NVD Vulnerability Detail

CVE-2009-3555

Summary	The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
Summary	El protocolo TLS y el protocolo SSL v3.0 y posiblemente versiones anteriores, tal y como se usa en Microsoft Internet Information Services (IIS) v7.0, mod_ssl en el servidor HTTP Apache v2.2.14 y anteriores, OpenSSL antes de v0.9.8l, GnuTLS v2.8.5 y anteriores, Mozilla Network Security Services (NSS) v3.12.4 y anteriores, y otros productos, no asocia apropiadamente la renegociación del Handshake SSL en una conexión existente, lo que permite ataques man-in-the-middle en los que el atacante inserta datos en sesiones HTTPS, y posiblemente otro tipo de sesiones protegidas por SSL o TLS, enviando una petición de autenticación que es procesada retroactivamente por un servidor en un contexto post-renegociación. Se trata de un ataque de "inyección de texto plano", también conocido como el problema del "Proyecto Mogul".
Publication Date	Nov. 10, 2009, 2:30 a.m.
Registration Date	Jan. 29, 2021, 1:24 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : MEDIUM
Score	5.8
Vector	AV:N/AC:M/Au:N/C:N/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:http_server::::::::		2.2.14
cpe:2.3:a:gnu:gnutls::::::::		2.8.5
cpe:2.3:a:mozilla:nss::::::::		3.12.4
cpe:2.3:a:openssl:openssl::::::::		0.9.8k
cpe:2.3:a:openssl:openssl:1.0::openvms:::::
cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
cpe:2.3:o:debian:debian_linux:4.0:::::::*
cpe:2.3:o:debian:debian_linux:5.0:::::::*
cpe:2.3:o:debian:debian_linux:6.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:fedoraproject:fedora:11:::::::*
cpe:2.3:o:fedoraproject:fedora:12:::::::*
cpe:2.3:o:fedoraproject:fedora:13:::::::*
cpe:2.3:o:fedoraproject:fedora:14:::::::*
cpe:2.3:a:f5:nginx::::::::	0.1.0	0.8.22

