var-201412-0613
Vulnerability from variot
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function. The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. These vulnerabilities may affect ntpd acting as a server or client. Network Time Protocol is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the ntpd process. Failed attempts will likely cause a denial-of-service condition. Network Time Protocol 4.2.7 and prior are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: ntp security update Advisory ID: RHSA-2015:0104-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0104.html Issue date: 2015-01-28 CVE Names: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 =====================================================================
- Summary:
Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 6.5 Extended Update Support.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.5) - noarch, x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.5) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.5) - i386, noarch, ppc64, s390x, x86_64
Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9295)
It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests. (CVE-2014-9293)
It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to guess generated MD5 keys that could then be used to spoof an NTP client or server. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys. (CVE-2014-9294)
A missing return statement in the receive() function could potentially allow a remote attacker to bypass NTP's authentication mechanism. (CVE-2014-9296)
All ntp users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. After installing the update, the ntpd daemon will restart automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1176032 - CVE-2014-9293 ntp: automatic generation of weak default key in config_auth() 1176035 - CVE-2014-9294 ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys 1176037 - CVE-2014-9295 ntp: Multiple buffer overflows via specially-crafted packets 1176040 - CVE-2014-9296 ntp: receive() missing return on error
- Package List:
Red Hat Enterprise Linux HPC Node EUS (v. 6.5):
Source: ntp-4.2.6p5-2.el6_5.src.rpm
x86_64: ntp-4.2.6p5-2.el6_5.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm ntpdate-4.2.6p5-2.el6_5.x86_64.rpm
Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.5):
Source: ntp-4.2.6p5-2.el6_5.src.rpm
noarch: ntp-doc-4.2.6p5-2.el6_5.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm ntp-perl-4.2.6p5-2.el6_5.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.5):
Source: ntp-4.2.6p5-2.el6_5.src.rpm
i386: ntp-4.2.6p5-2.el6_5.i686.rpm ntp-debuginfo-4.2.6p5-2.el6_5.i686.rpm ntpdate-4.2.6p5-2.el6_5.i686.rpm
ppc64: ntp-4.2.6p5-2.el6_5.ppc64.rpm ntp-debuginfo-4.2.6p5-2.el6_5.ppc64.rpm ntpdate-4.2.6p5-2.el6_5.ppc64.rpm
s390x: ntp-4.2.6p5-2.el6_5.s390x.rpm ntp-debuginfo-4.2.6p5-2.el6_5.s390x.rpm ntpdate-4.2.6p5-2.el6_5.s390x.rpm
x86_64: ntp-4.2.6p5-2.el6_5.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm ntpdate-4.2.6p5-2.el6_5.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.5):
Source: ntp-4.2.6p5-2.el6_5.src.rpm
i386: ntp-debuginfo-4.2.6p5-2.el6_5.i686.rpm ntp-perl-4.2.6p5-2.el6_5.i686.rpm
noarch: ntp-doc-4.2.6p5-2.el6_5.noarch.rpm
ppc64: ntp-debuginfo-4.2.6p5-2.el6_5.ppc64.rpm ntp-perl-4.2.6p5-2.el6_5.ppc64.rpm
s390x: ntp-debuginfo-4.2.6p5-2.el6_5.s390x.rpm ntp-perl-4.2.6p5-2.el6_5.s390x.rpm
x86_64: ntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm ntp-perl-4.2.6p5-2.el6_5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-9293 https://access.redhat.com/security/cve/CVE-2014-9294 https://access.redhat.com/security/cve/CVE-2014-9295 https://access.redhat.com/security/cve/CVE-2014-9296 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUyTXWXlSAg2UNWIIRAsXzAKCilJuJeeWLOABs1xY+ueRvRTSpWACcDhoC YQlhn66RRMYQCWymo1OCUoI= =4Rft -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Release Date: 2015-02-18 Last Updated: 2015-02-18
Potential Security Impact: Remote execution of code, Denial of Service (DoS), or other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities.
