79.9.36.155
{
"scan_id": 1754936091,
"ip": "79.9.36.155",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "79.9.36.128/27",
"postal_code": "59013",
"coordinates": {
"latitude": "43.9264",
"longitude": "11.033"
},
"geo_point": "43.9264, 11.033",
"locale_code": "en",
"continent": "Europe",
"country_code": "IT",
"country_name": "Italy",
"city": "Montemurlo"
},
"location_updated_at": "2025-08-12T02:21:05Z",
"asn": {
"number": "AS3269",
"organization": "TIM",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "79.9.0.0/17",
"organization": "NAS DHCP Pool BRESCIA",
"descr": "NAS DHCP Pool BRESCIA",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:31:14Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-08-12T02:21:05Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-08-12T07:01:18Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-08-12T02:21:05Z"
}
],
"hostnames": [
{
"name": "host-79-9-36-155.business.telecomitalia.it",
"last_updated_at": "2025-08-14T01:02:59.546206343Z"
}
],
"services": [
{
"port": 21,
"protocol": "tcp",
"name": "ftp",
"version": "0.9.41 beta",
"product": "FileZilla ftpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:filezilla-project:filezilla_server:0.9.41_beta",
"part": "a",
"vendor": "filezilla\\-project",
"product": "filezilla_server",
"version": "0\\.9\\.41_beta",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ftp": {
"banner": "220-FileZilla Server version 0.9.41 beta\r\n220-written by Tim Kosse ([email protected])\r\n220 Please visit http://sourceforge.net/projects/filezilla/\r\n"
}
},
"cve": [
{
"id": "CVE-2014-0160",
"score": 7.5,
"severity": "high"
},
{
"id": "CVE-2014-0224",
"score": 7.4,
"severity": "high"
},
{
"id": "CVE-2015-10003",
"score": 4.3,
"severity": "medium"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-11T02:45:52.622Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE html>\n<html>\n<head>\n \n \n\n <meta charset=\"utf-8\"/>\n <meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\" />\n <meta HTTP-EQUIV='Pragma' CONTENT='no-cache'>\n <meta HTTP-EQUIV='Cache-Control' CONTENT='no-cache'>\n <title>Logon - SINEMA Remote Connect</title>\n\n <link rel=\"stylesheet\" href=\"/static/css/normalize.css? 1755124659\"/>\n <link rel=\"stylesheet\" href=\"/static/css/layout.css? 1755124659\"/>\n <link rel=\"stylesheet\" href=\"/static/css/login.css? 1755124659\"/>\n <link rel=\"stylesheet\" href=\"/static/css/font-awesome.css? 1755124659\"/>\n\n <script type=\"text/javascript\" src=\"/static/js/jquery.js\"></script>\n <script type=\"text/javascript\" src=\"/static/js/sinemarc.js\"></script>\n</head>\n<body>\n\n \n\n\n\n<div class=\"header clearfix\">\n <img src=\"/static/img/logo.gif\" alt=\"SIEMENS\" class=\"logo\"/>\n <span class=\"product-name\">SINEMA Remote Connect</span>\n\n <div class=\"language-selector\">\n <form action=\"/i18n/setlang/\" method=\"POST\">\n <input type='hidden' name='csrfmiddlewaretoken' value='z3mvweEsAdt4KXsue2QgTdXvxLNfhicF' />\n\n <label for=\"id_language_selector\">Language</label>:\n <select id=\"id_language_selector\" name=\"language\" onChange=\"submit()\">\n \n \n <option value=\"de\">\n Deutsch\n </option>\n \n <option value=\"en\" selected=\"selected\">\n English\n </option>\n \n </select>\n </form>\n </div>\n\n <div class=\"clock\">1755124659#en#0#</div>\n\n <div class=\"online-help\">\n <a href=\"#\" onClick=\"openHelpWindow('/static/help/en/login_help.htm');\">Help<i class=\"fa fa-question-circle fa-fw\"></i></a>\n </div>\n</div>\n\n\n <div class=\"content\">\n\n\n\n <form action=\"/wbm/login/\" method=\"POST\" class=\"login-form\">\n <input type='hidden' name='csrfmiddlewaretoken' value='z3mvweEsAdt4KXsue2QgTdXvxLNfhicF' />\n <input id=\"id_utcoffset\" name=\"utcoffset\" type=\"hidden\" value=\"0\"/>\n\n <div class=\"form-row\">\n <label for=\"id_username\">User name:</label>\n <input id=\"id_username\" maxlength=\"254\" name=\"username\" type=\"text\" />\n </div>\n\n <div class=\"form-row\">\n <label for=\"id_password\">Password:</label>\n <input id=\"id_password\" name=\"password\" type=\"password\" autocomplete=\"off\"/>\n </div>\n\n \n\n <div class=\"form-row\">\n <label for=\"id_submit\"> </label>\n <button id=\"id_submit\" type=\"submit\"><span class=\"button\">Log on</span></button>\n </div>\n </form>\n\n \n\n \n\n <div class=\"sep\"></div>\n\n <div class=\"pki\">\n \n <img src=\"/static/img/chip-icon.png\">\n \n <p>PKI Login</p>\n </div>\n\n\n </div>\n\n <script type=\"text/javascript\">\n <!--\n\n var d = new Date();\n $(\"#id_utcoffset\").prop('value', d.getTimezoneOffset() * -1);\n\n var usernameInput = $(\"#id_username\");\n usernameInput.focus().val(usernameInput.val());\n\n -->\n </script>\n</body>\n</html>\n",
"body_murmur": -640738961,
"body_sha256": "7313f8e6aa459836d1b3860195d7e3b145145cd0870363b9cfabd657a0852ca5",
"component": [
"Apache HTTP Server",
"Django",
"Python"
],
"content_length": -1,
"headers": {
"cache_control": [
"max-age=0"
],
"content_language": [
"en"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Wed, 13 Aug 2025 22:37:39 GMT"
],
"expires": [
"Wed, 13 Aug 2025 22:37:39 GMT"
],
"last_modified": [
"Wed, 13 Aug 2025 22:37:39 GMT"
],
"server": [
"Apache"
],
"set_cookie": [
"csrftoken=z3mvweEsAdt4KXsue2QgTdXvxLNfhicF; expires=Wed, 12-Aug-2026 22:37:39 GMT; httponly; Max-Age=31449600; Path=/; secure",
"sessionid=95lw9jtzpfwcnmutvqzv2e5835h0n2o6; httponly; Path=/; secure"
],
"strict_transport_security": [
"max-age=15768000"
],
"vary": [
"Cookie,Accept-Language,Accept-Encoding"
],
"x_content_type_options": [
"nosniff",
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN",
"sameorigin"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"headers": {
"content_language": [
"en"
],
"content_length": [
"0"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Wed, 13 Aug 2025 22:37:39 GMT"
