2010-0916 http://www.vupen.com/english/advisories/2010/0916 FEDORA-2010-5357 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html [dovecot] 20100219 segfault - (imap|pop3)-login during nessus scan http://www.mail-archive.com/dovecot%40dovecot.org/msg26224.html [oss-security] 20100303 OpenSSL (with KRB5) remote crash - CVE-2010-0433 http://www.openwall.com/lists/oss-security/2010/03/03/5 http://cvs.openssl.org/chngview?cn=19374 http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7 http://www.openssl.org/news/changelog.html https://bugzilla.redhat.com/show_bug.cgi?id=567711 https://bugzilla.redhat.com/show_bug.cgi?id=569774 oval:org.mitre.oval:def:12260 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260 oval:org.mitre.oval:def:6718 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718 oval:org.mitre.oval:def:9856 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856 Common Vulnerability Exposure (CVE) ID: CVE-2010-3864 1024743 http://securitytracker.com/id?1024743 42241 http://secunia.com/advisories/42241 42243 http://secunia.com/advisories/42243 42309 http://secunia.com/advisories/42309 42336 http://secunia.com/advisories/42336 42352 http://secunia.com/advisories/42352 42397 http://secunia.com/advisories/42397 42413 http://secunia.com/advisories/42413 43312 http://secunia.com/advisories/43312 44269 http://secunia.com/advisories/44269 57353 http://secunia.com/advisories/57353 ADV-2010-3041 http://www.vupen.com/english/advisories/2010/3041 ADV-2010-3077 http://www.vupen.com/english/advisories/2010/3077 ADV-2010-3097 http://www.vupen.com/english/advisories/2010/3097 ADV-2010-3121 http://www.vupen.com/english/advisories/2010/3121 DSA-2125 http://www.debian.org/security/2010/dsa-2125 FEDORA-2010-17826 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html FEDORA-2010-17827 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html FEDORA-2010-17847 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html FreeBSD-SA-10:10 http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc HPSBGN02740 http://marc.info/?l=bugtraq&m=132828103218869&w=2 HPSBMA02658 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 HPSBOV02670 http://marc.info/?l=bugtraq&m=130497251507577&w=2 HPSBUX02638 http://marc.info/?l=bugtraq&m=129916880600544&w=2 RHSA-2010:0888 https://rhn.redhat.com/errata/RHSA-2010-0888.html SSA:2010-326-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793 SSRT100339 SSRT100413 SSRT100475 SSRT100741 SUSE-SR:2010:022 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html VU#737740 http://www.kb.cert.org/vuls/id/737740 http://blogs.sun.com/security/entry/cve_2010_3864_race_condition http://openssl.org/news/secadv_20101116.txt http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 http://www.adobe.com/support/security/bulletins/apsb11-11.html https://bugzilla.redhat.com/show_bug.cgi?id=649304 Common Vulnerability Exposure (CVE) ID: CVE-2010-2939 1024296 http://securitytracker.com/id?1024296 20100807 openssl-1.0.0a http://seclists.org/fulldisclosure/2010/Aug/84 40906 http://secunia.com/advisories/40906 41105 http://secunia.com/advisories/41105 ADV-2010-2038 http://www.vupen.com/english/advisories/2010/2038 ADV-2010-2229 http://www.vupen.com/english/advisories/2010/2229 DSA-2100 http://www.debian.org/security/2010/dsa-2100 HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 SSRT100409 SUSE-SR:2010:021 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html USN-1003-1 http://www.ubuntu.com/usn/USN-1003-1 [openssl-dev] 20100807 Re: openssl-1.0.0a and glibc detected sthg ;) http://www.mail-archive.com/openssl-dev%40openssl.org/msg28045.html [openssl-dev] 20100807 openssl-1.0.0a and glibc detected sthg ;) http://www.mail-archive.com/openssl-dev%40openssl.org/msg28043.html [openssl-dev] 20100808 Re: openssl-1.0.0a and glibc detected sthg ;) http://www.mail-archive.com/openssl-dev%40openssl.org/msg28049.html [oss-security] 20100812 Re: CVE Request: openssl double free http://www.openwall.com/lists/oss-security/2010/08/11/6 Common Vulnerability Exposure (CVE) ID: CVE-2009-3555 1021653 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1 1021752 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1 1023148 http://securitytracker.com/id?1023148 1023163 http://www.securitytracker.com/id?1023163 1023204 http://www.securitytracker.com/id?1023204 1023205 http://www.securitytracker.com/id?1023205 1023206 