References:
CVE-2014-9293 - Insufficient Entropy in Pseudo-Random Number Generator (PRNG) (CWE-332) CVE-2014-9294 - Use of Cryptographically Weak PRNG (CWE-338) CVE-2014-9295 - Stack Buffer Overflow (CWE-121) CVE-2014-9296 - Error Conditions, Return Values, Status Codes (CWE-389) CVE-2014-9297 - Improper Check for Unusual or Exceptional Conditions (CWE-754) SSRT101872 VU#852879
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.31 running NTP version C.4.2.6.4.0 or previous HP-UX B.11.23 running XNTP version 3.5 or previous
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-9293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9294 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9295 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9296 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-9297 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following patch for HP-UX B.11.31. A workaround for HP-UX B.11.23 and B.11.11 to temporarily resolve these vulnerabilities follows below.
The B.11.31 patch is available from: ftp://ntp42650:Secure12@h2.usa.hp.com or https://h20392.www2.hp.com/portal/sw depot/displayProductInfo.do?productNumber=HPUX-NTP
Mitigation steps for HP-UX B.11.23 and B.11.11 for CVE-2014-9295
Restrict query for server status (Time Service is not affected) from ntpq/ntpdc by enabling .noquery. using the restrict command in /etc/ntp.conf file.
Reference: http://support.ntp.org/bin/view/Main/SecurityNotice
NOTE: This bulletin will be revised when patches for XNTP v3.5 on B.11.23 and B.11.11 become available.
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.31
NTP.INETSVCS2-BOOT NTP.NTP-AUX NTP.NTP-RUN action: install revision C.4.2.6.5.0 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 18 February 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
The two patches are available from the HP Support Center (HPSC).
Reference: http://support.ntp.org/bin/view/Main/SecurityNotice
MANUAL ACTIONS: Yes - Update
If patch installation on B.11.11 or B.11.23 is not possible, mitigate with step above.
A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker (CVE-2014-9296).
Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service (CVE-2014-9297).
Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 (localhost) addresses can be bypassed (CVE-2014-9298).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9298 http://advisories.mageia.org/MGASA-2014-0541.html http://advisories.mageia.org/MGASA-2015-0063.html
Updated Packages:
Mandriva Business Server 2/X86_64: 8f7d14b95c55bd1de7230cff0c8ea9d7 mbs2/x86_64/ntp-4.2.6p5-16.1.mbs2.x86_64.rpm 09063ab11459b1f935809b37c742ff12 mbs2/x86_64/ntp-client-4.2.6p5-16.1.mbs2.x86_64.rpm 7a0d0eca35911d9f15b76b474c5512cf mbs2/x86_64/ntp-doc-4.2.6p5-16.1.mbs2.noarch.rpm cb0371050702950084ff633ea45c2c5c mbs2/SRPMS/ntp-4.2.6p5-16.1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFVF9K3mqjQ0CJFipgRAn26AJwInkxLvDh/Gbb3uYRz9IjuaSK8+ACgiM1Z rou2syvF1hyhVhxh7M5sv3c= =uncU -----END PGP SIGNATURE----- . Attackers could use this key to reconfigure ntpd (or to exploit other vulnerabilities).
The default ntpd configuration in Debian restricts access to localhost (and possible the adjacent network in case of IPv6).