],
"location": [
"https://79.9.36.155/wbm/login/"
],
"server": [
"Apache"
],
"strict_transport_security": [
"max-age=15768000"
],
"vary": [
"Accept-Language,Cookie"
],
"x_content_type_options": [
"nosniff",
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN",
"sameorigin"
],
"x_xss_protection": [
"1; mode=block"
]
},
"location": "https://79.9.36.155/wbm/login/",
"protocol": "HTTP/1.1",
"status_code": 302,
"status_line": "302 FOUND"
}
],
"request": {
"headers": {
"accept": [
"*/*"
],
"referer": [
"https://79.9.36.155"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "79.9.36.155",
"path": "/wbm/login/",
"scheme": "https"
}
},
"status_code": 200,
"title": "Logon - SINEMA Remote Connect"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": false,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"ip_address": [
"79.9.36.155",
"192.168.81.101"
]
}
},
"fingerprint_md5": "51C271626159C40B04C0688668F61974",
"fingerprint_sha1": "EC6B7D02754A5BB98A2882A6CC84D46683DED37E",
"fingerprint_sha256": "0A1FCA02279A9F2C9227933F2FCCBC20B737B03029A4C35A6F1229CA5027CC5B",
"issuer": {
"common_name": [
"CA 79122 SINEMA RC"
]
},
"issuer_dn": "/CN=CA 79122 SINEMA RC",
"jarm": "16d16d16d14d16d00016d16d16d16d7bf6e7a34fd706e3a25b03da2a17f6af",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "428",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "NDc2MzI0ZDIyMjkzZmU5YTNlMjlmZWFmNGFhYjU0M2MwMDkzYWEwMzg0NGFkMjFlMGFjZTE2ZDg1MWIyOTEyMzVlNTkxZmU1YjljMmRjZGEwOWU4ODJlMmM5MDFlZjNlMWMyMGE1YzMzMzg5OGFiNjM1N2EzYzUwZGU0MWM0Mjc4NmM2ZDIwMWRkNjdlYjA1YWE0NWVhMzU4NmVlZDc1MWU1OTU5YmM5MTMzNGYwYjBmZjNlY2VmZjViZTA3MGQyZDVjMzZkNGYwYjI2MmJhNDBlNTJhNmI4YzI1NmUxZDM5MTcxYzZmZDhmMDRmNGUyODFhMDk0YTk2ZjEzZGQ1NTAwM2QwMGNkMGQxMTM4YzlkMWI3NjNiNmZlYWQ0ZDMxOWUyOTYzYzQyNDEyYjQ1ZGQ4YzEzNDhiMmJlZWZlOTFlOTdlZGE5ZTVhOGM3ZjhkYzViNmI2YjY1NzkxYmM0NGU4NGY4NzJmYzU3ZTM2MjlmZGM3MzBhY2MyMjdjMzYwNzJiYWI1MmM3MWY5OTZmNTNjM2I1YzI1Nzc1NzQ1M2U0MDc3YmZkMTZhZWRiODIzMzRiYzY3MTQ1MjA4MDVkNTZkMzk4ZmM5YjBkMzg5ZTljNGNhNzQzNDM1OGJiYWJhY2MyNTBiZTA2NWY3MGI5YTRmYmZiMjE1YTZiNDcwNTM="
},
"subject": {
"common_name": [
"192.168.81.101"
]
},
"subject_alt_name": {
"dns_names": [
"192.168.81.101"
],
"extended_dns_names": []
},
"subject_dn": "/CN=192.168.81.101",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "7a58953acf1660c13fb25782fdd8ec28604ce69ef523b126d63a5e2c2cb27875",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhhYTQ0MjlkNDMzNDNkNDJjNmFiZmI4NTVjNmIwMTUzM2RhZGU2NjU4N2M5MDk0Y2ZmNzZhMjUxMDdkNmQxYTc5Y2YzZmJkZjJjN2I4Njk5YmRjNGYwNWZkNGNjZGM5NTkwZWM2MGNlZDliYWI5ZTQ2MTcwZDk2NGNlZDk0ODM1M2EzODIxNmVkM2QxNjUxNzYzMGJmMzY1YjhkMjQ5Y2ZmM2MzMmI0NDYyMmQxYzZmOTIxYTFkOWU1ZGUxNGNjZDk2ODViY2U1MDgwMmVjOWE0NGU4MzE3MWUyMTFhY2Y2YWUzZDc5ZmNjMjZmNzJlZWFlMzVhZjQwZDMzOTE5MGExNzI1MDY4ZDllMTY2ODQ2ODU5MmI0NWVhZDgzYTc3YWIyMWNiMWUzOGE3Y2U0ZTJhZjY0OTgxODc5ZjBkY2ZiODQ0NmVmODgwNTJmNTg0YzdhNjI4MmI2Mzg1MGE5ZGY1NTEwYzUzNTg1Y2VmNDlkNGUxYWUyZmVjYmMwODhiMTFmNTk0ZGEyMTExOTg0ZDdmN2QxNjM0NjEzMjQ5OWI3ODIxYjEzMjQzNzc3ZWQ4MmJiZTk0ZDFjNDJhZDE0YjZkZGY2ZTZjY2M1MzIwZmU2ZjRkMWQ0MTdlYjJjNzliNGUzZTAxYjU2N2JhOTkwM2JkZmU0OTEyMGY4YTA3MmQ1OQ=="
}
},
"tbs_fingerprint": "01f5214d77d8cc745d1fe5feb55db5413f91af9745b3970306cc00fa75d3834a",
"validation_level": "DV",
"validity": {
"length_seconds": 31708800,
"not_after": "2026-07-10T19:59:18",
"not_before": "2025-07-08T19:59:18"
},
"version": 2
},
"fingerprint_sha256": "0A1FCA02279A9F2C9227933F2FCCBC20B737B03029A4C35A6F1229CA5027CC5B",
"precert": false,
"raw": "MIIC+zCCAeOgAwIBAgICAawwDQYJKoZIhvcNAQELBQAwHTEbMBkGA1UEAwwSQ0EgNzkxMjIgU0lORU1BIFJDMB4XDTI1MDcwODE5NTkxOFoXDTI2MDcxMDE5NTkxOFowGTEXMBUGA1UEAwwOMTkyLjE2OC44MS4xMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqRCnUM0PULGq/uFXGsBUz2t5mWHyQlM/3aiUQfW0aec8/vfLHuGmb3E8F/UzNyVkOxgztm6ueRhcNlkztlINTo4IW7T0WUXYwvzZbjSSc/zwytEYi0cb5IaHZ5d4UzNloW85QgC7JpE6DFx4hGs9q49efzCb3LurjWvQNM5GQoXJQaNnhZoRoWStF6tg6d6shyx44p85OKvZJgYefDc+4RG74gFL1hMemKCtjhQqd9VEMU1hc70nU4a4v7LwIixH1lNohEZhNf30WNGEySZt4IbEyQ3d+2Cu+lNHEKtFLbd9ubMxTIP5vTR1BfrLHm04+AbVnupkDvf5JEg+KBy1ZAgMBAAGjSTBHMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBgGA1UdEQEB/wQOMAyHBE8JJJuHBMCoUWUwDQYJKoZIhvcNAQELBQADggEBAEdjJNIik/6aPin+r0qrVDwAk6oDhErSHgrOFthRspEjXlkf5bnC3NoJ6ILiyQHvPhwgpcMziYq2NXo8UN5BxCeGxtIB3WfrBapF6jWG7tdR5ZWbyRM08LD/Ps7/W+Bw0tXDbU8LJiukDlKmuMJW4dORccb9jwT04oGglKlvE91VAD0AzQ0ROMnRt2O2/q1NMZ4pY8QkErRd2ME0iyvu/pHpftqeWox/jcW2trZXkbxE6E+HL8V+Nin9xzCswifDYHK6tSxx+Zb1PDtcJXdXRT5Ad7/Rau24IzS8ZxRSCAXVbTmPybDTienEynQ0NYu6uswlC+Bl9wuaT7+yFaa0cFM=",
"tags": [
"dv",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "https://79.9.36.155/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-13T23:58:19.917Z"
}
],
"services_hash": "d3e00e6862ecf8f0e434ce6510fbad73712eaa673614630f91bec8e062208fe6",
"last_updated_at": "2025-08-13T23:58:19.917Z",
"banner": [
"http",
"tls",
"ftp"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"443/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2014-0160": {
"id": "CVE-2014-0160",
"references": [
"http://advisories.mageia.org/MGASA-2014-0165.html",
"http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/",
"http://cogentdatahub.com/ReleaseNotes.html",
"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01",
"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3",
"http://heartbleed.com/",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html",
"http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html",
"http://marc.info/?l=bugtraq&m=139722163017074&w=2",
"http://marc.info/?l=bugtraq&m=139757726426985&w=2",
"http://marc.info/?l=bugtraq&m=139757819327350&w=2",
"http://marc.info/?l=bugtraq&m=139757919027752&w=2",
"http://marc.info/?l=bugtraq&m=139758572430452&w=2",
"http://marc.info/?l=bugtraq&m=139765756720506&w=2",
"http://marc.info/?l=bugtraq&m=139774054614965&w=2",