http://www.securitytracker.com/id?1023206 1023207 http://www.securitytracker.com/id?1023207 1023208 http://www.securitytracker.com/id?1023208 1023209 http://www.securitytracker.com/id?1023209 1023210 http://www.securitytracker.com/id?1023210 1023211 http://www.securitytracker.com/id?1023211 1023212 http://www.securitytracker.com/id?1023212 1023213 http://www.securitytracker.com/id?1023213 1023214 http://www.securitytracker.com/id?1023214 1023215 http://www.securitytracker.com/id?1023215 1023216 http://www.securitytracker.com/id?1023216 1023217 http://www.securitytracker.com/id?1023217 1023218 http://www.securitytracker.com/id?1023218 1023219 http://www.securitytracker.com/id?1023219 1023224 http://www.securitytracker.com/id?1023224 1023243 http://www.securitytracker.com/id?1023243 1023270 http://www.securitytracker.com/id?1023270 1023271 http://www.securitytracker.com/id?1023271 1023272 http://www.securitytracker.com/id?1023272 1023273 http://www.securitytracker.com/id?1023273 1023274 http://www.securitytracker.com/id?1023274 1023275 http://www.securitytracker.com/id?1023275 1023411 http://www.securitytracker.com/id?1023411 1023426 http://www.securitytracker.com/id?1023426 1023427 http://www.securitytracker.com/id?1023427 1023428 http://www.securitytracker.com/id?1023428 1024789 http://www.securitytracker.com/id?1024789 20091109 Transport Layer Security Renegotiation Vulnerability http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml 20091111 Re: SSL/TLS MiTM PoC http://seclists.org/fulldisclosure/2009/Nov/139 20091118 TLS / SSLv3 vulnerability explained (DRAFT) http://www.securityfocus.com/archive/1/507952/100/0/threaded 20091124 rPSA-2009-0155-1 httpd mod_ssl http://www.securityfocus.com/archive/1/508075/100/0/threaded 20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability) http://www.securityfocus.com/archive/1/508130/100/0/threaded 20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console http://www.securityfocus.com/archive/1/515055/100/0/threaded 20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html 273029 http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1 273350 http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1 274990 http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1 36935 http://www.securityfocus.com/bid/36935 37291 http://secunia.com/advisories/37291 37292 http://secunia.com/advisories/37292 37320 http://secunia.com/advisories/37320 37383 http://secunia.com/advisories/37383 37399 http://secunia.com/advisories/37399 37453 http://secunia.com/advisories/37453 37501 http://secunia.com/advisories/37501 37504 http://secunia.com/advisories/37504 37604 http://secunia.com/advisories/37604 37640 http://secunia.com/advisories/37640 37656 http://secunia.com/advisories/37656 37675 http://secunia.com/advisories/37675 37859 http://secunia.com/advisories/37859 38003 http://secunia.com/advisories/38003 38020 http://secunia.com/advisories/38020 38056 http://secunia.com/advisories/38056 38241 http://secunia.com/advisories/38241 38484 http://secunia.com/advisories/38484 38781 http://secunia.com/advisories/38781 39127 http://secunia.com/advisories/39127 39136 http://secunia.com/advisories/39136 39242 http://secunia.com/advisories/39242 39243 http://secunia.com/advisories/39243 39278 http://secunia.com/advisories/39278 39292 http://secunia.com/advisories/39292 39500 http://secunia.com/advisories/39500 39628 http://secunia.com/advisories/39628 39632 http://secunia.com/advisories/39632 39713 http://secunia.com/advisories/39713 39819 http://secunia.com/advisories/39819 40070 http://secunia.com/advisories/40070 40545 http://secunia.com/advisories/40545 40747 http://secunia.com/advisories/40747 40866 http://secunia.com/advisories/40866 41480 http://secunia.com/advisories/41480 41490 http://secunia.com/advisories/41490 41818 http://secunia.com/advisories/41818 41967 http://secunia.com/advisories/41967 41972 http://secunia.com/advisories/41972 42377 http://secunia.com/advisories/42377 42379 http://secunia.com/advisories/42379 42467 http://secunia.com/advisories/42467 42808 http://secunia.com/advisories/42808 42811 http://secunia.com/advisories/42811 42816 http://secunia.com/advisories/42816 43308 http://secunia.com/advisories/43308 44183 44954 http://secunia.com/advisories/44954 48577 http://secunia.com/advisories/48577 60521 http://osvdb.org/60521 60972 http://osvdb.org/60972 62210 http://osvdb.org/62210 65202 