Related information, measures and tools

No	URL	refsource
1	http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html	secalert@redhat.com
2	http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html	secalert@redhat.com
3	http://blogs.iss.net/archive/sslmitmiscsrf.html	secalert@redhat.com
4	http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during	secalert@redhat.com
5	http://clicky.me/tlsvuln	secalert@redhat.com
6	http://extendedsubset.com/?p=8	secalert@redhat.com
7	http://extendedsubset.com/Renegotiating_TLS.pdf	secalert@redhat.com
8	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686	secalert@redhat.com
9	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041	secalert@redhat.com
10	http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751	secalert@redhat.com
11	http://kbase.redhat.com/faq/docs/DOC-20491	secalert@redhat.com
12	http://lists.apple.com/archives/security-announce/2010//May/msg00001.html	secalert@redhat.com
13	http://lists.apple.com/archives/security-announce/2010//May/msg00002.html	secalert@redhat.com
14	http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html	secalert@redhat.com
15	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html	secalert@redhat.com
16	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html	secalert@redhat.com
17	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html	secalert@redhat.com
18	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html	secalert@redhat.com
19	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html	secalert@redhat.com
20	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html	secalert@redhat.com
21	http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html	secalert@redhat.com
22	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html	secalert@redhat.com
23	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html	secalert@redhat.com
24	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html	secalert@redhat.com
25	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html	secalert@redhat.com
26	http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html	secalert@redhat.com
27	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	secalert@redhat.com
28	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html	secalert@redhat.com
29	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html	secalert@redhat.com
30	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html	secalert@redhat.com
31	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html	secalert@redhat.com
32	http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2	secalert@redhat.com
33	http://marc.info/?l=bugtraq&m=126150535619567&w=2	secalert@redhat.com
34	http://marc.info/?l=bugtraq&m=127128920008563&w=2	secalert@redhat.com
35	http://marc.info/?l=bugtraq&m=127419602507642&w=2	secalert@redhat.com
36	http://marc.info/?l=bugtraq&m=127557596201693&w=2	secalert@redhat.com
37	http://marc.info/?l=bugtraq&m=130497311408250&w=2	secalert@redhat.com
38	http://marc.info/?l=bugtraq&m=132077688910227&w=2	secalert@redhat.com
39	http://marc.info/?l=bugtraq&m=133469267822771&w=2	secalert@redhat.com
40	http://marc.info/?l=bugtraq&m=134254866602253&w=2	secalert@redhat.com
41	http://marc.info/?l=bugtraq&m=142660345230545&w=2	secalert@redhat.com
42	http://marc.info/?l=cryptography&m=125752275331877&w=2	secalert@redhat.com
43	http://openbsd.org/errata45.html#010_openssl	secalert@redhat.com
44	http://openbsd.org/errata46.html#004_openssl	secalert@redhat.com
45	http://osvdb.org/60521	secalert@redhat.com
46	http://osvdb.org/60972	secalert@redhat.com
47	http://osvdb.org/62210	secalert@redhat.com
48	http://osvdb.org/65202	secalert@redhat.com
49	http://seclists.org/fulldisclosure/2009/Nov/139	secalert@redhat.com
50	http://secunia.com/advisories/37291	secalert@redhat.com
51	http://secunia.com/advisories/37292	secalert@redhat.com
52	http://secunia.com/advisories/37320	secalert@redhat.com
53	http://secunia.com/advisories/37383	secalert@redhat.com
54	http://secunia.com/advisories/37399	secalert@redhat.com
55	http://secunia.com/advisories/37453	secalert@redhat.com
56	http://secunia.com/advisories/37501	secalert@redhat.com
57	http://secunia.com/advisories/37504	secalert@redhat.com
58	http://secunia.com/advisories/37604	secalert@redhat.com
59	http://secunia.com/advisories/37640	secalert@redhat.com
60	http://secunia.com/advisories/37656	secalert@redhat.com
61	http://secunia.com/advisories/37675	secalert@redhat.com
62	http://secunia.com/advisories/37859	secalert@redhat.com
63	http://secunia.com/advisories/38003	secalert@redhat.com
64	http://secunia.com/advisories/38020	secalert@redhat.com
65	http://secunia.com/advisories/38056	secalert@redhat.com
66	http://secunia.com/advisories/38241	secalert@redhat.com
67	http://secunia.com/advisories/38484	secalert@redhat.com
68	http://secunia.com/advisories/38687	secalert@redhat.com
69	http://secunia.com/advisories/38781	secalert@redhat.com
70	http://secunia.com/advisories/39127	secalert@redhat.com
71	http://secunia.com/advisories/39136	secalert@redhat.com
72	http://secunia.com/advisories/39242	secalert@redhat.com
73	http://secunia.com/advisories/39243	secalert@redhat.com
74	http://secunia.com/advisories/39278	secalert@redhat.com
75	http://secunia.com/advisories/39292	secalert@redhat.com
76	http://secunia.com/advisories/39317	secalert@redhat.com
77	http://secunia.com/advisories/39461	secalert@redhat.com
78	http://secunia.com/advisories/39500	secalert@redhat.com
79	http://secunia.com/advisories/39628	secalert@redhat.com
80	http://secunia.com/advisories/39632	secalert@redhat.com
81	http://secunia.com/advisories/39713	secalert@redhat.com
82	http://secunia.com/advisories/39819	secalert@redhat.com
83	http://secunia.com/advisories/40070	secalert@redhat.com
84	http://secunia.com/advisories/40545	secalert@redhat.com
85	http://secunia.com/advisories/40747	secalert@redhat.com
86	http://secunia.com/advisories/40866	secalert@redhat.com
87	http://secunia.com/advisories/41480	secalert@redhat.com
88	http://secunia.com/advisories/41490	secalert@redhat.com
89	http://secunia.com/advisories/41818	secalert@redhat.com
90	http://secunia.com/advisories/41967	secalert@redhat.com
91	http://secunia.com/advisories/41972	secalert@redhat.com
92	http://secunia.com/advisories/42377	secalert@redhat.com
93	http://secunia.com/advisories/42379	secalert@redhat.com
94	http://secunia.com/advisories/42467	secalert@redhat.com
95	http://secunia.com/advisories/42724	secalert@redhat.com
96	http://secunia.com/advisories/42733	secalert@redhat.com
97	http://secunia.com/advisories/42808	secalert@redhat.com
98	http://secunia.com/advisories/42811	secalert@redhat.com
99	http://secunia.com/advisories/42816	secalert@redhat.com
100	http://secunia.com/advisories/43308	secalert@redhat.com
101	http://secunia.com/advisories/44183	secalert@redhat.com
102	http://secunia.com/advisories/44954	secalert@redhat.com
103	http://secunia.com/advisories/48577	secalert@redhat.com
104	http://security.gentoo.org/glsa/glsa-200912-01.xml	secalert@redhat.com
105	http://security.gentoo.org/glsa/glsa-201203-22.xml	secalert@redhat.com
106	http://security.gentoo.org/glsa/glsa-201406-32.xml	secalert@redhat.com
107	http://securitytracker.com/id?1023148	secalert@redhat.com
108	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446	secalert@redhat.com
109	http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1	secalert@redhat.com
110	http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1	secalert@redhat.com
111	http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1	secalert@redhat.com
112	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1	secalert@redhat.com
113	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1	secalert@redhat.com
114	http://support.apple.com/kb/HT4004	secalert@redhat.com
115	http://support.apple.com/kb/HT4170	secalert@redhat.com
116	http://support.apple.com/kb/HT4171	secalert@redhat.com
117	http://support.avaya.com/css/P8/documents/100070150	secalert@redhat.com
118	http://support.avaya.com/css/P8/documents/100081611	secalert@redhat.com
119	http://support.avaya.com/css/P8/documents/100114315	secalert@redhat.com
120	http://support.avaya.com/css/P8/documents/100114327	secalert@redhat.com
121	http://support.citrix.com/article/CTX123359	secalert@redhat.com
122	http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES	secalert@redhat.com
123	http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released	secalert@redhat.com
124	http://sysoev.ru/nginx/patch.cve-2009-3555.txt	secalert@redhat.com
125	http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html	secalert@redhat.com
126	http://ubuntu.com/usn/usn-923-1	secalert@redhat.com
127	http://wiki.rpath.com/Advisories:rPSA-2009-0155	secalert@redhat.com
128	http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848	secalert@redhat.com
129	http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054	secalert@redhat.com
130	http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055	secalert@redhat.com
131	http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247	secalert@redhat.com
132	http://www-01.ibm.com/support/docview.wss?uid=swg21426108	secalert@redhat.com
133	http://www-01.ibm.com/support/docview.wss?uid=swg21432298	secalert@redhat.com
134	http://www-01.ibm.com/support/docview.wss?uid=swg24006386	secalert@redhat.com
135	http://www-01.ibm.com/support/docview.wss?uid=swg24025312	secalert@redhat.com
136	http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only	secalert@redhat.com
137	http://www.arubanetworks.com/support/alerts/aid-020810.txt	secalert@redhat.com
138	http://www.betanews.com/article/1257452450	secalert@redhat.com
139	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml	secalert@redhat.com
140	http://www.debian.org/security/2009/dsa-1934	secalert@redhat.com
141	http://www.debian.org/security/2011/dsa-2141	secalert@redhat.com
142	http://www.debian.org/security/2015/dsa-3253	secalert@redhat.com
143	http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html	secalert@redhat.com
144	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html	secalert@redhat.com
145	http://www.ietf.org/mail-archive/web/tls/current/msg03928.html	secalert@redhat.com
146	http://www.ietf.org/mail-archive/web/tls/current/msg03948.html	secalert@redhat.com
147	http://www.ingate.com/Relnote.php?ver=481	secalert@redhat.com
148	http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995	secalert@redhat.com
149	http://www.kb.cert.org/vuls/id/120541	secalert@redhat.com
150	http://www.links.org/?p=780	secalert@redhat.com
151	http://www.links.org/?p=786	secalert@redhat.com
152	http://www.links.org/?p=789	secalert@redhat.com
153	http://www.mandriva.com/security/advisories?name=MDVSA-2010:076	secalert@redhat.com
154	http://www.mandriva.com/security/advisories?name=MDVSA-2010:084	secalert@redhat.com
155	http://www.mandriva.com/security/advisories?name=MDVSA-2010:089	secalert@redhat.com
156	http://www.mozilla.org/security/announce/2010/mfsa2010-22.html	secalert@redhat.com
157	http://www.openoffice.org/security/cves/CVE-2009-3555.html	secalert@redhat.com
158	http://www.openssl.org/news/secadv_20091111.txt	secalert@redhat.com
159	http://www.openwall.com/lists/oss-security/2009/11/05/3	secalert@redhat.com
160	http://www.openwall.com/lists/oss-security/2009/11/05/5	secalert@redhat.com
161	http://www.openwall.com/lists/oss-security/2009/11/06/3	secalert@redhat.com
162	http://www.openwall.com/lists/oss-security/2009/11/07/3	secalert@redhat.com
163	http://www.openwall.com/lists/oss-security/2009/11/20/1	secalert@redhat.com
164	http://www.openwall.com/lists/oss-security/2009/11/23/10	secalert@redhat.com
165	http://www.opera.com/docs/changelogs/unix/1060/	secalert@redhat.com
166	http://www.opera.com/support/search/view/944/	secalert@redhat.com
167	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html	secalert@redhat.com
168	http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html	secalert@redhat.com
169	http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html	secalert@redhat.com