"http://marc.info/?l=bugtraq&m=139774703817488&w=2",
"http://marc.info/?l=bugtraq&m=139808058921905&w=2",
"http://marc.info/?l=bugtraq&m=139817685517037&w=2",
"http://marc.info/?l=bugtraq&m=139817727317190&w=2",
"http://marc.info/?l=bugtraq&m=139817782017443&w=2",
"http://marc.info/?l=bugtraq&m=139824923705461&w=2",
"http://marc.info/?l=bugtraq&m=139824993005633&w=2",
"http://marc.info/?l=bugtraq&m=139833395230364&w=2",
"http://marc.info/?l=bugtraq&m=139835815211508&w=2",
"http://marc.info/?l=bugtraq&m=139835844111589&w=2",
"http://marc.info/?l=bugtraq&m=139836085512508&w=2",
"http://marc.info/?l=bugtraq&m=139842151128341&w=2",
"http://marc.info/?l=bugtraq&m=139843768401936&w=2",
"http://marc.info/?l=bugtraq&m=139869720529462&w=2",
"http://marc.info/?l=bugtraq&m=139869891830365&w=2",
"http://marc.info/?l=bugtraq&m=139889113431619&w=2",
"http://marc.info/?l=bugtraq&m=139889295732144&w=2",
"http://marc.info/?l=bugtraq&m=139905202427693&w=2",
"http://marc.info/?l=bugtraq&m=139905243827825&w=2",
"http://marc.info/?l=bugtraq&m=139905295427946&w=2",
"http://marc.info/?l=bugtraq&m=139905351928096&w=2",
"http://marc.info/?l=bugtraq&m=139905405728262&w=2",
"http://marc.info/?l=bugtraq&m=139905458328378&w=2",
"http://marc.info/?l=bugtraq&m=139905653828999&w=2",
"http://marc.info/?l=bugtraq&m=139905868529690&w=2",
"http://marc.info/?l=bugtraq&m=140015787404650&w=2",
"http://marc.info/?l=bugtraq&m=140075368411126&w=2",
"http://marc.info/?l=bugtraq&m=140724451518351&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=141287864628122&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3",
"http://rhn.redhat.com/errata/RHSA-2014-0376.html",
"http://rhn.redhat.com/errata/RHSA-2014-0377.html",
"http://rhn.redhat.com/errata/RHSA-2014-0378.html",
"http://rhn.redhat.com/errata/RHSA-2014-0396.html",
"http://seclists.org/fulldisclosure/2014/Apr/109",
"http://seclists.org/fulldisclosure/2014/Apr/173",
"http://seclists.org/fulldisclosure/2014/Apr/190",
"http://seclists.org/fulldisclosure/2014/Apr/90",
"http://seclists.org/fulldisclosure/2014/Apr/91",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/57347",
"http://secunia.com/advisories/57483",
"http://secunia.com/advisories/57721",
"http://secunia.com/advisories/57836",
"http://secunia.com/advisories/57966",
"http://secunia.com/advisories/57968",
"http://secunia.com/advisories/59139",
"http://secunia.com/advisories/59243",
"http://secunia.com/advisories/59347",
"http://support.citrix.com/article/CTX140605",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661",
"http://www-01.ibm.com/support/docview.wss?uid=swg21670161",
"http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf",
"http://www.blackberry.com/btsc/KB35882",
"http://www.debian.org/security/2014/dsa-2896",
"http://www.exploit-db.com/exploits/32745",
"http://www.exploit-db.com/exploits/32764",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-1",
"http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/",
"http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/720951",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.openssl.org/news/secadv_20140407.txt",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66690",
"http://www.securitytracker.com/id/1030026",
"http://www.securitytracker.com/id/1030074",
"http://www.securitytracker.com/id/1030077",
"http://www.securitytracker.com/id/1030078",
"http://www.securitytracker.com/id/1030079",
"http://www.securitytracker.com/id/1030080",
"http://www.securitytracker.com/id/1030081",
"http://www.securitytracker.com/id/1030082",
"http://www.splunk.com/view/SP-CAAAMB3",
"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00",
"http://www.ubuntu.com/usn/USN-2165-1",
"http://www.us-cert.gov/ncas/alerts/TA14-098A",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"https://blog.torproject.org/blog/openssl-bug-cve-2014-0160",
"https://bugzilla.redhat.com/show_bug.cgi?id=1084875",
"https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf",
"https://code.google.com/p/mod-spdy/issues/detail?id=85",
"https://filezilla-project.org/versions.php?type=server",
"https://gist.github.com/chapmajs/10473815",
"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken",
"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html",
"https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217",
"https://www.cert.fi/en/reports/2014/vulnerability788210.html",
"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008",
"https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd",
"http://advisories.mageia.org/MGASA-2014-0165.html",
"http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/",
"http://cogentdatahub.com/ReleaseNotes.html",
"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01",
"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3",
"http://heartbleed.com/",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html",
"http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html",
"http://marc.info/?l=bugtraq&m=139722163017074&w=2",
"http://marc.info/?l=bugtraq&m=139757726426985&w=2",
"http://marc.info/?l=bugtraq&m=139757819327350&w=2",
"http://marc.info/?l=bugtraq&m=139757919027752&w=2",
"http://marc.info/?l=bugtraq&m=139758572430452&w=2",
"http://marc.info/?l=bugtraq&m=139765756720506&w=2",
"http://marc.info/?l=bugtraq&m=139774054614965&w=2",
"http://marc.info/?l=bugtraq&m=139774703817488&w=2",
"http://marc.info/?l=bugtraq&m=139808058921905&w=2",
"http://marc.info/?l=bugtraq&m=139817685517037&w=2",
"http://marc.info/?l=bugtraq&m=139817727317190&w=2",
"http://marc.info/?l=bugtraq&m=139817782017443&w=2",
"http://marc.info/?l=bugtraq&m=139824923705461&w=2",
"http://marc.info/?l=bugtraq&m=139824993005633&w=2",
"http://marc.info/?l=bugtraq&m=139833395230364&w=2",
"http://marc.info/?l=bugtraq&m=139835815211508&w=2",