http://osvdb.org/65202 ADV-2009-3164 http://www.vupen.com/english/advisories/2009/3164 ADV-2009-3165 http://www.vupen.com/english/advisories/2009/3165 ADV-2009-3205 http://www.vupen.com/english/advisories/2009/3205 ADV-2009-3220 http://www.vupen.com/english/advisories/2009/3220 ADV-2009-3310 http://www.vupen.com/english/advisories/2009/3310 ADV-2009-3313 http://www.vupen.com/english/advisories/2009/3313 ADV-2009-3353 http://www.vupen.com/english/advisories/2009/3353 ADV-2009-3354 http://www.vupen.com/english/advisories/2009/3354 ADV-2009-3484 http://www.vupen.com/english/advisories/2009/3484 ADV-2009-3521 http://www.vupen.com/english/advisories/2009/3521 ADV-2009-3587 http://www.vupen.com/english/advisories/2009/3587 ADV-2010-0086 http://www.vupen.com/english/advisories/2010/0086 ADV-2010-0173 http://www.vupen.com/english/advisories/2010/0173 ADV-2010-0748 http://www.vupen.com/english/advisories/2010/0748 ADV-2010-0848 http://www.vupen.com/english/advisories/2010/0848 ADV-2010-0982 http://www.vupen.com/english/advisories/2010/0982 ADV-2010-0994 http://www.vupen.com/english/advisories/2010/0994 ADV-2010-1054 http://www.vupen.com/english/advisories/2010/1054 ADV-2010-1107 http://www.vupen.com/english/advisories/2010/1107 ADV-2010-1191 http://www.vupen.com/english/advisories/2010/1191 ADV-2010-1350 http://www.vupen.com/english/advisories/2010/1350 ADV-2010-1639 http://www.vupen.com/english/advisories/2010/1639 ADV-2010-1673 http://www.vupen.com/english/advisories/2010/1673 ADV-2010-1793 http://www.vupen.com/english/advisories/2010/1793 ADV-2010-2010 http://www.vupen.com/english/advisories/2010/2010 ADV-2010-2745 http://www.vupen.com/english/advisories/2010/2745 ADV-2010-3069 http://www.vupen.com/english/advisories/2010/3069 ADV-2010-3086 http://www.vupen.com/english/advisories/2010/3086 ADV-2010-3126 http://www.vupen.com/english/advisories/2010/3126 ADV-2011-0032 http://www.vupen.com/english/advisories/2011/0032 ADV-2011-0033 http://www.vupen.com/english/advisories/2011/0033 ADV-2011-0086 http://www.vupen.com/english/advisories/2011/0086 APPLE-SA-2010-01-19-1 http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html APPLE-SA-2010-05-18-1 http://lists.apple.com/archives/security-announce/2010//May/msg00001.html APPLE-SA-2010-05-18-2 http://lists.apple.com/archives/security-announce/2010//May/msg00002.html DSA-1934 http://www.debian.org/security/2009/dsa-1934 DSA-2141 http://www.debian.org/security/2011/dsa-2141 DSA-3253 http://www.debian.org/security/2015/dsa-3253 FEDORA-2009-12229 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html FEDORA-2009-12305 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html FEDORA-2009-12604 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html FEDORA-2009-12606 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html FEDORA-2009-12750 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html FEDORA-2009-12775 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html FEDORA-2009-12782 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html FEDORA-2009-12968 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html FEDORA-2010-16240 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html FEDORA-2010-16294 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html FEDORA-2010-16312 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html FEDORA-2010-5942 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html FEDORA-2010-6131 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html GLSA-200912-01 http://security.gentoo.org/glsa/glsa-200912-01.xml GLSA-201203-22 http://security.gentoo.org/glsa/glsa-201203-22.xml GLSA-201406-32 http://security.gentoo.org/glsa/glsa-201406-32.xml HPSBGN02562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041 HPSBHF02706 http://marc.info/?l=bugtraq&m=132077688910227&w=2 HPSBHF03293 http://marc.info/?l=bugtraq&m=142660345230545&w=2 HPSBMA02534 http://marc.info/?l=bugtraq&m=127419602507642&w=2 HPSBMA02547 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 HPSBMA02568 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 HPSBMU02759 http://www.securityfocus.com/archive/1/522176 HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPSBUX02482 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686 HPSBUX02498 http://marc.info/?l=bugtraq&m=126150535619567&w=2 HPSBUX02524 http://marc.info/?l=bugtraq&m=127557596201693&w=2 IC67848 http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848 