170	http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c	secalert@redhat.com
171	http://www.redhat.com/support/errata/RHSA-2010-0119.html	secalert@redhat.com
172	http://www.redhat.com/support/errata/RHSA-2010-0130.html	secalert@redhat.com
173	http://www.redhat.com/support/errata/RHSA-2010-0155.html	secalert@redhat.com
174	http://www.redhat.com/support/errata/RHSA-2010-0165.html	secalert@redhat.com
175	http://www.redhat.com/support/errata/RHSA-2010-0167.html	secalert@redhat.com
176	http://www.redhat.com/support/errata/RHSA-2010-0337.html	secalert@redhat.com
177	http://www.redhat.com/support/errata/RHSA-2010-0338.html	secalert@redhat.com
178	http://www.redhat.com/support/errata/RHSA-2010-0339.html	secalert@redhat.com
179	http://www.redhat.com/support/errata/RHSA-2010-0768.html	secalert@redhat.com
180	http://www.redhat.com/support/errata/RHSA-2010-0770.html	secalert@redhat.com
181	http://www.redhat.com/support/errata/RHSA-2010-0786.html	secalert@redhat.com
182	http://www.redhat.com/support/errata/RHSA-2010-0807.html	secalert@redhat.com
183	http://www.redhat.com/support/errata/RHSA-2010-0865.html	secalert@redhat.com
184	http://www.redhat.com/support/errata/RHSA-2010-0986.html	secalert@redhat.com
185	http://www.redhat.com/support/errata/RHSA-2010-0987.html	secalert@redhat.com
186	http://www.redhat.com/support/errata/RHSA-2011-0880.html	secalert@redhat.com
187	http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html	secalert@redhat.com
188	http://www.securityfocus.com/archive/1/507952/100/0/threaded	secalert@redhat.com
189	http://www.securityfocus.com/archive/1/508075/100/0/threaded	secalert@redhat.com
190	http://www.securityfocus.com/archive/1/508130/100/0/threaded	secalert@redhat.com
191	http://www.securityfocus.com/archive/1/515055/100/0/threaded	secalert@redhat.com
192	http://www.securityfocus.com/archive/1/516397/100/0/threaded	secalert@redhat.com
193	http://www.securityfocus.com/archive/1/522176	secalert@redhat.com
194	http://www.securityfocus.com/bid/36935	secalert@redhat.com
195	http://www.securitytracker.com/id?1023163	secalert@redhat.com
196	http://www.securitytracker.com/id?1023204	secalert@redhat.com
197	http://www.securitytracker.com/id?1023205	secalert@redhat.com
198	http://www.securitytracker.com/id?1023206	secalert@redhat.com
199	http://www.securitytracker.com/id?1023207	secalert@redhat.com
200	http://www.securitytracker.com/id?1023208	secalert@redhat.com
201	http://www.securitytracker.com/id?1023209	secalert@redhat.com
202	http://www.securitytracker.com/id?1023210	secalert@redhat.com
203	http://www.securitytracker.com/id?1023211	secalert@redhat.com
204	http://www.securitytracker.com/id?1023212	secalert@redhat.com
205	http://www.securitytracker.com/id?1023213	secalert@redhat.com
206	http://www.securitytracker.com/id?1023214	secalert@redhat.com
207	http://www.securitytracker.com/id?1023215	secalert@redhat.com
208	http://www.securitytracker.com/id?1023216	secalert@redhat.com
209	http://www.securitytracker.com/id?1023217	secalert@redhat.com
210	http://www.securitytracker.com/id?1023218	secalert@redhat.com
211	http://www.securitytracker.com/id?1023219	secalert@redhat.com
212	http://www.securitytracker.com/id?1023224	secalert@redhat.com
213	http://www.securitytracker.com/id?1023243	secalert@redhat.com
214	http://www.securitytracker.com/id?1023270	secalert@redhat.com
215	http://www.securitytracker.com/id?1023271	secalert@redhat.com
216	http://www.securitytracker.com/id?1023272	secalert@redhat.com
217	http://www.securitytracker.com/id?1023273	secalert@redhat.com
218	http://www.securitytracker.com/id?1023274	secalert@redhat.com
219	http://www.securitytracker.com/id?1023275	secalert@redhat.com
220	http://www.securitytracker.com/id?1023411	secalert@redhat.com
221	http://www.securitytracker.com/id?1023426	secalert@redhat.com
222	http://www.securitytracker.com/id?1023427	secalert@redhat.com
223	http://www.securitytracker.com/id?1023428	secalert@redhat.com
224	http://www.securitytracker.com/id?1024789	secalert@redhat.com
225	http://www.tombom.co.uk/blog/?p=85	secalert@redhat.com
226	http://www.ubuntu.com/usn/USN-1010-1	secalert@redhat.com
227	http://www.ubuntu.com/usn/USN-927-1	secalert@redhat.com
228	http://www.ubuntu.com/usn/USN-927-4	secalert@redhat.com
229	http://www.ubuntu.com/usn/USN-927-5	secalert@redhat.com
230	http://www.us-cert.gov/cas/techalerts/TA10-222A.html	secalert@redhat.com
231	http://www.us-cert.gov/cas/techalerts/TA10-287A.html	secalert@redhat.com
232	http://www.vmware.com/security/advisories/VMSA-2010-0019.html	secalert@redhat.com
233	http://www.vmware.com/security/advisories/VMSA-2011-0003.html	secalert@redhat.com
234	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	secalert@redhat.com
235	http://www.vupen.com/english/advisories/2009/3164	secalert@redhat.com
236	http://www.vupen.com/english/advisories/2009/3165	secalert@redhat.com
237	http://www.vupen.com/english/advisories/2009/3205	secalert@redhat.com
238	http://www.vupen.com/english/advisories/2009/3220	secalert@redhat.com
239	http://www.vupen.com/english/advisories/2009/3310	secalert@redhat.com
240	http://www.vupen.com/english/advisories/2009/3313	secalert@redhat.com
241	http://www.vupen.com/english/advisories/2009/3353	secalert@redhat.com
242	http://www.vupen.com/english/advisories/2009/3354	secalert@redhat.com
243	http://www.vupen.com/english/advisories/2009/3484	secalert@redhat.com
244	http://www.vupen.com/english/advisories/2009/3521	secalert@redhat.com
245	http://www.vupen.com/english/advisories/2009/3587	secalert@redhat.com
246	http://www.vupen.com/english/advisories/2010/0086	secalert@redhat.com
247	http://www.vupen.com/english/advisories/2010/0173	secalert@redhat.com
248	http://www.vupen.com/english/advisories/2010/0748	secalert@redhat.com
249	http://www.vupen.com/english/advisories/2010/0848	secalert@redhat.com
250	http://www.vupen.com/english/advisories/2010/0916	secalert@redhat.com
251	http://www.vupen.com/english/advisories/2010/0933	secalert@redhat.com
252	http://www.vupen.com/english/advisories/2010/0982	secalert@redhat.com
253	http://www.vupen.com/english/advisories/2010/0994	secalert@redhat.com
254	http://www.vupen.com/english/advisories/2010/1054	secalert@redhat.com
255	http://www.vupen.com/english/advisories/2010/1107	secalert@redhat.com
256	http://www.vupen.com/english/advisories/2010/1191	secalert@redhat.com
257	http://www.vupen.com/english/advisories/2010/1350	secalert@redhat.com
258	http://www.vupen.com/english/advisories/2010/1639	secalert@redhat.com
259	http://www.vupen.com/english/advisories/2010/1673	secalert@redhat.com
260	http://www.vupen.com/english/advisories/2010/1793	secalert@redhat.com
261	http://www.vupen.com/english/advisories/2010/2010	secalert@redhat.com
262	http://www.vupen.com/english/advisories/2010/2745	secalert@redhat.com
263	http://www.vupen.com/english/advisories/2010/3069	secalert@redhat.com
264	http://www.vupen.com/english/advisories/2010/3086	secalert@redhat.com
265	http://www.vupen.com/english/advisories/2010/3126	secalert@redhat.com
266	http://www.vupen.com/english/advisories/2011/0032	secalert@redhat.com
267	http://www.vupen.com/english/advisories/2011/0033	secalert@redhat.com
268	http://www.vupen.com/english/advisories/2011/0086	secalert@redhat.com
269	http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html	secalert@redhat.com
270	https://bugzilla.mozilla.org/show_bug.cgi?id=526689	secalert@redhat.com
271	https://bugzilla.mozilla.org/show_bug.cgi?id=545755	secalert@redhat.com
272	https://bugzilla.redhat.com/show_bug.cgi?id=533125	secalert@redhat.com
273	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049	secalert@redhat.com
274	https://exchange.xforce.ibmcloud.com/vulnerabilities/54158	secalert@redhat.com
275	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888	secalert@redhat.com
276	https://kb.bluecoat.com/index?page=content&id=SA50	secalert@redhat.com
277	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
278	https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
279	https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
280	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
281	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088	secalert@redhat.com
282	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578	secalert@redhat.com
283	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617	secalert@redhat.com
284	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315	secalert@redhat.com
285	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478	secalert@redhat.com
286	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973	secalert@redhat.com
287	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366	secalert@redhat.com
288	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535	secalert@redhat.com
289	https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html	secalert@redhat.com
290	https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt	secalert@redhat.com
291	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html	secalert@redhat.com
292	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html	secalert@redhat.com
293	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html	secalert@redhat.com
294	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html	secalert@redhat.com
295	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html	secalert@redhat.com
296	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html	secalert@redhat.com
297	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html	secalert@redhat.com
298	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html	secalert@redhat.com
299	http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html	af854a3a-2127-422b-91ae-364da2661108
300	http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html	af854a3a-2127-422b-91ae-364da2661108
301	http://blogs.iss.net/archive/sslmitmiscsrf.html	af854a3a-2127-422b-91ae-364da2661108
302	http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during	af854a3a-2127-422b-91ae-364da2661108
303	http://clicky.me/tlsvuln	af854a3a-2127-422b-91ae-364da2661108
304	http://extendedsubset.com/?p=8	af854a3a-2127-422b-91ae-364da2661108
305	http://extendedsubset.com/Renegotiating_TLS.pdf	af854a3a-2127-422b-91ae-364da2661108
306	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686	af854a3a-2127-422b-91ae-364da2661108
307	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041	af854a3a-2127-422b-91ae-364da2661108
308	http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751	af854a3a-2127-422b-91ae-364da2661108
309	http://kbase.redhat.com/faq/docs/DOC-20491	af854a3a-2127-422b-91ae-364da2661108
310	http://lists.apple.com/archives/security-announce/2010//May/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
311	http://lists.apple.com/archives/security-announce/2010//May/msg00002.html	af854a3a-2127-422b-91ae-364da2661108
312	http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html	af854a3a-2127-422b-91ae-364da2661108
313	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html	af854a3a-2127-422b-91ae-364da2661108
314	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html	af854a3a-2127-422b-91ae-364da2661108
315	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html	af854a3a-2127-422b-91ae-364da2661108
316	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html	af854a3a-2127-422b-91ae-364da2661108
317	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html	af854a3a-2127-422b-91ae-364da2661108
318	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html	af854a3a-2127-422b-91ae-364da2661108
319	http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html	af854a3a-2127-422b-91ae-364da2661108
320	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html	af854a3a-2127-422b-91ae-364da2661108
321	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
322	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
323	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html	af854a3a-2127-422b-91ae-364da2661108
324	http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
325	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	af854a3a-2127-422b-91ae-364da2661108