"http://marc.info/?l=bugtraq&m=139835844111589&w=2",
"http://marc.info/?l=bugtraq&m=139836085512508&w=2",
"http://marc.info/?l=bugtraq&m=139842151128341&w=2",
"http://marc.info/?l=bugtraq&m=139843768401936&w=2",
"http://marc.info/?l=bugtraq&m=139869720529462&w=2",
"http://marc.info/?l=bugtraq&m=139869891830365&w=2",
"http://marc.info/?l=bugtraq&m=139889113431619&w=2",
"http://marc.info/?l=bugtraq&m=139889295732144&w=2",
"http://marc.info/?l=bugtraq&m=139905202427693&w=2",
"http://marc.info/?l=bugtraq&m=139905243827825&w=2",
"http://marc.info/?l=bugtraq&m=139905295427946&w=2",
"http://marc.info/?l=bugtraq&m=139905351928096&w=2",
"http://marc.info/?l=bugtraq&m=139905405728262&w=2",
"http://marc.info/?l=bugtraq&m=139905458328378&w=2",
"http://marc.info/?l=bugtraq&m=139905653828999&w=2",
"http://marc.info/?l=bugtraq&m=139905868529690&w=2",
"http://marc.info/?l=bugtraq&m=140015787404650&w=2",
"http://marc.info/?l=bugtraq&m=140075368411126&w=2",
"http://marc.info/?l=bugtraq&m=140724451518351&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=141287864628122&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3",
"http://rhn.redhat.com/errata/RHSA-2014-0376.html",
"http://rhn.redhat.com/errata/RHSA-2014-0377.html",
"http://rhn.redhat.com/errata/RHSA-2014-0378.html",
"http://rhn.redhat.com/errata/RHSA-2014-0396.html",
"http://seclists.org/fulldisclosure/2014/Apr/109",
"http://seclists.org/fulldisclosure/2014/Apr/173",
"http://seclists.org/fulldisclosure/2014/Apr/190",
"http://seclists.org/fulldisclosure/2014/Apr/90",
"http://seclists.org/fulldisclosure/2014/Apr/91",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/57347",
"http://secunia.com/advisories/57483",
"http://secunia.com/advisories/57721",
"http://secunia.com/advisories/57836",
"http://secunia.com/advisories/57966",
"http://secunia.com/advisories/57968",
"http://secunia.com/advisories/59139",
"http://secunia.com/advisories/59243",
"http://secunia.com/advisories/59347",
"http://support.citrix.com/article/CTX140605",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661",
"http://www-01.ibm.com/support/docview.wss?uid=swg21670161",
"http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf",
"http://www.blackberry.com/btsc/KB35882",
"http://www.debian.org/security/2014/dsa-2896",
"http://www.exploit-db.com/exploits/32745",
"http://www.exploit-db.com/exploits/32764",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-1",
"http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/",
"http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/720951",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.openssl.org/news/secadv_20140407.txt",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66690",
"http://www.securitytracker.com/id/1030026",
"http://www.securitytracker.com/id/1030074",
"http://www.securitytracker.com/id/1030077",
"http://www.securitytracker.com/id/1030078",
"http://www.securitytracker.com/id/1030079",
"http://www.securitytracker.com/id/1030080",
"http://www.securitytracker.com/id/1030081",
"http://www.securitytracker.com/id/1030082",
"http://www.splunk.com/view/SP-CAAAMB3",
"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00",
"http://www.ubuntu.com/usn/USN-2165-1",
"http://www.us-cert.gov/ncas/alerts/TA14-098A",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"https://blog.torproject.org/blog/openssl-bug-cve-2014-0160",
"https://bugzilla.redhat.com/show_bug.cgi?id=1084875",
"https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf",
"https://code.google.com/p/mod-spdy/issues/detail?id=85",
"https://filezilla-project.org/versions.php?type=server",
"https://gist.github.com/chapmajs/10473815",
"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken",
"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html",
"https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217",
"https://www.cert.fi/en/reports/2014/vulnerability788210.html",
"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008",
"https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
],
"score": 7.5,
"services": [
"21/ftp"
],
"severity": "high",
"summary": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2014-0224": {
"id": "CVE-2014-0224",
"references": [
"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc",
"http://ccsinjection.lepidum.co.jp",
"http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html",
"http://esupport.trendmicro.com/solution/en-US/1103813.aspx",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217",
"http://linux.oracle.com/errata/ELSA-2014-1053.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html",
"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html",
"http://marc.info/?l=bugtraq&m=140266410314613&w=2",
"http://marc.info/?l=bugtraq&m=140266410314613&w=2",
"http://marc.info/?l=bugtraq&m=140317760000786&w=2",
"http://marc.info/?l=bugtraq&m=140369637402535&w=2",
"http://marc.info/?l=bugtraq&m=140386311427810&w=2",
"http://marc.info/?l=bugtraq&m=140389274407904&w=2",
"http://marc.info/?l=bugtraq&m=140389355508263&w=2",
"http://marc.info/?l=bugtraq&m=140431828824371&w=2",
"http://marc.info/?l=bugtraq&m=140448122410568&w=2",
"http://marc.info/?l=bugtraq&m=140482916501310&w=2",
"http://marc.info/?l=bugtraq&m=140491231331543&w=2",
"http://marc.info/?l=bugtraq&m=140499864129699&w=2",
"http://marc.info/?l=bugtraq&m=140544599631400&w=2",
"http://marc.info/?l=bugtraq&m=140604261522465&w=2",
"http://marc.info/?l=bugtraq&m=140621259019789&w=2",
"http://marc.info/?l=bugtraq&m=140672208601650&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=140784085708882&w=2",
"http://marc.info/?l=bugtraq&m=140794476212181&w=2",
"http://marc.info/?l=bugtraq&m=140852757108392&w=2",
"http://marc.info/?l=bugtraq&m=140852826008699&w=2",
"http://marc.info/?l=bugtraq&m=140870499402361&w=2",