IC68054 http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054 IC68055 http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055 MDVSA-2010:084 http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 MDVSA-2010:089 http://www.mandriva.com/security/advisories?name=MDVSA-2010:089 MS10-049 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049 PM00675 http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only PM12247 http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247 RHSA-2010:0130 http://www.redhat.com/support/errata/RHSA-2010-0130.html RHSA-2010:0155 http://www.redhat.com/support/errata/RHSA-2010-0155.html RHSA-2010:0165 http://www.redhat.com/support/errata/RHSA-2010-0165.html RHSA-2010:0167 http://www.redhat.com/support/errata/RHSA-2010-0167.html RHSA-2010:0337 http://www.redhat.com/support/errata/RHSA-2010-0337.html RHSA-2010:0338 http://www.redhat.com/support/errata/RHSA-2010-0338.html RHSA-2010:0339 http://www.redhat.com/support/errata/RHSA-2010-0339.html RHSA-2010:0768 http://www.redhat.com/support/errata/RHSA-2010-0768.html RHSA-2010:0770 http://www.redhat.com/support/errata/RHSA-2010-0770.html RHSA-2010:0786 http://www.redhat.com/support/errata/RHSA-2010-0786.html RHSA-2010:0807 http://www.redhat.com/support/errata/RHSA-2010-0807.html RHSA-2010:0865 http://www.redhat.com/support/errata/RHSA-2010-0865.html RHSA-2010:0986 http://www.redhat.com/support/errata/RHSA-2010-0986.html RHSA-2010:0987 http://www.redhat.com/support/errata/RHSA-2010-0987.html RHSA-2011:0880 http://www.redhat.com/support/errata/RHSA-2011-0880.html SSA:2009-320-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446 SSRT090180 SSRT090208 SSRT090249 SSRT090264 SSRT100089 SSRT100179 SSRT100219 SSRT100613 SSRT100817 SSRT101846 SUSE-SA:2009:057 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html SUSE-SA:2010:061 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html SUSE-SR:2010:011 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html SUSE-SR:2010:012 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html SUSE-SR:2010:013 http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html SUSE-SR:2010:019 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html SUSE-SR:2010:024 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html SUSE-SU-2011:0847 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html TA10-222A http://www.us-cert.gov/cas/techalerts/TA10-222A.html TA10-287A http://www.us-cert.gov/cas/techalerts/TA10-287A.html USN-1010-1 http://www.ubuntu.com/usn/USN-1010-1 USN-923-1 http://ubuntu.com/usn/usn-923-1 USN-927-1 http://www.ubuntu.com/usn/USN-927-1 USN-927-4 http://www.ubuntu.com/usn/USN-927-4 USN-927-5 http://www.ubuntu.com/usn/USN-927-5 VU#120541 http://www.kb.cert.org/vuls/id/120541 [4.5] 010: SECURITY FIX: November 26, 2009 http://openbsd.org/errata45.html#010_openssl [4.6] 004: SECURITY FIX: November 26, 2009 http://openbsd.org/errata46.html#004_openssl [announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2 [cryptography] 20091105 OpenSSL 0.9.8l released http://marc.info/?l=cryptography&m=125752275331877&w=2 [gnutls-devel] 20091105 Re: TLS renegotiation MITM http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html [oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/05/3 [oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/05/5 [oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/06/3 [oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/07/3 [oss-security] 20091120 CVEs for nginx http://www.openwall.com/lists/oss-security/2009/11/20/1 [oss-security] 20091123 Re: CVEs for nginx http://www.openwall.com/lists/oss-security/2009/11/23/10 [tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation http://www.ietf.org/mail-archive/web/tls/current/msg03928.html [tls] 20091104 TLS renegotiation issue http://www.ietf.org/mail-archive/web/tls/current/msg03948.html [tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html http://blogs.iss.net/archive/sslmitmiscsrf.html http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during http://clicky.me/tlsvuln http://extendedsubset.com/?p=8 http://extendedsubset.com/Renegotiating_TLS.pdf http://kbase.redhat.com/faq/docs/DOC-20491 http://support.apple.com/kb/HT4004 http://support.apple.com/kb/HT4170 http://support.apple.com/kb/HT4171 http://support.avaya.com/css/P8/documents/100070150 http://support.avaya.com/css/P8/documents/100081611 