326	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html	af854a3a-2127-422b-91ae-364da2661108
327	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html	af854a3a-2127-422b-91ae-364da2661108
328	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html	af854a3a-2127-422b-91ae-364da2661108
329	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html	af854a3a-2127-422b-91ae-364da2661108
330	http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2	af854a3a-2127-422b-91ae-364da2661108
331	http://marc.info/?l=bugtraq&m=126150535619567&w=2	af854a3a-2127-422b-91ae-364da2661108
332	http://marc.info/?l=bugtraq&m=127128920008563&w=2	af854a3a-2127-422b-91ae-364da2661108
333	http://marc.info/?l=bugtraq&m=127419602507642&w=2	af854a3a-2127-422b-91ae-364da2661108
334	http://marc.info/?l=bugtraq&m=127557596201693&w=2	af854a3a-2127-422b-91ae-364da2661108
335	http://marc.info/?l=bugtraq&m=130497311408250&w=2	af854a3a-2127-422b-91ae-364da2661108
336	http://marc.info/?l=bugtraq&m=132077688910227&w=2	af854a3a-2127-422b-91ae-364da2661108
337	http://marc.info/?l=bugtraq&m=133469267822771&w=2	af854a3a-2127-422b-91ae-364da2661108
338	http://marc.info/?l=bugtraq&m=134254866602253&w=2	af854a3a-2127-422b-91ae-364da2661108
339	http://marc.info/?l=bugtraq&m=142660345230545&w=2	af854a3a-2127-422b-91ae-364da2661108
340	http://marc.info/?l=cryptography&m=125752275331877&w=2	af854a3a-2127-422b-91ae-364da2661108
341	http://openbsd.org/errata45.html#010_openssl	af854a3a-2127-422b-91ae-364da2661108
342	http://openbsd.org/errata46.html#004_openssl	af854a3a-2127-422b-91ae-364da2661108
343	http://osvdb.org/60521	af854a3a-2127-422b-91ae-364da2661108
344	http://osvdb.org/60972	af854a3a-2127-422b-91ae-364da2661108
345	http://osvdb.org/62210	af854a3a-2127-422b-91ae-364da2661108
346	http://osvdb.org/65202	af854a3a-2127-422b-91ae-364da2661108
347	http://seclists.org/fulldisclosure/2009/Nov/139	af854a3a-2127-422b-91ae-364da2661108
348	http://secunia.com/advisories/37291	af854a3a-2127-422b-91ae-364da2661108
349	http://secunia.com/advisories/37292	af854a3a-2127-422b-91ae-364da2661108
350	http://secunia.com/advisories/37320	af854a3a-2127-422b-91ae-364da2661108
351	http://secunia.com/advisories/37383	af854a3a-2127-422b-91ae-364da2661108
352	http://secunia.com/advisories/37399	af854a3a-2127-422b-91ae-364da2661108
353	http://secunia.com/advisories/37453	af854a3a-2127-422b-91ae-364da2661108
354	http://secunia.com/advisories/37501	af854a3a-2127-422b-91ae-364da2661108
355	http://secunia.com/advisories/37504	af854a3a-2127-422b-91ae-364da2661108
356	http://secunia.com/advisories/37604	af854a3a-2127-422b-91ae-364da2661108
357	http://secunia.com/advisories/37640	af854a3a-2127-422b-91ae-364da2661108
358	http://secunia.com/advisories/37656	af854a3a-2127-422b-91ae-364da2661108
359	http://secunia.com/advisories/37675	af854a3a-2127-422b-91ae-364da2661108
360	http://secunia.com/advisories/37859	af854a3a-2127-422b-91ae-364da2661108
361	http://secunia.com/advisories/38003	af854a3a-2127-422b-91ae-364da2661108
362	http://secunia.com/advisories/38020	af854a3a-2127-422b-91ae-364da2661108
363	http://secunia.com/advisories/38056	af854a3a-2127-422b-91ae-364da2661108
364	http://secunia.com/advisories/38241	af854a3a-2127-422b-91ae-364da2661108
365	http://secunia.com/advisories/38484	af854a3a-2127-422b-91ae-364da2661108
366	http://secunia.com/advisories/38687	af854a3a-2127-422b-91ae-364da2661108
367	http://secunia.com/advisories/38781	af854a3a-2127-422b-91ae-364da2661108
368	http://secunia.com/advisories/39127	af854a3a-2127-422b-91ae-364da2661108
369	http://secunia.com/advisories/39136	af854a3a-2127-422b-91ae-364da2661108
370	http://secunia.com/advisories/39242	af854a3a-2127-422b-91ae-364da2661108
371	http://secunia.com/advisories/39243	af854a3a-2127-422b-91ae-364da2661108
372	http://secunia.com/advisories/39278	af854a3a-2127-422b-91ae-364da2661108
373	http://secunia.com/advisories/39292	af854a3a-2127-422b-91ae-364da2661108
374	http://secunia.com/advisories/39317	af854a3a-2127-422b-91ae-364da2661108
375	http://secunia.com/advisories/39461	af854a3a-2127-422b-91ae-364da2661108
376	http://secunia.com/advisories/39500	af854a3a-2127-422b-91ae-364da2661108
377	http://secunia.com/advisories/39628	af854a3a-2127-422b-91ae-364da2661108
378	http://secunia.com/advisories/39632	af854a3a-2127-422b-91ae-364da2661108
379	http://secunia.com/advisories/39713	af854a3a-2127-422b-91ae-364da2661108
380	http://secunia.com/advisories/39819	af854a3a-2127-422b-91ae-364da2661108
381	http://secunia.com/advisories/40070	af854a3a-2127-422b-91ae-364da2661108
382	http://secunia.com/advisories/40545	af854a3a-2127-422b-91ae-364da2661108
383	http://secunia.com/advisories/40747	af854a3a-2127-422b-91ae-364da2661108
384	http://secunia.com/advisories/40866	af854a3a-2127-422b-91ae-364da2661108
385	http://secunia.com/advisories/41480	af854a3a-2127-422b-91ae-364da2661108
386	http://secunia.com/advisories/41490	af854a3a-2127-422b-91ae-364da2661108
387	http://secunia.com/advisories/41818	af854a3a-2127-422b-91ae-364da2661108
388	http://secunia.com/advisories/41967	af854a3a-2127-422b-91ae-364da2661108
389	http://secunia.com/advisories/41972	af854a3a-2127-422b-91ae-364da2661108
390	http://secunia.com/advisories/42377	af854a3a-2127-422b-91ae-364da2661108
391	http://secunia.com/advisories/42379	af854a3a-2127-422b-91ae-364da2661108
392	http://secunia.com/advisories/42467	af854a3a-2127-422b-91ae-364da2661108
393	http://secunia.com/advisories/42724	af854a3a-2127-422b-91ae-364da2661108
394	http://secunia.com/advisories/42733	af854a3a-2127-422b-91ae-364da2661108
395	http://secunia.com/advisories/42808	af854a3a-2127-422b-91ae-364da2661108
396	http://secunia.com/advisories/42811	af854a3a-2127-422b-91ae-364da2661108
397	http://secunia.com/advisories/42816	af854a3a-2127-422b-91ae-364da2661108
398	http://secunia.com/advisories/43308	af854a3a-2127-422b-91ae-364da2661108
399	http://secunia.com/advisories/44183	af854a3a-2127-422b-91ae-364da2661108
400	http://secunia.com/advisories/44954	af854a3a-2127-422b-91ae-364da2661108
401	http://secunia.com/advisories/48577	af854a3a-2127-422b-91ae-364da2661108
402	http://security.gentoo.org/glsa/glsa-200912-01.xml	af854a3a-2127-422b-91ae-364da2661108
403	http://security.gentoo.org/glsa/glsa-201203-22.xml	af854a3a-2127-422b-91ae-364da2661108
404	http://security.gentoo.org/glsa/glsa-201406-32.xml	af854a3a-2127-422b-91ae-364da2661108
405	http://securitytracker.com/id?1023148	af854a3a-2127-422b-91ae-364da2661108
406	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446	af854a3a-2127-422b-91ae-364da2661108
407	http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1	af854a3a-2127-422b-91ae-364da2661108
408	http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1	af854a3a-2127-422b-91ae-364da2661108
409	http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1	af854a3a-2127-422b-91ae-364da2661108
410	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1	af854a3a-2127-422b-91ae-364da2661108
411	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1	af854a3a-2127-422b-91ae-364da2661108
412	http://support.apple.com/kb/HT4004	af854a3a-2127-422b-91ae-364da2661108
413	http://support.apple.com/kb/HT4170	af854a3a-2127-422b-91ae-364da2661108
414	http://support.apple.com/kb/HT4171	af854a3a-2127-422b-91ae-364da2661108
415	http://support.avaya.com/css/P8/documents/100070150	af854a3a-2127-422b-91ae-364da2661108
416	http://support.avaya.com/css/P8/documents/100081611	af854a3a-2127-422b-91ae-364da2661108
417	http://support.avaya.com/css/P8/documents/100114315	af854a3a-2127-422b-91ae-364da2661108
418	http://support.avaya.com/css/P8/documents/100114327	af854a3a-2127-422b-91ae-364da2661108
419	http://support.citrix.com/article/CTX123359	af854a3a-2127-422b-91ae-364da2661108
420	http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES	af854a3a-2127-422b-91ae-364da2661108
421	http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released	af854a3a-2127-422b-91ae-364da2661108
422	http://sysoev.ru/nginx/patch.cve-2009-3555.txt	af854a3a-2127-422b-91ae-364da2661108
423	http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html	af854a3a-2127-422b-91ae-364da2661108
424	http://ubuntu.com/usn/usn-923-1	af854a3a-2127-422b-91ae-364da2661108
425	http://wiki.rpath.com/Advisories:rPSA-2009-0155	af854a3a-2127-422b-91ae-364da2661108
426	http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848	af854a3a-2127-422b-91ae-364da2661108
427	http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054	af854a3a-2127-422b-91ae-364da2661108
428	http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055	af854a3a-2127-422b-91ae-364da2661108
429	http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247	af854a3a-2127-422b-91ae-364da2661108
430	http://www-01.ibm.com/support/docview.wss?uid=swg21426108	af854a3a-2127-422b-91ae-364da2661108
431	http://www-01.ibm.com/support/docview.wss?uid=swg21432298	af854a3a-2127-422b-91ae-364da2661108
432	http://www-01.ibm.com/support/docview.wss?uid=swg24006386	af854a3a-2127-422b-91ae-364da2661108
433	http://www-01.ibm.com/support/docview.wss?uid=swg24025312	af854a3a-2127-422b-91ae-364da2661108
434	http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only	af854a3a-2127-422b-91ae-364da2661108
435	http://www.arubanetworks.com/support/alerts/aid-020810.txt	af854a3a-2127-422b-91ae-364da2661108
436	http://www.betanews.com/article/1257452450	af854a3a-2127-422b-91ae-364da2661108
437	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml	af854a3a-2127-422b-91ae-364da2661108
438	http://www.debian.org/security/2009/dsa-1934	af854a3a-2127-422b-91ae-364da2661108
439	http://www.debian.org/security/2011/dsa-2141	af854a3a-2127-422b-91ae-364da2661108
440	http://www.debian.org/security/2015/dsa-3253	af854a3a-2127-422b-91ae-364da2661108
441	http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html	af854a3a-2127-422b-91ae-364da2661108
442	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html	af854a3a-2127-422b-91ae-364da2661108
443	http://www.ietf.org/mail-archive/web/tls/current/msg03928.html	af854a3a-2127-422b-91ae-364da2661108
444	http://www.ietf.org/mail-archive/web/tls/current/msg03948.html	af854a3a-2127-422b-91ae-364da2661108
445	http://www.ingate.com/Relnote.php?ver=481	af854a3a-2127-422b-91ae-364da2661108
446	http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995	af854a3a-2127-422b-91ae-364da2661108
447	http://www.kb.cert.org/vuls/id/120541	af854a3a-2127-422b-91ae-364da2661108
448	http://www.links.org/?p=780	af854a3a-2127-422b-91ae-364da2661108
449	http://www.links.org/?p=786	af854a3a-2127-422b-91ae-364da2661108
450	http://www.links.org/?p=789	af854a3a-2127-422b-91ae-364da2661108
451	http://www.mandriva.com/security/advisories?name=MDVSA-2010:076	af854a3a-2127-422b-91ae-364da2661108
452	http://www.mandriva.com/security/advisories?name=MDVSA-2010:084	af854a3a-2127-422b-91ae-364da2661108
453	http://www.mandriva.com/security/advisories?name=MDVSA-2010:089	af854a3a-2127-422b-91ae-364da2661108
454	http://www.mozilla.org/security/announce/2010/mfsa2010-22.html	af854a3a-2127-422b-91ae-364da2661108
455	http://www.openoffice.org/security/cves/CVE-2009-3555.html	af854a3a-2127-422b-91ae-364da2661108
456	http://www.openssl.org/news/secadv_20091111.txt	af854a3a-2127-422b-91ae-364da2661108
457	http://www.openwall.com/lists/oss-security/2009/11/05/3	af854a3a-2127-422b-91ae-364da2661108
458	http://www.openwall.com/lists/oss-security/2009/11/05/5	af854a3a-2127-422b-91ae-364da2661108
459	http://www.openwall.com/lists/oss-security/2009/11/06/3	af854a3a-2127-422b-91ae-364da2661108
460	http://www.openwall.com/lists/oss-security/2009/11/07/3	af854a3a-2127-422b-91ae-364da2661108
461	http://www.openwall.com/lists/oss-security/2009/11/20/1	af854a3a-2127-422b-91ae-364da2661108
462	http://www.openwall.com/lists/oss-security/2009/11/23/10	af854a3a-2127-422b-91ae-364da2661108
463	http://www.opera.com/docs/changelogs/unix/1060/	af854a3a-2127-422b-91ae-364da2661108
464	http://www.opera.com/support/search/view/944/	af854a3a-2127-422b-91ae-364da2661108