"http://marc.info/?l=bugtraq&m=140904544427729&w=2",
"http://marc.info/?l=bugtraq&m=140983229106599&w=2",
"http://marc.info/?l=bugtraq&m=141025641601169&w=2",
"http://marc.info/?l=bugtraq&m=141147110427269&w=2",
"http://marc.info/?l=bugtraq&m=141164638606214&w=2",
"http://marc.info/?l=bugtraq&m=141383410222440&w=2",
"http://marc.info/?l=bugtraq&m=141383465822787&w=2",
"http://marc.info/?l=bugtraq&m=141658880509699&w=2",
"http://marc.info/?l=bugtraq&m=142350350616251&w=2",
"http://marc.info/?l=bugtraq&m=142350350616251&w=2",
"http://marc.info/?l=bugtraq&m=142546741516006&w=2",
"http://marc.info/?l=bugtraq&m=142805027510172&w=2",
"http://puppetlabs.com/security/cve/cve-2014-0224",
"http://rhn.redhat.com/errata/RHSA-2014-0624.html",
"http://rhn.redhat.com/errata/RHSA-2014-0626.html",
"http://rhn.redhat.com/errata/RHSA-2014-0627.html",
"http://rhn.redhat.com/errata/RHSA-2014-0630.html",
"http://rhn.redhat.com/errata/RHSA-2014-0631.html",
"http://rhn.redhat.com/errata/RHSA-2014-0632.html",
"http://rhn.redhat.com/errata/RHSA-2014-0633.html",
"http://rhn.redhat.com/errata/RHSA-2014-0680.html",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://seclists.org/fulldisclosure/2014/Jun/38",
"http://secunia.com/advisories/58128",
"http://secunia.com/advisories/58337",
"http://secunia.com/advisories/58385",
"http://secunia.com/advisories/58433",
"http://secunia.com/advisories/58492",
"http://secunia.com/advisories/58579",
"http://secunia.com/advisories/58615",
"http://secunia.com/advisories/58639",
"http://secunia.com/advisories/58660",
"http://secunia.com/advisories/58667",
"http://secunia.com/advisories/58713",
"http://secunia.com/advisories/58714",
"http://secunia.com/advisories/58716",
"http://secunia.com/advisories/58719",
"http://secunia.com/advisories/58742",
"http://secunia.com/advisories/58743",
"http://secunia.com/advisories/58745",
"http://secunia.com/advisories/58759",
"http://secunia.com/advisories/58930",
"http://secunia.com/advisories/58939",
"http://secunia.com/advisories/58945",
"http://secunia.com/advisories/58977",
"http://secunia.com/advisories/59004",
"http://secunia.com/advisories/59012",
"http://secunia.com/advisories/59040",
"http://secunia.com/advisories/59043",
"http://secunia.com/advisories/59055",
"http://secunia.com/advisories/59063",
"http://secunia.com/advisories/59093",
"http://secunia.com/advisories/59101",
"http://secunia.com/advisories/59120",
"http://secunia.com/advisories/59126",
"http://secunia.com/advisories/59132",
"http://secunia.com/advisories/59135",
"http://secunia.com/advisories/59142",
"http://secunia.com/advisories/59162",
"http://secunia.com/advisories/59163",
"http://secunia.com/advisories/59167",
"http://secunia.com/advisories/59175",
"http://secunia.com/advisories/59186",
"http://secunia.com/advisories/59188",
"http://secunia.com/advisories/59189",
"http://secunia.com/advisories/59190",
"http://secunia.com/advisories/59191",
"http://secunia.com/advisories/59192",
"http://secunia.com/advisories/59202",
"http://secunia.com/advisories/59211",
"http://secunia.com/advisories/59214",
"http://secunia.com/advisories/59215",
"http://secunia.com/advisories/59223",
"http://secunia.com/advisories/59231",
"http://secunia.com/advisories/59264",
"http://secunia.com/advisories/59282",
"http://secunia.com/advisories/59284",
"http://secunia.com/advisories/59287",
"http://secunia.com/advisories/59300",
"http://secunia.com/advisories/59301",
"http://secunia.com/advisories/59305",
"http://secunia.com/advisories/59306",
"http://secunia.com/advisories/59310",
"http://secunia.com/advisories/59325",
"http://secunia.com/advisories/59338",
"http://secunia.com/advisories/59342",
"http://secunia.com/advisories/59347",
"http://secunia.com/advisories/59354",
"http://secunia.com/advisories/59362",
"http://secunia.com/advisories/59364",
"http://secunia.com/advisories/59365",
"http://secunia.com/advisories/59368",
"http://secunia.com/advisories/59370",
"http://secunia.com/advisories/59374",
"http://secunia.com/advisories/59375",
"http://secunia.com/advisories/59380",
"http://secunia.com/advisories/59383",
"http://secunia.com/advisories/59389",
"http://secunia.com/advisories/59413",
"http://secunia.com/advisories/59429",
"http://secunia.com/advisories/59435",
"http://secunia.com/advisories/59437",
"http://secunia.com/advisories/59438",
"http://secunia.com/advisories/59440",
"http://secunia.com/advisories/59441",
"http://secunia.com/advisories/59442",
"http://secunia.com/advisories/59444",
"http://secunia.com/advisories/59445",
"http://secunia.com/advisories/59446",
"http://secunia.com/advisories/59447",
"http://secunia.com/advisories/59448",
"http://secunia.com/advisories/59449",
"http://secunia.com/advisories/59450",
"http://secunia.com/advisories/59451",
"http://secunia.com/advisories/59454",
"http://secunia.com/advisories/59459",
"http://secunia.com/advisories/59460",
"http://secunia.com/advisories/59483",
"http://secunia.com/advisories/59490",
"http://secunia.com/advisories/59491",
"http://secunia.com/advisories/59495",
"http://secunia.com/advisories/59502",
"http://secunia.com/advisories/59506",
"http://secunia.com/advisories/59514",
"http://secunia.com/advisories/59518",
"http://secunia.com/advisories/59525",
"http://secunia.com/advisories/59528",
"http://secunia.com/advisories/59529",
"http://secunia.com/advisories/59530",
"http://secunia.com/advisories/59589",
"http://secunia.com/advisories/59602",
"http://secunia.com/advisories/59655",
"http://secunia.com/advisories/59659",
"http://secunia.com/advisories/59661",
"http://secunia.com/advisories/59666",
"http://secunia.com/advisories/59669",
"http://secunia.com/advisories/59677",
"http://secunia.com/advisories/59721",
"http://secunia.com/advisories/59784",
"http://secunia.com/advisories/59824",
"http://secunia.com/advisories/59827",