http://support.avaya.com/css/P8/documents/100114315 http://support.avaya.com/css/P8/documents/100114327 http://support.citrix.com/article/CTX123359 http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released http://sysoev.ru/nginx/patch.cve-2009-3555.txt http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html http://wiki.rpath.com/Advisories:rPSA-2009-0155 http://www-01.ibm.com/support/docview.wss?uid=swg21426108 http://www-01.ibm.com/support/docview.wss?uid=swg21432298 http://www-01.ibm.com/support/docview.wss?uid=swg24006386 http://www-01.ibm.com/support/docview.wss?uid=swg24025312 http://www.arubanetworks.com/support/alerts/aid-020810.txt http://www.betanews.com/article/1257452450 http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html http://www.ingate.com/Relnote.php?ver=481 http://www.links.org/?p=780 http://www.links.org/?p=786 http://www.links.org/?p=789 http://www.mozilla.org/security/announce/2010/mfsa2010-22.html http://www.openoffice.org/security/cves/CVE-2009-3555.html http://www.openssl.org/news/secadv_20091111.txt http://www.opera.com/docs/changelogs/unix/1060/ http://www.opera.com/support/search/view/944/ http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html http://www.tombom.co.uk/blog/?p=85 http://www.vmware.com/security/advisories/VMSA-2010-0019.html http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html https://bugzilla.mozilla.org/show_bug.cgi?id=526689 https://bugzilla.mozilla.org/show_bug.cgi?id=545755 https://bugzilla.redhat.com/show_bug.cgi?id=533125 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt openSUSE-SU-2011:0845 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html oval:org.mitre.oval:def:10088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088 oval:org.mitre.oval:def:11578 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578 oval:org.mitre.oval:def:11617 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617 oval:org.mitre.oval:def:7315 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315 oval:org.mitre.oval:def:7478 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478 oval:org.mitre.oval:def:7973 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973 oval:org.mitre.oval:def:8366 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366 oval:org.mitre.oval:def:8535 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535 tls-renegotiation-weak-security(54158) https://exchange.xforce.ibmcloud.com/vulnerabilities/54158 Common Vulnerability Exposure (CVE) ID: CVE-2010-0082 HPdes Security Advisory: HPSBMA02547 HPdes Security Advisory: HPSBMU02799 HPdes Security Advisory: HPSBUX02524 HPdes Security Advisory: SSRT100089 HPdes Security Advisory: SSRT100179 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11576 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13934 SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-0084 http://osvdb.org/63482 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11120 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14061 http://www.redhat.com/support/errata/RHSA-2010-0383.html http://www.redhat.com/support/errata/RHSA-2010-0471.html http://secunia.com/advisories/39659 http://www.vupen.com/english/advisories/2010/1454 Common Vulnerability Exposure (CVE) ID: CVE-2010-0085 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10474 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13803 Common Vulnerability Exposure (CVE) ID: CVE-2010-0087 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13959 Common Vulnerability Exposure (CVE) ID: CVE-2010-0088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11173 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14321 Common Vulnerability Exposure (CVE) ID: CVE-2010-0089 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14208 Common Vulnerability Exposure (CVE) ID: CVE-2010-0090 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14237 Common Vulnerability Exposure (CVE) ID: CVE-2010-0091 http://osvdb.org/63481 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13492 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9855 Common Vulnerability Exposure (CVE) ID: CVE-2010-0092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14210 Common Vulnerability Exposure (CVE) ID: CVE-2010-0093 http://osvdb.org/63485 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14288 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9877 Common