465	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html	af854a3a-2127-422b-91ae-364da2661108
466	http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html	af854a3a-2127-422b-91ae-364da2661108
467	http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html	af854a3a-2127-422b-91ae-364da2661108
468	http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c	af854a3a-2127-422b-91ae-364da2661108
469	http://www.redhat.com/support/errata/RHSA-2010-0119.html	af854a3a-2127-422b-91ae-364da2661108
470	http://www.redhat.com/support/errata/RHSA-2010-0130.html	af854a3a-2127-422b-91ae-364da2661108
471	http://www.redhat.com/support/errata/RHSA-2010-0155.html	af854a3a-2127-422b-91ae-364da2661108
472	http://www.redhat.com/support/errata/RHSA-2010-0165.html	af854a3a-2127-422b-91ae-364da2661108
473	http://www.redhat.com/support/errata/RHSA-2010-0167.html	af854a3a-2127-422b-91ae-364da2661108
474	http://www.redhat.com/support/errata/RHSA-2010-0337.html	af854a3a-2127-422b-91ae-364da2661108
475	http://www.redhat.com/support/errata/RHSA-2010-0338.html	af854a3a-2127-422b-91ae-364da2661108
476	http://www.redhat.com/support/errata/RHSA-2010-0339.html	af854a3a-2127-422b-91ae-364da2661108
477	http://www.redhat.com/support/errata/RHSA-2010-0768.html	af854a3a-2127-422b-91ae-364da2661108
478	http://www.redhat.com/support/errata/RHSA-2010-0770.html	af854a3a-2127-422b-91ae-364da2661108
479	http://www.redhat.com/support/errata/RHSA-2010-0786.html	af854a3a-2127-422b-91ae-364da2661108
480	http://www.redhat.com/support/errata/RHSA-2010-0807.html	af854a3a-2127-422b-91ae-364da2661108
481	http://www.redhat.com/support/errata/RHSA-2010-0865.html	af854a3a-2127-422b-91ae-364da2661108
482	http://www.redhat.com/support/errata/RHSA-2010-0986.html	af854a3a-2127-422b-91ae-364da2661108
483	http://www.redhat.com/support/errata/RHSA-2010-0987.html	af854a3a-2127-422b-91ae-364da2661108
484	http://www.redhat.com/support/errata/RHSA-2011-0880.html	af854a3a-2127-422b-91ae-364da2661108
485	http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html	af854a3a-2127-422b-91ae-364da2661108
486	http://www.securityfocus.com/archive/1/507952/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
487	http://www.securityfocus.com/archive/1/508075/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
488	http://www.securityfocus.com/archive/1/508130/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
489	http://www.securityfocus.com/archive/1/515055/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
490	http://www.securityfocus.com/archive/1/516397/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
491	http://www.securityfocus.com/archive/1/522176	af854a3a-2127-422b-91ae-364da2661108
492	http://www.securityfocus.com/bid/36935	af854a3a-2127-422b-91ae-364da2661108
493	http://www.securitytracker.com/id?1023163	af854a3a-2127-422b-91ae-364da2661108
494	http://www.securitytracker.com/id?1023204	af854a3a-2127-422b-91ae-364da2661108
495	http://www.securitytracker.com/id?1023205	af854a3a-2127-422b-91ae-364da2661108
496	http://www.securitytracker.com/id?1023206	af854a3a-2127-422b-91ae-364da2661108
497	http://www.securitytracker.com/id?1023207	af854a3a-2127-422b-91ae-364da2661108
498	http://www.securitytracker.com/id?1023208	af854a3a-2127-422b-91ae-364da2661108
499	http://www.securitytracker.com/id?1023209	af854a3a-2127-422b-91ae-364da2661108
500	http://www.securitytracker.com/id?1023210	af854a3a-2127-422b-91ae-364da2661108
501	http://www.securitytracker.com/id?1023211	af854a3a-2127-422b-91ae-364da2661108
502	http://www.securitytracker.com/id?1023212	af854a3a-2127-422b-91ae-364da2661108
503	http://www.securitytracker.com/id?1023213	af854a3a-2127-422b-91ae-364da2661108
504	http://www.securitytracker.com/id?1023214	af854a3a-2127-422b-91ae-364da2661108
505	http://www.securitytracker.com/id?1023215	af854a3a-2127-422b-91ae-364da2661108
506	http://www.securitytracker.com/id?1023216	af854a3a-2127-422b-91ae-364da2661108
507	http://www.securitytracker.com/id?1023217	af854a3a-2127-422b-91ae-364da2661108
508	http://www.securitytracker.com/id?1023218	af854a3a-2127-422b-91ae-364da2661108
509	http://www.securitytracker.com/id?1023219	af854a3a-2127-422b-91ae-364da2661108
510	http://www.securitytracker.com/id?1023224	af854a3a-2127-422b-91ae-364da2661108
511	http://www.securitytracker.com/id?1023243	af854a3a-2127-422b-91ae-364da2661108
512	http://www.securitytracker.com/id?1023270	af854a3a-2127-422b-91ae-364da2661108
513	http://www.securitytracker.com/id?1023271	af854a3a-2127-422b-91ae-364da2661108
514	http://www.securitytracker.com/id?1023272	af854a3a-2127-422b-91ae-364da2661108
515	http://www.securitytracker.com/id?1023273	af854a3a-2127-422b-91ae-364da2661108
516	http://www.securitytracker.com/id?1023274	af854a3a-2127-422b-91ae-364da2661108
517	http://www.securitytracker.com/id?1023275	af854a3a-2127-422b-91ae-364da2661108
518	http://www.securitytracker.com/id?1023411	af854a3a-2127-422b-91ae-364da2661108
519	http://www.securitytracker.com/id?1023426	af854a3a-2127-422b-91ae-364da2661108
520	http://www.securitytracker.com/id?1023427	af854a3a-2127-422b-91ae-364da2661108
521	http://www.securitytracker.com/id?1023428	af854a3a-2127-422b-91ae-364da2661108
522	http://www.securitytracker.com/id?1024789	af854a3a-2127-422b-91ae-364da2661108
523	http://www.tombom.co.uk/blog/?p=85	af854a3a-2127-422b-91ae-364da2661108
524	http://www.ubuntu.com/usn/USN-1010-1	af854a3a-2127-422b-91ae-364da2661108
525	http://www.ubuntu.com/usn/USN-927-1	af854a3a-2127-422b-91ae-364da2661108
526	http://www.ubuntu.com/usn/USN-927-4	af854a3a-2127-422b-91ae-364da2661108
527	http://www.ubuntu.com/usn/USN-927-5	af854a3a-2127-422b-91ae-364da2661108
528	http://www.us-cert.gov/cas/techalerts/TA10-222A.html	af854a3a-2127-422b-91ae-364da2661108
529	http://www.us-cert.gov/cas/techalerts/TA10-287A.html	af854a3a-2127-422b-91ae-364da2661108
530	http://www.vmware.com/security/advisories/VMSA-2010-0019.html	af854a3a-2127-422b-91ae-364da2661108
531	http://www.vmware.com/security/advisories/VMSA-2011-0003.html	af854a3a-2127-422b-91ae-364da2661108
532	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	af854a3a-2127-422b-91ae-364da2661108
533	http://www.vupen.com/english/advisories/2009/3164	af854a3a-2127-422b-91ae-364da2661108
534	http://www.vupen.com/english/advisories/2009/3165	af854a3a-2127-422b-91ae-364da2661108
535	http://www.vupen.com/english/advisories/2009/3205	af854a3a-2127-422b-91ae-364da2661108
536	http://www.vupen.com/english/advisories/2009/3220	af854a3a-2127-422b-91ae-364da2661108
537	http://www.vupen.com/english/advisories/2009/3310	af854a3a-2127-422b-91ae-364da2661108
538	http://www.vupen.com/english/advisories/2009/3313	af854a3a-2127-422b-91ae-364da2661108
539	http://www.vupen.com/english/advisories/2009/3353	af854a3a-2127-422b-91ae-364da2661108
540	http://www.vupen.com/english/advisories/2009/3354	af854a3a-2127-422b-91ae-364da2661108
541	http://www.vupen.com/english/advisories/2009/3484	af854a3a-2127-422b-91ae-364da2661108
542	http://www.vupen.com/english/advisories/2009/3521	af854a3a-2127-422b-91ae-364da2661108
543	http://www.vupen.com/english/advisories/2009/3587	af854a3a-2127-422b-91ae-364da2661108
544	http://www.vupen.com/english/advisories/2010/0086	af854a3a-2127-422b-91ae-364da2661108
545	http://www.vupen.com/english/advisories/2010/0173	af854a3a-2127-422b-91ae-364da2661108
546	http://www.vupen.com/english/advisories/2010/0748	af854a3a-2127-422b-91ae-364da2661108
547	http://www.vupen.com/english/advisories/2010/0848	af854a3a-2127-422b-91ae-364da2661108
548	http://www.vupen.com/english/advisories/2010/0916	af854a3a-2127-422b-91ae-364da2661108
549	http://www.vupen.com/english/advisories/2010/0933	af854a3a-2127-422b-91ae-364da2661108
550	http://www.vupen.com/english/advisories/2010/0982	af854a3a-2127-422b-91ae-364da2661108
551	http://www.vupen.com/english/advisories/2010/0994	af854a3a-2127-422b-91ae-364da2661108
552	http://www.vupen.com/english/advisories/2010/1054	af854a3a-2127-422b-91ae-364da2661108
553	http://www.vupen.com/english/advisories/2010/1107	af854a3a-2127-422b-91ae-364da2661108
554	http://www.vupen.com/english/advisories/2010/1191	af854a3a-2127-422b-91ae-364da2661108
555	http://www.vupen.com/english/advisories/2010/1350	af854a3a-2127-422b-91ae-364da2661108
556	http://www.vupen.com/english/advisories/2010/1639	af854a3a-2127-422b-91ae-364da2661108
557	http://www.vupen.com/english/advisories/2010/1673	af854a3a-2127-422b-91ae-364da2661108
558	http://www.vupen.com/english/advisories/2010/1793	af854a3a-2127-422b-91ae-364da2661108
559	http://www.vupen.com/english/advisories/2010/2010	af854a3a-2127-422b-91ae-364da2661108
560	http://www.vupen.com/english/advisories/2010/2745	af854a3a-2127-422b-91ae-364da2661108
561	http://www.vupen.com/english/advisories/2010/3069	af854a3a-2127-422b-91ae-364da2661108
562	http://www.vupen.com/english/advisories/2010/3086	af854a3a-2127-422b-91ae-364da2661108
563	http://www.vupen.com/english/advisories/2010/3126	af854a3a-2127-422b-91ae-364da2661108
564	http://www.vupen.com/english/advisories/2011/0032	af854a3a-2127-422b-91ae-364da2661108
565	http://www.vupen.com/english/advisories/2011/0033	af854a3a-2127-422b-91ae-364da2661108
566	http://www.vupen.com/english/advisories/2011/0086	af854a3a-2127-422b-91ae-364da2661108
567	http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html	af854a3a-2127-422b-91ae-364da2661108
568	https://bugzilla.mozilla.org/show_bug.cgi?id=526689	af854a3a-2127-422b-91ae-364da2661108
569	https://bugzilla.mozilla.org/show_bug.cgi?id=545755	af854a3a-2127-422b-91ae-364da2661108
570	https://bugzilla.redhat.com/show_bug.cgi?id=533125	af854a3a-2127-422b-91ae-364da2661108
571	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049	af854a3a-2127-422b-91ae-364da2661108
572	https://exchange.xforce.ibmcloud.com/vulnerabilities/54158	af854a3a-2127-422b-91ae-364da2661108
573	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888	af854a3a-2127-422b-91ae-364da2661108
574	https://kb.bluecoat.com/index?page=content&id=SA50	af854a3a-2127-422b-91ae-364da2661108
575	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
576	https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
577	https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
578	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
579	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088	af854a3a-2127-422b-91ae-364da2661108
580	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578	af854a3a-2127-422b-91ae-364da2661108
581	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617	af854a3a-2127-422b-91ae-364da2661108
582	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315	af854a3a-2127-422b-91ae-364da2661108
583	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478	af854a3a-2127-422b-91ae-364da2661108
584	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973	af854a3a-2127-422b-91ae-364da2661108
585	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366	af854a3a-2127-422b-91ae-364da2661108
586	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535	af854a3a-2127-422b-91ae-364da2661108
587	https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html	af854a3a-2127-422b-91ae-364da2661108
588	https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt	af854a3a-2127-422b-91ae-364da2661108
589	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html	af854a3a-2127-422b-91ae-364da2661108
590	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html	af854a3a-2127-422b-91ae-364da2661108
591	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html	af854a3a-2127-422b-91ae-364da2661108
592	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html	af854a3a-2127-422b-91ae-364da2661108
593	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html	af854a3a-2127-422b-91ae-364da2661108
594	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html	af854a3a-2127-422b-91ae-364da2661108
595	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html	af854a3a-2127-422b-91ae-364da2661108
596	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-295	不正な証明書検証	https://cwe.mitre.org/data/definitions/295.html