"http://secunia.com/advisories/59878",
"http://secunia.com/advisories/59885",
"http://secunia.com/advisories/59894",
"http://secunia.com/advisories/59916",
"http://secunia.com/advisories/59990",
"http://secunia.com/advisories/60049",
"http://secunia.com/advisories/60066",
"http://secunia.com/advisories/60176",
"http://secunia.com/advisories/60522",
"http://secunia.com/advisories/60567",
"http://secunia.com/advisories/60571",
"http://secunia.com/advisories/60577",
"http://secunia.com/advisories/60819",
"http://secunia.com/advisories/61254",
"http://secunia.com/advisories/61815",
"http://security.gentoo.org/glsa/glsa-201407-05.xml",
"http://support.apple.com/kb/HT6443",
"http://support.citrix.com/article/CTX140876",
"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506",
"http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675626",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675821",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676071",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676333",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676334",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676478",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676496",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676536",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676615",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676644",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676786",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676833",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676845",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677080",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677131",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677390",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677567",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678233",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678289",
"http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037727",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037729",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037730",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037731",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037732",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037761",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037870",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737",
"http://www.blackberry.com/btsc/KB36051",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-6",
"http://www.fortiguard.com/advisory/FG-IR-14-018/",
"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"http://www.ibm.com/support/docview.wss?uid=isg3T1020948",
"http://www.ibm.com/support/docview.wss?uid=ssg1S1004678",
"http://www.ibm.com/support/docview.wss?uid=swg1IT02314",
"http://www.ibm.com/support/docview.wss?uid=swg21676356",
"http://www.ibm.com/support/docview.wss?uid=swg21676793",
"http://www.ibm.com/support/docview.wss?uid=swg21676877",
"http://www.ibm.com/support/docview.wss?uid=swg24037783",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/978508",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:105",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:106",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.novell.com/support/kb/doc.php?id=7015264",
"http://www.novell.com/support/kb/doc.php?id=7015300",
"http://www.openssl.org/news/secadv_20140605.txt",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securitytracker.com/id/1031032",
"http://www.securitytracker.com/id/1031594",
"http://www.splunk.com/view/SP-CAAAM2D",
"http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download",
"http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E",
"https://access.redhat.com/site/blogs/766093/posts/908133",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1",
"https://bugzilla.redhat.com/show_bug.cgi?id=1103586",
"https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf",
"https://discussions.nessus.org/thread/7517",
"https://filezilla-project.org/versions.php?type=server",
"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"https://kb.bluecoat.com/index?page=content&id=SA80",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
"https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004670",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004671",
"https://www.imperialviolet.org/2014/06/05/earlyccs.html",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf",
"https://www.novell.com/support/kb/doc.php?id=7015271",
"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc",
"http://ccsinjection.lepidum.co.jp",
"http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html",
"http://esupport.trendmicro.com/solution/en-US/1103813.aspx",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217",
"http://linux.oracle.com/errata/ELSA-2014-1053.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html",
"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html",
"http://marc.info/?l=bugtraq&m=140266410314613&w=2",
"http://marc.info/?l=bugtraq&m=140266410314613&w=2",
"http://marc.info/?l=bugtraq&m=140317760000786&w=2",
"http://marc.info/?l=bugtraq&m=140369637402535&w=2",
"http://marc.info/?l=bugtraq&m=140386311427810&w=2",
"http://marc.info/?l=bugtraq&m=140389274407904&w=2",
"http://marc.info/?l=bugtraq&m=140389355508263&w=2",
"http://marc.info/?l=bugtraq&m=140431828824371&w=2",
"http://marc.info/?l=bugtraq&m=140448122410568&w=2",
"http://marc.info/?l=bugtraq&m=140482916501310&w=2",
"http://marc.info/?l=bugtraq&m=140491231331543&w=2",
"http://marc.info/?l=bugtraq&m=140499864129699&w=2",
"http://marc.info/?l=bugtraq&m=140544599631400&w=2",
"http://marc.info/?l=bugtraq&m=140604261522465&w=2",
"http://marc.info/?l=bugtraq&m=140621259019789&w=2",