For the stable distribution (wheezy), these problems have been fixed in version 1:4.2.6.p5+dfsg-2+deb7u1.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8-i486-1_slack14.1.txz: Upgraded. In addition to bug fixes and enhancements, this release fixes several high-severity vulnerabilities discovered by Neel Mehta and Stephen Roettger of the Google Security Team. For more information, see: https://www.kb.cert.org/vuls/id/852879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 18d7f09e90cf2434f59d7e9f11478fba ntp-4.2.8-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: edd178e3d2636433dd18f52331af17a5 ntp-4.2.8-x86_64-1_slack13.0.txz
Slackware 13.1 package: 4b6da6fa564b1fe00920d402ff97bd43 ntp-4.2.8-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 292ae7dbd3ea593c5e28cbba7c2b71fa ntp-4.2.8-x86_64-1_slack13.1.txz
Slackware 13.37 package: 294b8197d360f9a3cf8186619b60b73c ntp-4.2.8-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 7cd5b63f8371b1cc369bc56e4b4efd5a ntp-4.2.8-x86_64-1_slack13.37.txz
Slackware 14.0 package: 32eab67538c33e4669bda9200799a497 ntp-4.2.8-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 33ecf4845fa8533a12a98879815bde08 ntp-4.2.8-x86_64-1_slack14.0.txz
Slackware 14.1 package: f2b45a45c846a909ae201176ce359939 ntp-4.2.8-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 12d7ab6e2541af4d1282621d3773e7f7 ntp-4.2.8-x86_64-1_slack14.1.txz
Slackware -current package: 5b2150cee9840d8bb547098cccde879a n/ntp-4.2.8-i486-1.txz
Slackware x86_64 -current package: 9ce09c5d6a60d3e2117988e4551e4af1 n/ntp-4.2.8-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg ntp-4.2.8-i486-1_slack14.1.txz
Then, restart the NTP daemon:
sh /etc/rc.d/rc.ntpd restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
References:
CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2013-5211 SSRT102239
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Platform Patch Kit Name
Alpha IA64 V8.4 75-117-380_2015-08-24.BCK
NOTE: Please contact OpenVMS Technical Support to request these patch kits
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0613",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ntp",
"scope": "lte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "efficientip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ntp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omniti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3000"
},
{
"model": "download server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "110"
},
{
"model": "linux enterprise server sp3 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.3"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux computenode optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux computenode",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux client optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.1"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.9.1"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.7.3"
},
{
"model": "network time protocol 4.2.7p10",
"scope": null,
"trust": 0.3,
"vendor": "meinberg",
"version": null
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.7"
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.6"
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.5"
},
{
"model": "network time protocol 4.2.4p8@lennon-o-lpv",
"scope": null,
"trust": 0.3,
"vendor": "meinberg",
"version": null
},
{
"model": "network time protocol 4.2.4p7@copenhagen-o",
"scope": null,
"trust": 0.3,
"vendor": "meinberg",
"version": null
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.4"
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.2"
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.0"
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.1.0"
},
{
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.0"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "vgw",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "nsmexpress",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nsm server software",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "nsm series appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "nsm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos os 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 14.1r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 14.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.3r3-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.3r2-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.3r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r5-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.1x50-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.1r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.3r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.2x50-d70",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.2r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x46-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 11.4r12-s4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 11.4r12-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "xeon phi 7120p",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "xeon phi 7120a",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "xeon phi 5110p",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "xeon phi 3120a",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.4"
},
{
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.3"
},
{
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.2"
},
{
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.1"
},
{
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "smartcloud entry fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.19"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77100"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77000"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "76000"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56003"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "71005.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "71005.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9"
},
{
"model": "pureflex",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x6"
},
{
"model": "pureflex",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x6"
},
{
"model": "pureflex x240m5+pen",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "pureflex x240m4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "pureflex x220m4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "puredata system for operational analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "puredata system for operational analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.2.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.1.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.9.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.8.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.7.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.3.0"
},
{
"model": "nextscale nx360m5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "nextscale nx360m4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "idataplex dx360m4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"model": "flex system p460",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"model": "flex system p270 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"model": "flex system p260 compute node /fc efd9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"model": "flex system p24l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "rack v100r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "x8000"
},
{
"model": "v1300n v100r002c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tecal xh621 v100r001c00b010",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "tecal xh320 v100r001c00spc105",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "tecal xh311 v100r001c00spc100",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "tecal xh310 v100r001c00spc100",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh5885h v100r003c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v3"
},
{
"model": "rh5885 v100r003c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v3"
},
{
"model": "rh5885 v100r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh2485 v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh2288h v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh2288e v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh2288 v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh2285h v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh2285 v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "rh1288 v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "oceanstor uds v100r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor uds v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s2600t v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor hvs88t v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor hvs85t v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor 18800f v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor v100r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "18800"
},
{
"model": "high-density server dh628 v100r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "high-density server dh621 v100r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "high-density server dh620 v100r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "high-density server dh320 v100r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "v2"
},
{