Vulnerability Exposure (CVE) ID: CVE-2010-0094 Bugtraq: 20100405 ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510527/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10851 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14351 Common Vulnerability Exposure (CVE) ID: CVE-2010-0095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11621 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14105 Common Vulnerability Exposure (CVE) ID: CVE-2010-0837 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10680 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14276 Common Vulnerability Exposure (CVE) ID: CVE-2010-0838 BugTraq ID: 39069 http://www.securityfocus.com/bid/39069 Bugtraq: 20100405 ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510534/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-061 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10482 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13923 XForce ISS Database: javase-javab-java2d-unspecifed(57346) https://exchange.xforce.ibmcloud.com/vulnerabilities/57346 Common Vulnerability Exposure (CVE) ID: CVE-2010-0839 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13357 Common Vulnerability Exposure (CVE) ID: CVE-2010-0840 BugTraq ID: 39065 http://www.securityfocus.com/bid/39065 Bugtraq: 20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510528/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-056 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974 http://www.redhat.com/support/errata/RHSA-2010-0489.html http://secunia.com/advisories/40211 http://www.vupen.com/english/advisories/2010/1523 Common Vulnerability Exposure (CVE) ID: CVE-2010-0841 BugTraq ID: 39067 http://www.securityfocus.com/bid/39067 Bugtraq: 20100405 ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510531/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-054/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14144 Common Vulnerability Exposure (CVE) ID: CVE-2010-0842 BugTraq ID: 39077 http://www.securityfocus.com/bid/39077 Bugtraq: 20100405 ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510532/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-060 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14101 Common Vulnerability Exposure (CVE) ID: CVE-2010-0843 BugTraq ID: 39083 http://www.securityfocus.com/bid/39083 Bugtraq: 20100405 ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability (Google Search) http://seclists.org/bugtraq/2010/Apr/41 http://www.zerodayinitiative.com/advisories/ZDI-10-052/ http://osvdb.org/63492 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14092 Common Vulnerability Exposure (CVE) ID: CVE-2010-0844 Bugtraq: 20100405 ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510529/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-053 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14282 Common Vulnerability Exposure (CVE) ID: CVE-2010-0845 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14521 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9896 Common Vulnerability Exposure (CVE) ID: CVE-2010-0846 BugTraq ID: 39062 http://www.securityfocus.com/bid/39062 Bugtraq: 20100405 ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510541/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14503 Common Vulnerability Exposure (CVE) ID: CVE-2010-0847 BugTraq ID: 39071 http://www.securityfocus.com/bid/39071 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=865 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14453 Common Vulnerability Exposure (CVE) ID: CVE-2010-0848 BugTraq ID: 39078 http://www.securityfocus.com/bid/39078 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14350 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9899 Common Vulnerability Exposure (CVE) ID: CVE-2010-0849 BugTraq ID: 39073 http://www.securityfocus.com/bid/39073 Bugtraq: 20100405 ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510548/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-057/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13795 Common Vulnerability Exposure (CVE) ID: CVE-2010-0850 Common Vulnerability Exposure (CVE) ID: CVE-2010-0886 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14216 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1022294.