JVN Vulnerability Information

SSL および TLS プロトコルに脆弱性

Title	SSL および TLS プロトコルに脆弱性
Summary	Secure Sockets Layer (SSL) および Transport Layer Security (TLS) プロトコルには、renegotiation 機能に脆弱性が存在します。 Secure Sockets Layer (SSL) および Transport Layer Security (TLS) は、通信の暗号化および認証などの機能を提供するプロトコルです。 SSL および TLS プロトコルには、renegotiation 機能に起因する脆弱性が存在します。
Possible impacts	ユーザとサーバの通信を中継可能な第三者が、特定の条件において通信データの先頭に任意のデータを挿入することが可能です。結果として、攻撃者が挿入した HTTP リクエストをサーバに送信されるなどの可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Nov. 12, 2009, midnight
Registration Date	Dec. 14, 2009, 12:32 p.m.
Last Update	Sept. 8, 2016, 5:10 p.m.

Affected System

サン・マイクロシステムズ

JDK 5.0 Update 25 およびそれ以前

JDK 6 Update 21 およびそれ以前

JRE 1.4.2_27 およびそれ以前

JRE 5.0 Update 25 およびそれ以前

JRE 6 Update 21 およびそれ以前

OpenSolaris (sparc)

OpenSolaris (x86)

SDK 1.4.2_27 およびそれ以前

Sun GlassFish Enterprise Server v2.1.1

Sun Java Enterprise System 2005Q4

Sun Java Enterprise System 5

Sun Java System Application Server 8.0

Sun Java System Application Server 8.1

Sun Java System Application Server 8.2

Sun Java System Web Proxy Server 4.0 - 4.0.12

Sun Java System Web Server 6.1

Sun Java System Web Server 7.0

Sun Solaris 10 (sparc)

Sun Solaris 10 (x86)

Sun Solaris 8 (sparc)

Sun Solaris 8 (x86)

Sun Solaris 9 (sparc)

Sun Solaris 9 (x86)

マイクロソフト

Microsoft Windows 2000

Microsoft Windows 7 (x32)

Microsoft Windows 7 (x64)

Microsoft Windows Server 2003

Microsoft Windows Server 2003 (itanium)

Microsoft Windows Server 2003 (x64)

Microsoft Windows Server 2008 (itanium)

Microsoft Windows Server 2008 (x64)

Microsoft Windows Server 2008 (x86)

Microsoft Windows Server 2008 r2(itanium)

Microsoft Windows Server 2008 r2(x64)

Microsoft Windows Vista

Microsoft Windows Vista (x64)

Microsoft Windows XP (x64)

Microsoft Windows XP sp3

レッドハット

Red Hat Enterprise Linux 3 (as)

Red Hat Enterprise Linux 3 (es)

Red Hat Enterprise Linux 3 (ws)

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 3.0

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 5.0 (client)

Red Hat Enterprise Linux Desktop 6

Red Hat Enterprise Linux EUS 5.4.z (server)

Red Hat Enterprise Linux Extras 3 extras

Red Hat Enterprise Linux Extras 4 extras

Red Hat Enterprise Linux Extras 4.7.z extras

Red Hat Enterprise Linux Extras 4.8.z extras

Red Hat Enterprise Linux HPC Node 6

Red Hat Enterprise Linux HPC Node Supplementary 6

Red Hat Enterprise Linux Server 6

Red Hat Enterprise Linux Server Supplementary 6

Red Hat Enterprise Linux Workstation 6

Red Hat Enterprise Linux Workstation Supplementary 6

RHEL Desktop Supplementary 5 (client)

RHEL Desktop Supplementary 6

RHEL Desktop Workstation 5 (client)

RHEL Supplementary 5 (server)

RHEL Supplementary EUS 5.2.z (server)

RHEL Supplementary EUS 5.3.z (server)

RHEL Supplementary EUS 5.4.z (server)

ヒューレット・パッカード

HP Systems Insight Manager 7.0 未満

HP Virtual Connect 8Gb 24ポートファイバーチャネルモジュール 3.00 未満 (VC (バーチャルコネクト) 4.40 未満)

HP-UX 11.11

HP-UX 11.23

HP-UX 11.31

Apache Software Foundation

Apache HTTP Server 2.2.15 未満

Apache HTTP Server 2.3.6 未満

ProFTPD Project

ProFTPD 1.3.2c 未満

オラクル

OpenSolaris

Oracle Database Server 10.1.0.5

Oracle Database Server 10.2.0.3

Oracle Database Server 10.2.0.4

Oracle Database Server 10.2.0.5

Oracle Database Server 11.1.0.7

Oracle Database Server 11.2.0.1

Oracle Database Server 11.2.0.2

Oracle Fusion Middleware 10.0 MP2

Oracle Fusion Middleware 10.0.2

Oracle Fusion Middleware 10.1.2.3

Oracle Fusion Middleware 10.1.3.5

Oracle Fusion Middleware 10.1.4.0.1

Oracle Fusion Middleware 10.1.4.3

Oracle Fusion Middleware 10.3.2

Oracle Fusion Middleware 10.3.3

Oracle Fusion Middleware 11.1.1.2.0

Oracle Fusion Middleware 11.1.1.3.0

Oracle Fusion Middleware 7.0 SP7

Oracle Fusion Middleware 8.1 SP6

Oracle Fusion Middleware 8.1.6

Oracle Fusion Middleware 9.0

Oracle Fusion Middleware 9.1

Oracle Fusion Middleware 9.2 MP3

Oracle Fusion Middleware 9.2.3

Oracle Fusion Middleware 9.2.4

Oracle Solaris 10

IBM

IBM DB2 9.1 FP9 未満

IBM DB2 9.5 FP6a 未満

IBM DB2 9.7 FP2 未満

IBM HTTP Server 2.0.47.x

IBM HTTP Server 6.0.2

IBM HTTP Server 6.1

IBM HTTP Server 7.0

IBM SDK, 1.4.2

IBM SDK, 1.5

IBM WebSphere Application Server 6.0.2

IBM WebSphere Application Server 6.1

IBM WebSphere Application Server 7.0

OpenSSL Project

OpenSSL 0.9.8l 未満

サイベース

SAP Sybase Adaptive Server Enterprise

Mozilla Foundation

Mozilla Firefox 3.5.9 未満

Mozilla Firefox 3.6.2 未満

Mozilla SeaMonkey 2.0.4 未満

Mozilla Thunderbird 3.0.4 未満

ターボリナックス

Turbolinux Appliance Server 2.0

Turbolinux Appliance Server 3.0

Turbolinux Appliance Server 3.0 (x64)

Turbolinux Client 2008

Turbolinux FUJI (延長メンテナンス)

Turbolinux Server 10 (延長メンテナンス)

Turbolinux Server 10 (x64) (延長メンテナンス)

Turbolinux Server 11

Turbolinux Server 11 (x64)

サイバートラスト株式会社

Asianux Server 4.0

Asianux Server 4.0 (x86-64)

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

アップル

Apple Mac OS X v10.5.8

Apple Mac OS X v10.6.2

Apple Mac OS X v10.6.3

Apple Mac OS X Server v10.5.8

Apple Mac OS X Server v10.6.2

Apple Mac OS X Server v10.6.3

日本電気

CSVIEW

WebSAM AssetSuite

日立

Cosminexus Application Server Enterprise Version 6

Cosminexus Application Server Standard Version 6

Cosminexus Application Server Version 5

Cosminexus Client Version 6

Cosminexus Developer Light Version 6

Cosminexus Developer Professional Version 6

Cosminexus Developer Standard Version 6

Cosminexus Developer Version 5

Cosminexus Developer's Kit for Java(TM)

Cosminexus Server - Standard Edition Version 4

Cosminexus Server - Web Edition Version 4

Cosminexus Studio - Standard Edition Version 4

Cosminexus Studio - Web Edition Version 4

Cosminexus Studio Version 5

Hitachi Developer's Kit for Java

Hitachi Web Server

Hitachi Web Server - Security Enhancement

Processing Kit for XML

uCosminexus Application Server Enterprise

uCosminexus Application Server Standard

uCosminexus Client

uCosminexus Developer Light

uCosminexus Developer Professional

uCosminexus Developer Standard

uCosminexus Operator

uCosminexus Portal Framework エントリセット

uCosminexus Service Architect

uCosminexus Service Platform

OpenOffice.org Project

OpenOffice.org 2.x

OpenOffice.org 3.2.1 未満

VMware

VMware ESX 3.0.3

VMware ESX 3.5

VMware ESX 4.0

VMware ESX 4.1

VMware vCenter 4.0

VMware vCenter 4.1

VMware VirtualCenter 2.5

VMware vSphere Update Manager 1.0

VMware vSphere Update Manager 4.0

VMware vSphere Update Manager 4.1

ブルーコートシステムズ

Blue Coat Director

Blue Coat IntelligenceCenter

Blue Coat PacketShaper

Blue Coat ProxyAV

Blue Coat ProxyClient

Blue Coat Reporter

ProxySG

SGOS 4

SGOS 5

SGOS 6

ヒューレット・パッカード・エンタープライズ

HPE Matrix Operating Environment

HPE Systems Insight Manager

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2009-3555	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
National Vulnerability Database (NVD)
2	CVE-2009-3555	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555
OpenOffice.org
3	CVE-2009-3555	http://www.openoffice.org/security/cves/CVE-2009-3555.html

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-310	https://jvndb.jvn.jp/ja/cwe/CWE-310.html