"http://marc.info/?l=bugtraq&m=140672208601650&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=140784085708882&w=2",
"http://marc.info/?l=bugtraq&m=140794476212181&w=2",
"http://marc.info/?l=bugtraq&m=140852757108392&w=2",
"http://marc.info/?l=bugtraq&m=140852826008699&w=2",
"http://marc.info/?l=bugtraq&m=140870499402361&w=2",
"http://marc.info/?l=bugtraq&m=140904544427729&w=2",
"http://marc.info/?l=bugtraq&m=140983229106599&w=2",
"http://marc.info/?l=bugtraq&m=141025641601169&w=2",
"http://marc.info/?l=bugtraq&m=141147110427269&w=2",
"http://marc.info/?l=bugtraq&m=141164638606214&w=2",
"http://marc.info/?l=bugtraq&m=141383410222440&w=2",
"http://marc.info/?l=bugtraq&m=141383465822787&w=2",
"http://marc.info/?l=bugtraq&m=141658880509699&w=2",
"http://marc.info/?l=bugtraq&m=142350350616251&w=2",
"http://marc.info/?l=bugtraq&m=142350350616251&w=2",
"http://marc.info/?l=bugtraq&m=142546741516006&w=2",
"http://marc.info/?l=bugtraq&m=142805027510172&w=2",
"http://puppetlabs.com/security/cve/cve-2014-0224",
"http://rhn.redhat.com/errata/RHSA-2014-0624.html",
"http://rhn.redhat.com/errata/RHSA-2014-0626.html",
"http://rhn.redhat.com/errata/RHSA-2014-0627.html",
"http://rhn.redhat.com/errata/RHSA-2014-0630.html",
"http://rhn.redhat.com/errata/RHSA-2014-0631.html",
"http://rhn.redhat.com/errata/RHSA-2014-0632.html",
"http://rhn.redhat.com/errata/RHSA-2014-0633.html",
"http://rhn.redhat.com/errata/RHSA-2014-0680.html",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://seclists.org/fulldisclosure/2014/Jun/38",
"http://secunia.com/advisories/58128",
"http://secunia.com/advisories/58337",
"http://secunia.com/advisories/58385",
"http://secunia.com/advisories/58433",
"http://secunia.com/advisories/58492",
"http://secunia.com/advisories/58579",
"http://secunia.com/advisories/58615",
"http://secunia.com/advisories/58639",
"http://secunia.com/advisories/58660",
"http://secunia.com/advisories/58667",
"http://secunia.com/advisories/58713",
"http://secunia.com/advisories/58714",
"http://secunia.com/advisories/58716",
"http://secunia.com/advisories/58719",
"http://secunia.com/advisories/58742",
"http://secunia.com/advisories/58743",
"http://secunia.com/advisories/58745",
"http://secunia.com/advisories/58759",
"http://secunia.com/advisories/58930",
"http://secunia.com/advisories/58939",
"http://secunia.com/advisories/58945",
"http://secunia.com/advisories/58977",
"http://secunia.com/advisories/59004",
"http://secunia.com/advisories/59012",
"http://secunia.com/advisories/59040",
"http://secunia.com/advisories/59043",
"http://secunia.com/advisories/59055",
"http://secunia.com/advisories/59063",
"http://secunia.com/advisories/59093",
"http://secunia.com/advisories/59101",
"http://secunia.com/advisories/59120",
"http://secunia.com/advisories/59126",
"http://secunia.com/advisories/59132",
"http://secunia.com/advisories/59135",
"http://secunia.com/advisories/59142",
"http://secunia.com/advisories/59162",
"http://secunia.com/advisories/59163",
"http://secunia.com/advisories/59167",
"http://secunia.com/advisories/59175",
"http://secunia.com/advisories/59186",
"http://secunia.com/advisories/59188",
"http://secunia.com/advisories/59189",
"http://secunia.com/advisories/59190",
"http://secunia.com/advisories/59191",
"http://secunia.com/advisories/59192",
"http://secunia.com/advisories/59202",
"http://secunia.com/advisories/59211",
"http://secunia.com/advisories/59214",
"http://secunia.com/advisories/59215",
"http://secunia.com/advisories/59223",
"http://secunia.com/advisories/59231",
"http://secunia.com/advisories/59264",
"http://secunia.com/advisories/59282",
"http://secunia.com/advisories/59284",
"http://secunia.com/advisories/59287",
"http://secunia.com/advisories/59300",
"http://secunia.com/advisories/59301",
"http://secunia.com/advisories/59305",
"http://secunia.com/advisories/59306",
"http://secunia.com/advisories/59310",
"http://secunia.com/advisories/59325",
"http://secunia.com/advisories/59338",
"http://secunia.com/advisories/59342",
"http://secunia.com/advisories/59347",
"http://secunia.com/advisories/59354",
"http://secunia.com/advisories/59362",
"http://secunia.com/advisories/59364",
"http://secunia.com/advisories/59365",
"http://secunia.com/advisories/59368",
"http://secunia.com/advisories/59370",
"http://secunia.com/advisories/59374",
"http://secunia.com/advisories/59375",
"http://secunia.com/advisories/59380",
"http://secunia.com/advisories/59383",
"http://secunia.com/advisories/59389",
"http://secunia.com/advisories/59413",
"http://secunia.com/advisories/59429",
"http://secunia.com/advisories/59435",
"http://secunia.com/advisories/59437",
"http://secunia.com/advisories/59438",
"http://secunia.com/advisories/59440",
"http://secunia.com/advisories/59441",
"http://secunia.com/advisories/59442",
"http://secunia.com/advisories/59444",
"http://secunia.com/advisories/59445",
"http://secunia.com/advisories/59446",
"http://secunia.com/advisories/59447",
"http://secunia.com/advisories/59448",
"http://secunia.com/advisories/59449",
"http://secunia.com/advisories/59450",
"http://secunia.com/advisories/59451",
"http://secunia.com/advisories/59454",
"http://secunia.com/advisories/59459",
"http://secunia.com/advisories/59460",
"http://secunia.com/advisories/59483",
"http://secunia.com/advisories/59490",
"http://secunia.com/advisories/59491",
"http://secunia.com/advisories/59495",
"http://secunia.com/advisories/59502",
"http://secunia.com/advisories/59506",
"http://secunia.com/advisories/59514",
"http://secunia.com/advisories/59518",
"http://secunia.com/advisories/59525",
"http://secunia.com/advisories/59528",
"http://secunia.com/advisories/59529",
"http://secunia.com/advisories/59530",
"http://secunia.com/advisories/59589",
"http://secunia.com/advisories/59602",
"http://secunia.com/advisories/59655",