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-279590-1 Common Vulnerability Exposure (CVE) ID: CVE-2010-3556 BugTraq ID: 43971 http://www.securityfocus.com/bid/43971 HPdes Security Advisory: HPSBUX02608 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 HPdes Security Advisory: SSRT100333 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11815 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12523 http://www.redhat.com/support/errata/RHSA-2010-0873.html http://secunia.com/advisories/42974 SuSE Security Announcement: SUSE-SA:2010:061 (Google Search) SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-3566 BugTraq ID: 43988 http://www.securityfocus.com/bid/43988 http://www.zerodayinitiative.com/advisories/ZDI-10-204/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11560 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12225 Common Vulnerability Exposure (CVE) ID: CVE-2010-3567 BugTraq ID: 43992 http://www.securityfocus.com/bid/43992 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11714 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12153 Common Vulnerability Exposure (CVE) ID: CVE-2010-3550 BugTraq ID: 44040 http://www.securityfocus.com/bid/44040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11619 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12422 Common Vulnerability Exposure (CVE) ID: CVE-2010-3561 BugTraq ID: 44013 http://www.securityfocus.com/bid/44013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12200 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12437 Common Vulnerability Exposure (CVE) ID: CVE-2010-3573 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12220 Common Vulnerability Exposure (CVE) ID: CVE-2010-3565 BugTraq ID: 43985 http://www.securityfocus.com/bid/43985 http://www.zerodayinitiative.com/advisories/ZDI-10-205/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12180 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12294 Common Vulnerability Exposure (CVE) ID: CVE-2010-3568 BugTraq ID: 44012 http://www.securityfocus.com/bid/44012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12029 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12206 Common Vulnerability Exposure (CVE) ID: CVE-2010-3569 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12226 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12234 Common Vulnerability Exposure (CVE) ID: CVE-2010-1321 BugTraq ID: 40235 http://www.securityfocus.com/bid/40235 Bugtraq: 20100518 MITKRB5-SA-2010-005 [CVE-2010-1321] GSS-API lib null pointer deref (Google Search) http://www.securityfocus.com/archive/1/511331/100/0/threaded Cert/CC Advisory: TA10-287A Cert/CC Advisory: TA11-201A http://www.us-cert.gov/cas/techalerts/TA11-201A.html Debian Security Information: DSA-2052 (Google Search) http://www.debian.org/security/2010/dsa-2052 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html HPdes Security Advisory: HPSBUX02544 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 HPdes Security Advisory: SSRT100107 http://www.mandriva.com/security/advisories?name=MDVSA-2010:100 http://osvdb.org/64744 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11604 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7198 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7450 http://www.redhat.com/support/errata/RHSA-2010-0423.html http://www.redhat.com/support/errata/RHSA-2010-0935.html http://www.redhat.com/support/errata/RHSA-2011-0152.html http://secunia.com/advisories/39762 http://secunia.com/advisories/39784 http://secunia.com/advisories/39799 http://secunia.com/advisories/39818 http://secunia.com/advisories/39849 http://secunia.com/advisories/40346 http://secunia.com/advisories/40685 http://secunia.com/advisories/42432 http://secunia.com/advisories/43335 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) SuSE Security Announcement: SUSE-SR:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html http://www.ubuntu.com/usn/USN-940-1 http://www.ubuntu.com/usn/USN-940-2 http://www.vupen.com/english/advisories/2010/1177 http://www.vupen.com/english/advisories/2010/1192 http://www.vupen.com/english/advisories/2010/1193 http://www.vupen.com/english/advisories/2010/1196 http://www.vupen.com/english/advisories/2010/1222 http://www.vupen.com/english/advisories/2010/1574 http://www.vupen.com/english/advisories/2010/1882 http://www.vupen.com/english/advisories/2010/3112 http://www.vupen.com/english/advisories/2011/0134 Common Vulnerability Exposure (CVE) ID: CVE-2010-3548 BugTraq ID: 44017 http://www.securityfocus.com/bid/44017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475 