ベンダー情報

No	Name	URL
Apache Software Foundation
1	Changes with Apache 2.2.15	http://www.apache.org/dist/httpd/CHANGES_2.2.15
2	Changes with Apache 2.3.6	http://www.apache.org/dist/httpd/CHANGES_2.3.6
Apple Security Updates
3	HT4004	http://support.apple.com/kb/HT4004
4	HT4170	http://support.apple.com/kb/HT4170
5	HT4171	http://support.apple.com/kb/HT4171
6	HT4417	http://support.apple.com/kb/HT4417
7	HT4418	http://support.apple.com/kb/HT4418
Apple セキュリティアップデート
8	HT4004	http://support.apple.com/kb/HT4004?viewlocale=ja_JP
9	HT4170	http://support.apple.com/kb/HT4170?viewlocale=ja_JP
10	HT4171	http://support.apple.com/kb/HT4171?viewlocale=ja_JP
11	HT4417	http://support.apple.com/kb/HT4417?viewlocale=ja_JP
12	HT4418	http://support.apple.com/kb/HT4418?viewlocale=ja_JP
Asianux Technical Support Network
13	gnutls-1.4.1-3.8.0.1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1013
14	httpd-2.2.3-31.2.1AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=774
15	jdk-1.6.0_19	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1028
16	jdk-1.6.0_22	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1285
17	nss-3.12.6-1.AXS3 and nspr-4.8.4-1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1012
18	openssl-0.9.8e-12.AXS3.6	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1014
19	openssl097a-0.9.7a-9.AXS3.2	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1011
Change Requests
20	609365	http://search.sybase.com/kbx/changerequests?bug_id=609365
Cisco Security Advisory
21	cisco-sa-20091109-tls	http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
Critical Patch Updates and Security Alerts
22	cpuapr2011-301950	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
23	cpujul2010.html	http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html
24	javacpumar2010	http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
25	javacpuoct2010-176258	http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Hitachi Software Vulnerability Information
26	HS10-010	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-010/index.html
27	HS10-030	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-030/index.html
28	HS11-006	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-006/index.html
HP Security Bulletin
29	HPSBHF03293	http://marc.info/?l=bugtraq&m=142660345230545&w=2
30	HPSBMU02769 SSRT100846	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151
31	HPSBUX02482	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686
32	HPSBUX02498	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01963123
33	HPSBUX02517	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02079216
34	HPSBUX02524	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02122104
35	HPSBUX02608	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
HPE Security Bulletin
36	HPSBMU03611	https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150888
IBM Support Document
37	1293566	http://www-01.ibm.com/support/docview.wss?uid=swg21293566#6a
38	1412438	http://www-01.ibm.com/support/docview.wss?uid=swg21412438#2
39	1413714	http://www-01.ibm.com/support/docview.wss?uid=swg21413714
40	1426108	http://www-01.ibm.com/support/docview.wss?uid=swg21426108
41	1432298	http://www-01.ibm.com/support/docview.wss?uid=swg21432298
42	1444772	http://www-01.ibm.com/support/docview.wss?uid=swg21444772
43	4025312	http://www-01.ibm.com/support/docview.wss?uid=swg24025312
44	4025718	http://www-01.ibm.com/support/docview.wss?uid=swg24025718
45	4025719	http://www-01.ibm.com/support/docview.wss?uid=swg24025719
46	4025742	http://www-01.ibm.com/support/docview.wss?uid=swg24025742
47	4025746	http://www-01.ibm.com/support/docview.wss?uid=swg24025746
48	4909	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4909
49	7006876	http://www-01.ibm.com/support/docview.wss?uid=swg27006876#60239
50	7007033	http://www-01.ibm.com/support/docview.wss?uid=swg27007033#60239
51	7007951	http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27007951#61029
52	7008517	http://www-01.ibm.com/support/docview.wss?rs=177&uid=swg27008517#61029
53	7014463	http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7009
54	IC68054	http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054
55	PM10658	http://www-01.ibm.com/support/docview.wss?uid=swg1PM10658
Microsoft Security Advisory
56	977377	http://www.microsoft.com/technet/security/advisory/977377.mspx
Microsoft Security Bulletin
57	MS10-049	http://www.microsoft.com/technet/security/bulletin/MS10-049.mspx
MIRACLE LINUX アップデート情報
58	1819	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1819
59	1820	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1820
60	2043	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2043
61	2046	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2046
62	2047	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2047
63	2048	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2048
Mozilla Foundation Security Advisory
64	MFSA 2010-22	http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
Mozilla Foundation セキュリティアドバイザリ
65	MFSA 2010-22	http://www.mozilla-japan.org/security/announce/2010/mfsa2010-22.html
NEC製品セキュリティ情報
66	NV10-008	http://www.nec.co.jp/security-info/secinfo/nv10-008.html
OpenSSL
67	secadv_20091111	http://www.openssl.org/news/secadv_20091111.txt
Proftpd Release Notes
68	RELEASE_NOTES-1.3.2c	http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c
Red Hat Security Advisory
69	RHSA-2009:1579	https://rhn.redhat.com/errata/RHSA-2009-1579.html
70	RHSA-2009:1580	https://rhn.redhat.com/errata/RHSA-2009-1580.html
71	RHSA-2010:0130	https://rhn.redhat.com/errata/RHSA-2010-0130.html
72	RHSA-2010:0155	http://rhn.redhat.com/errata/RHSA-2010-0155.html
73	RHSA-2010:0162	https://rhn.redhat.com/errata/RHSA-2010-0162.html
74	RHSA-2010:0163	https://rhn.redhat.com/errata/RHSA-2010-0163.html
75	RHSA-2010:0164	https://rhn.redhat.com/errata/RHSA-2010-0164.html
76	RHSA-2010:0165	https://rhn.redhat.com/errata/RHSA-2010-0165.html
77	RHSA-2010:0166	https://rhn.redhat.com/errata/RHSA-2010-0166.html
78	RHSA-2010:0167	https://rhn.redhat.com/errata/RHSA-2010-0167.html
79	RHSA-2010:0337	https://rhn.redhat.com/errata/RHSA-2010-0337.html
80	RHSA-2010:0338	https://rhn.redhat.com/errata/RHSA-2010-0338.html
81	RHSA-2010:0339	https://rhn.redhat.com/errata/RHSA-2010-0339.html
82	RHSA-2010:0768	https://rhn.redhat.com/errata/RHSA-2010-0768.html
83	RHSA-2010:0770	https://rhn.redhat.com/errata/RHSA-2010-0770.html
84	RHSA-2010:0786	https://rhn.redhat.com/errata/RHSA-2010-0786.html
85	RHSA-2010:0807	https://rhn.redhat.com/errata/RHSA-2010-0807.html
86	RHSA-2010:0865	https://rhn.redhat.com/errata/RHSA-2010-0865.html
87	RHSA-2010:0987	https://rhn.redhat.com/errata/RHSA-2010-0987.html
Security Advisories
88	SA44	https://kb.bluecoat.com/index?page=content&id=SA44
SECURITY BLOG
89	Multiple Vulnerabilities in the Apache 2 HTTP Server Prior to 2.2.16	http://blogs.oracle.com/sunsecurity
90	multiple_vulnerabilities_in_the_apache	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_the_apache
Sun Alert Notification
91	273029	http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1
92	273350	http://sunsolve.sun.com/search/document.do?assetkey=1-66-273350-1
93	274990	http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1
Turbolinux Security Advisory
94	TLSA-2009-30	http://www.turbolinux.co.jp/security/2009/TLSA-2009-30j.txt
95	TLSA-2009-32	http://www.turbolinux.co.jp/security/2009/TLSA-2009-32j.txt
96	TLSA-2010-20	http://www.turbolinux.co.jp/security/2010/TLSA-2010-20j.txt
97	TLSA-2010-42	http://www.turbolinux.co.jp/security/2010/TLSA-2010-42j.txt
VMware Security Advisories
98	VMSA-2010-0019	http://www.vmware.com/security/advisories/VMSA-2010-0019.html
99	VMSA-2011-0003	http://www.vmware.com/security/advisories/VMSA-2011-0003.html
オラクル・セキュリティ・アラート
100	100716_91	http://www.oracle.com/technology/global/jp/security/100716_91/top.html
ソフトウェア製品セキュリティ情報
101	HS10-010	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-010/index.html
102	HS10-030	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030
103	HS11-006	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-006/index.html
マイクロソフトセキュリティアドバイザリ
104	977377	http://www.microsoft.com/japan/technet/security/advisory/977377.mspx
マイクロソフトセキュリティ情報
105	MS10-049	http://www.microsoft.com/japan/technet/security/bulletin/ms10-049.mspx
富士通セキュリティ情報
106	TA10-222A	http://software.fujitsu.com/jp/security/vulnerabilities/ta10-222a.html
107	VU#120541	http://software.fujitsu.com/jp/security/vulnerabilities/vu120541.html
絵でみるセキュリティ情報
108	MS10-049e	http://www.microsoft.com/japan/security/bulletins/MS10-049e.mspx

その他

No	Name	URL
JVN
1	JVNVU#120541	http://jvn.jp/cert/JVNVU120541
2	JVNVU#490671	http://jvn.jp/cert/JVNVU490671
JVN Status Tracking Notes
3	JVNTR-2010-22	http://jvn.jp/tr/JVNTR-2010-22
Secunia Advisory
4	SA37453	http://secunia.com/advisories/37453
5	SA37566	http://secunia.com/advisories/37566
6	SA38020	http://secunia.com/advisories/38020
7	SA38338	http://secunia.com/advisories/38338
8	SA38608	http://secunia.com/advisories/38608
9	SA38728	http://secunia.com/advisories/38728
10	SA39136	http://secunia.com/advisories/39136
11	SA39242	http://secunia.com/advisories/39242
12	SA39243	http://secunia.com/advisories/39243
13	SA39500	http://secunia.com/advisories/39500
14	SA40747	http://secunia.com/advisories/40747
15	SA40879	http://secunia.com/advisories/40879
16	SA44260	http://secunia.com/advisories/44260
17	SA44292	http://secunia.com/advisories/44292
18	SA44293	http://secunia.com/advisories/44293
SecurityFocus
19	36935	http://www.securityfocus.com/bid/36935
US-CERT Cyber Security Alerts
20	SA10-222A	http://www.us-cert.gov/cas/alerts/SA10-222A.html
US-CERT Technical Cyber Security Alert
21	TA10-222A	http://www.us-cert.gov/cas/techalerts/TA10-222A.html
US-CERT Vulnerability Note
22	VU#120541	http://www.kb.cert.org/vuls/id/120541
VUPEN Security
23	VUPEN/ADV-2009-3310	http://www.vupen.com/english/advisories/2009/3310
24	VUPEN/ADV-2009-3313	http://www.vupen.com/english/advisories/2009/3313
25	VUPEN/ADV-2009-3393	http://www.vupen.com/english/advisories/2009/3393
26	VUPEN/ADV-2010-0086	http://www.vupen.com/english/advisories/2010/0086
27	VUPEN/ADV-2010-0125	http://www.vupen.com/english/advisories/2010/0125
28	VUPEN/ADV-2010-0212	http://www.vupen.com/english/advisories/2010/0212
29	VUPEN/ADV-2010-0457	http://www.vupen.com/english/advisories/2010/0457
30	VUPEN/ADV-2010-0982	http://www.vupen.com/english/advisories/2010/0982
31	VUPEN/ADV-2010-1280	http://www.vupen.com/english/advisories/2010/1280
32	VUPEN/ADV-2010-1942	http://www.vupen.com/english/advisories/2010/1942
33	VUPEN/ADV-2010-2046	http://www.vupen.com/english/advisories/2010/2046
34	VUPEN/ADV-2010-2660	http://www.vupen.com/english/advisories/2010/2660
35	VUPEN/ADV-2010-3086	http://www.vupen.com/english/advisories/2010/3086
36	VUPEN/ADV-2010-3126	http://www.vupen.com/english/advisories/2010/3126
37	VUPEN/ADV-2011-1039	http://www.vupen.com/english/advisories/2011/1039