"http://secunia.com/advisories/59659",
"http://secunia.com/advisories/59661",
"http://secunia.com/advisories/59666",
"http://secunia.com/advisories/59669",
"http://secunia.com/advisories/59677",
"http://secunia.com/advisories/59721",
"http://secunia.com/advisories/59784",
"http://secunia.com/advisories/59824",
"http://secunia.com/advisories/59827",
"http://secunia.com/advisories/59878",
"http://secunia.com/advisories/59885",
"http://secunia.com/advisories/59894",
"http://secunia.com/advisories/59916",
"http://secunia.com/advisories/59990",
"http://secunia.com/advisories/60049",
"http://secunia.com/advisories/60066",
"http://secunia.com/advisories/60176",
"http://secunia.com/advisories/60522",
"http://secunia.com/advisories/60567",
"http://secunia.com/advisories/60571",
"http://secunia.com/advisories/60577",
"http://secunia.com/advisories/60819",
"http://secunia.com/advisories/61254",
"http://secunia.com/advisories/61815",
"http://security.gentoo.org/glsa/glsa-201407-05.xml",
"http://support.apple.com/kb/HT6443",
"http://support.citrix.com/article/CTX140876",
"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506",
"http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675626",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675821",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676071",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676333",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676334",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676478",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676496",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676536",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676615",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676644",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676786",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676833",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676845",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677080",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677131",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677390",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677567",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678233",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678289",
"http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037727",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037729",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037730",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037731",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037732",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037761",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037870",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737",
"http://www.blackberry.com/btsc/KB36051",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-6",
"http://www.fortiguard.com/advisory/FG-IR-14-018/",
"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"http://www.ibm.com/support/docview.wss?uid=isg3T1020948",
"http://www.ibm.com/support/docview.wss?uid=ssg1S1004678",
"http://www.ibm.com/support/docview.wss?uid=swg1IT02314",
"http://www.ibm.com/support/docview.wss?uid=swg21676356",
"http://www.ibm.com/support/docview.wss?uid=swg21676793",
"http://www.ibm.com/support/docview.wss?uid=swg21676877",
"http://www.ibm.com/support/docview.wss?uid=swg24037783",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/978508",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:105",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:106",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.novell.com/support/kb/doc.php?id=7015264",
"http://www.novell.com/support/kb/doc.php?id=7015300",
"http://www.openssl.org/news/secadv_20140605.txt",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securitytracker.com/id/1031032",
"http://www.securitytracker.com/id/1031594",
"http://www.splunk.com/view/SP-CAAAM2D",
"http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download",
"http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E",
"https://access.redhat.com/site/blogs/766093/posts/908133",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1",
"https://bugzilla.redhat.com/show_bug.cgi?id=1103586",
"https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf",
"https://discussions.nessus.org/thread/7517",
"https://filezilla-project.org/versions.php?type=server",
"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"https://kb.bluecoat.com/index?page=content&id=SA80",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
"https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004670",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004671",
"https://www.imperialviolet.org/2014/06/05/earlyccs.html",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf",
"https://www.novell.com/support/kb/doc.php?id=7015271"
],
"score": 7.4,
"services": [
"21/ftp"
],
"severity": "high",
"summary": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"weakness": "CWE-326"
},
"CVE-2015-10003": {
"id": "CVE-2015-10003",
"references": [
"http://www.securitygalore.com/site3/filezilla_ftp_server_advisory",
"https://vuldb.com/?id.97203",
"http://www.securitygalore.com/site3/filezilla_ftp_server_advisory",
"https://vuldb.com/?id.97203"
],
"score": 4.3,
"services": [
"21/ftp"
],
"severity": "medium",
"summary": "A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to address this issue. It is recommended to upgrade the affected component.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-441"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.nnSpecial characters in the origin response header can truncate/split the response forwarded to the client.nnn",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
}
}
}