Common Vulnerability Exposure (CVE) ID: CVE-2010-3551 BugTraq ID: 44009 http://www.securityfocus.com/bid/44009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11330 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12458 Common Vulnerability Exposure (CVE) ID: CVE-2010-3562 BugTraq ID: 43979 http://www.securityfocus.com/bid/43979 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11893 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12450 Common Vulnerability Exposure (CVE) ID: CVE-2010-3571 BugTraq ID: 43965 http://www.securityfocus.com/bid/43965 http://www.zerodayinitiative.com/advisories/ZDI-10-203/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12177 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12285 http://www.redhat.com/support/errata/RHSA-2011-0169.html http://secunia.com/advisories/43005 http://www.vupen.com/english/advisories/2011/0183 Common Vulnerability Exposure (CVE) ID: CVE-2010-3554 BugTraq ID: 43994 http://www.securityfocus.com/bid/43994 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12189 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12449 Common Vulnerability Exposure (CVE) ID: CVE-2010-3559 BugTraq ID: 44026 http://www.securityfocus.com/bid/44026 http://www.zerodayinitiative.com/advisories/ZDI-10-208/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11880 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12556 Common Vulnerability Exposure (CVE) ID: CVE-2010-3572 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12240 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12544 Common Vulnerability Exposure (CVE) ID: CVE-2010-3553 BugTraq ID: 44035 http://www.securityfocus.com/bid/44035 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545 Common Vulnerability Exposure (CVE) ID: CVE-2010-3549 BugTraq ID: 44027 http://www.securityfocus.com/bid/44027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11559 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14340 Common Vulnerability Exposure (CVE) ID: CVE-2010-3557 BugTraq ID: 44014 http://www.securityfocus.com/bid/44014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11268 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11930 Common Vulnerability Exposure (CVE) ID: CVE-2010-3541 BugTraq ID: 44032 http://www.securityfocus.com/bid/44032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12491 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14354 Common Vulnerability Exposure (CVE) ID: CVE-2010-3574 BugTraq ID: 44011 http://www.securityfocus.com/bid/44011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12367 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12462 http://www.vupen.com/english/advisories/2011/0143 Common Vulnerability Exposure (CVE) ID: CVE-2008-3825 1020978 http://www.securitytracker.com/id?1020978 31534 http://www.securityfocus.com/bid/31534 32119 http://secunia.com/advisories/32119 32135 http://secunia.com/advisories/32135 32174 http://secunia.com/advisories/32174 43314 http://secunia.com/advisories/43314 FEDORA-2008-8605 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00150.html FEDORA-2008-8618 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00166.html MDVSA-2008:209 http://www.mandriva.com/security/advisories?name=MDVSA-2008:209 RHSA-2008:0907 http://www.redhat.com/support/errata/RHSA-2008-0907.html SUSE-SR:2008:027 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html https://bugzilla.redhat.com/show_bug.cgi?id=461960 oval:org.mitre.oval:def:10923 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10923 pamkrb5-existingticket-privilege-escalation(45635) https://exchange.xforce.ibmcloud.com/vulnerabilities/45635 Common Vulnerability Exposure (CVE) ID: CVE-2009-1384 35112 http://www.securityfocus.com/bid/35112 35230 http://secunia.com/advisories/35230 54791 http://osvdb.org/54791 ADV-2009-1448 http://www.vupen.com/english/advisories/2009/1448 MDVSA-2010:054 http://www.mandriva.com/security/advisories?name=MDVSA-2010:054 [oss-security] 20090527 CVE assignment notification (pam_krb5 CVE-2009-1384) http://www.openwall.com/lists/oss-security/2009/05/27/1 https://bugzilla.redhat.com/show_bug.cgi?id=502602 oval:org.mitre.oval:def:7081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7081 oval:org.mitre.oval:def:9652 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9652
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.