Change Log

No	Changed Details	Date of change
0	[2009年12月14日] 掲載 [2010年01月20日] 影響を受けるシステム：アップル (HT4004) の情報を追加影響を受けるシステム：サン・マイクロシステムズ (274990) の情報を追加ベンダ情報：IBM (7007033) を追加ベンダ情報：IBM (7006876) を追加ベンダ情報：IBM (4909) を追加ベンダ情報：IBM (7007951) を追加ベンダ情報：IBM (7008517) を追加ベンダ情報：アップル (HT4004) を追加ベンダ情報：サン・マイクロシステムズ (274990) を追加ベンダ情報：シスコシステムズ (cisco-sa-20091109-tls) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02498) を追加 [2010年02月18日] 影響を受けるシステム：IBM (4025718) の情報を追加影響を受けるシステム：IBM (4025719) の情報を追加影響を受けるシステム：IBM (4025742) の情報を追加影響を受けるシステム：IBM (4025746) の情報を追加影響を受けるシステム：IBM (1413714) の情報を追加影響を受けるシステム：マイクロソフト (977377) の情報を追加ベンダ情報：IBM (4025718) を追加ベンダ情報：IBM (4025719) を追加ベンダ情報：IBM (4025742) を追加ベンダ情報：IBM (4025746) を追加ベンダ情報：IBM (1413714) を追加ベンダ情報：マイクロソフト (977377) を追加 [2010年03月08日] 影響を受けるシステム：ブルーコートシステムズ (SA44) の情報を追加影響を受けるシステム：レッドハット (RHSA-2010:0130) の情報を追加ベンダ情報：ブルーコートシステムズ (SA44) を追加ベンダ情報：レッドハット (RHSA-2010:0130) を追加 [2010年03月17日] 影響を受けるシステム：Apache Software Foundation (Changes with Apache 2.2.15) の情報を追加ベンダ情報：Apache Software Foundation (Changes with Apache 2.2.15) を追加 [2010年03月29日] 影響を受けるシステム：レッドハット (RHSA-2010:0155) の情報を追加ベンダ情報：レッドハット (RHSA-2010:0155) を追加ベンダ情報：レッドハット (RHSA-2010:0162) を追加ベンダ情報：レッドハット (RHSA-2010:0163) を追加ベンダ情報：レッドハット (RHSA-2010:0164) を追加ベンダ情報：レッドハット (RHSA-2010:0165) を追加ベンダ情報：レッドハット (RHSA-2010:0166) を追加ベンダ情報：レッドハット (RHSA-2010:0167) を追加 [2010年04月27日] 影響を受けるシステム：IBM (PM10658) の情報を追加影響を受けるシステム：IBM (7014463) の情報を追加影響を受けるシステム：IBM (1426108) の情報を追加影響を受けるシステム：Mozilla Foundation (MFSA 2010-22) の情報を追加影響を受けるシステム：オラクル (javacpumar2010) の情報を追加影響を受けるシステム：レッドハット (RHSA-2010:0338) の情報を追加ベンダ情報：IBM (PM10658) を追加ベンダ情報：IBM (7014463) を追加ベンダ情報：IBM (1426108) を追加ベンダ情報：Mozilla Foundation (MFSA 2010-22) を追加ベンダ情報：オラクル (javacpumar2010) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02517) を追加ベンダ情報：ミラクル・リナックス (openssl097a-0.9.7a-9.AXS3.2) を追加ベンダ情報：ミラクル・リナックス (nss-3.12.6-1.AXS3 and nspr-4.8.4-1.AXS3) を追加ベンダ情報：ミラクル・リナックス (gnutls-1.4.1-3.8.0.1.AXS3) を追加ベンダ情報：ミラクル・リナックス (openssl-0.9.8e-12.AXS3.6) を追加ベンダ情報：ミラクル・リナックス (jdk-1.6.0_19) を追加ベンダ情報：ミラクル・リナックス (2043) を追加ベンダ情報：ミラクル・リナックス (2046) を追加ベンダ情報：ミラクル・リナックス (2047) を追加ベンダ情報：ミラクル・リナックス (2048) を追加ベンダ情報：レッドハット (RHSA-2010:0337) を追加ベンダ情報：レッドハット (RHSA-2010:0338) を追加ベンダ情報：レッドハット (RHSA-2010:0339) を追加 [2010年06月04日] 影響を受けるシステム：IBM (1412438) の情報を追加影響を受けるシステム：IBM (1432298) の情報を追加影響を受けるシステム：アップル (HT4171) の情報を追加影響を受けるシステム：日立 (HS10-010) の情報を追加ベンダ情報：IBM (1412438) を追加ベンダ情報：IBM (1432298) を追加ベンダ情報：アップル (HT4170) を追加ベンダ情報：アップル (HT4171) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02524) を追加ベンダ情報：日立 (HS10-010) を追加 [2010年06月17日] 影響を受けるシステム：OpenOffice.org (CVE-2009-3555) の情報を追加ベンダ情報：OpenOffice.org (CVE-2009-3555) を追加 [2010年07月12日] 影響を受けるシステム：Apache Software Foundation (Changes with Apache 2.3.6) の情報を追加ベンダ情報：Apache Software Foundation (Changes with Apache 2.3.6) を追加ベンダ情報：ターボリナックス (TLSA-2010-20) を追加 [2010年07月22日] 影響を受けるシステム：オラクル (cpujul2010) の情報を追加ベンダ情報：オラクル (cpujul2010) を追加ベンダ情報：オラクル (100716_91) を追加 [2010年08月24日] 影響を受けるシステム：IBM (IC68054) の情報を追加ベンダ情報：IBM (IC68054) を追加ベンダ情報：マイクロソフト (MS10-049) を追加 [2010年09月10日] 影響を受けるシステム：IBM (1293566) の情報を追加影響を受けるシステム：IBM (1426108) の情報を追加 [2010年10月21日] 影響を受けるシステム：IBM (1293566) の情報を追加影響を受けるシステム：IBM (1444772) の情報を追加影響を受けるシステム：オラクル (javacpuoct2010-176258) の情報を追加影響を受けるシステム：オラクル (multiple_vulnerabilities_in_the_apache) の情報を追加影響を受けるシステム：ブルーコートシステムズ (SA44) の情報を追加ベンダ情報：IBM (1293566) を追加ベンダ情報：IBM (1444772) を追加ベンダ情報：アップル (HT4417) を追加ベンダ情報：アップル (HT4418) を追加ベンダ情報：オラクル (javacpuoct2010-176258) を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_the_apache) を追加ベンダ情報：レッドハット (RHSA-2010:0768) を追加ベンダ情報：レッドハット (RHSA-2010:0770) を追加ベンダ情報：レッドハット (RHSA-2010:0786) を追加 [2010年11月11日] ベンダ情報：ミラクル・リナックス (jdk-1.6.0_22) を追加ベンダ情報：レッドハット (RHSA-2010:0807) を追加 [2010年12月07日] 影響を受けるシステム：レッドハット (RHSA-2010:0865) の情報を追加ベンダ情報：レッドハット (RHSA-2010:0865) を追加 [2010年12月16日] 影響を受けるシステム：VMware (VMSA-2010-0019) の情報を追加影響を受けるシステム：サイベース (609365) の情報を追加影響を受けるシステム：ターボリナックス (TLSA-2010-42) の情報を追加影響を受けるシステム：日立 (HS10-030) の情報を追加ベンダ情報：VMware (VMSA-2010-0019) を追加ベンダ情報：サイベース (609365) を追加ベンダ情報：ターボリナックス (TLSA-2010-42) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02608) を追加ベンダ情報：日立 (HS10-030) を追加 [2011年01月05日] 影響を受けるシステム：レッドハット (RHSA-2010:0987) の情報を追加影響を受けるシステム：日本電気 (NV10-008) の情報を追加ベンダ情報：レッドハット (RHSA-2010:0987) を追加ベンダ情報：日本電気 (NV10-008) を追加 [2011年02月18日] 影響を受けるシステム：ブルーコートシステムズ (SA44) の情報を追加 [2011年02月28日] 影響を受けるシステム：VMware (VMSA-2011-0003) の情報を追加ベンダ情報：VMware (VMSA-2011-0003) を追加 [2011年05月10日] 影響を受けるシステム：オラクル (cpuapr2011-301950) の情報を追加影響を受けるシステム：オラクル (Multiple Vulnerabilities in the Apache 2 HTTP Server Prior to 2.2.16) の情報を追加ベンダ情報：オラクル (cpuapr2011-301950) を追加ベンダ情報：オラクル (Multiple Vulnerabilities in the Apache 2 HTTP Server Prior to 2.2.16) を追加 [2013年03月14日] 影響を受けるシステム：ヒューレット・パッカード (HPSBMU02769 SSRT100846) の情報を追加ベンダ情報：ヒューレット・パッカード (HPSBMU02769 SSRT100846) を追加 [2014年05月21日] 影響を受けるシステム：日立 (HS11-006) の情報を追加ベンダ情報：日立 (HS11-006) を追加 [2015年06月26日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：ヒューレット・パッカード (HPSBHF03293) を追加 [2016年09月08日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：ヒューレット・パッカード・エンタープライズ (HPSBMU03611) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:http_server::::::::		2.2.14
cpe:2.3:a:gnu:gnutls::::::::		2.8.5
cpe:2.3:a:mozilla:nss::::::::		3.12.4
cpe:2.3:a:openssl:openssl::::::::		0.9.8k
cpe:2.3:a:openssl:openssl:1.0::openvms:::::
cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
cpe:2.3:o:debian:debian_linux:4.0:::::::*
cpe:2.3:o:debian:debian_linux:5.0:::::::*
cpe:2.3:o:debian:debian_linux:6.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:fedoraproject:fedora:11:::::::*
cpe:2.3:o:fedoraproject:fedora:12:::::::*
cpe:2.3:o:fedoraproject:fedora:13:::::::*
cpe:2.3:o:fedoraproject:fedora:14:::::::*
cpe:2.3:a:f5:nginx::::::::	0.1.0	0.8.22