"model": "fusionsphere openstack v100r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncube v100r002c02spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncube v100r002c02spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncube v100r002c02spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncube v100r002c01spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncompute v100r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncompute v100r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncompute v100r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncompute v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusionaccess v100r005c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fusionaccess v100r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace vtm v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace vtm v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace vcn3000 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace usm v200r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace uc v200r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace uc v200r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace uc v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2980 v200r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2980 v100r001c02spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2980 v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace ivs v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace dcm v100r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace dcm v100r001c03",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace dcm v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace dcm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace cc v200r001c50",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace cc v200r001c32",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace cc v200r001c03",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace cad v100r001c01lhue01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight uc\u0026c v100r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight uc\u0026c v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight network v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight network v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight network v200r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "e9000 chassis v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "e6000 chassis v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dc v100r002c01spc001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wx5004-ei (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.10"
},
{
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.01"
},
{
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1"
},
{
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "vcx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "u200s and cs (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "u200a and m (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "tcp/ip services for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"model": "secblade iii (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "secblade fw (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "msr50 g2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5-0"
},
{
"model": "msr50",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5-0"
},
{
"model": "msr30-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5-0"
},
{
"model": "msr30-16",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5-0"
},
{
"model": "msr30",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5-0"
},
{
"model": "msr20-1x (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "msr20-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5-0"
},
{
"model": "msr20 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "msr1000 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "msr (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9xx5)0"
},
{
"model": "msr (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "93x5)0"
},
{
"model": "msr 50-g2 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "msr (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "505)0"
},
{
"model": "msr (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "30-1x5)0"
},
{
"model": "msr (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "30-165)0"
},
{
"model": "msr (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "305)0"
},
{
"model": "hsr6800 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "hsr6602 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "hp870 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "hp850 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "hp830 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "hp6000 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "f5000-c/s (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "f5000-a (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "f1000-s-ei (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "f1000-e (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "f1000-a-ei (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "a6600 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "9500e (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "88005)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75005)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58305)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58205)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58005)0"
},
{
"model": "5500si (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "hi (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55005)0"
},
{
"model": "ei (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55005)0"
},
{
"model": "si (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51205)0"
},
{
"model": "ei (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51205)0"
},
{
"model": "4800g (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "4500g (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "4210g (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36105)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v25)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-485)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v25)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125005)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105005)0"
},
{
"model": "enterprise server ap8800",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "enterprise server ap7000",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony cb500 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony cb320 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony cb2500 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony cb2000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony bs500 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony bs320 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony bs2500 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony bs2000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "bladesymphony bs1000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "advanced server ha8000cr",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "0"
},
{
"model": "load balancer big-ip1500",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "0"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.0"
},
{
"model": "m\u0026r",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.5"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex social",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "virtualization experience client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "62150"
},
{
"model": "virtual systems operations center for vpe project",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "videoscape conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "videoscape back office",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video delivery system recorder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell ran management system wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs invicta series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "transaction encryption device",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence te software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "service control engines system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "scos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "remote network control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "remote conditional access system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "quantum son suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime service catalog virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "powervu network center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "powervu d9190 conditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "powerkey encryption server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "physical access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "network configuration and change management service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network configuration and change management",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netflow collection agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "management heartbeat server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "iptv service delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios xr for cisco network convergence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "international digital network control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "finesse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "explorer controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "encryption appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dncs application server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital transport adapter control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital network control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common download server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "command server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence endpoints sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence endpoints mxg2 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence endpoints mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence endpoints ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence endpoints c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence endpoints 10\" touch panel",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "autobackup server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.02"
},
{
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.01"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"model": "network time protocol",
"scope": "ne",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.8"
},
{
"model": "junos os 14.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 14.1x55-d16",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 14.1x50-d90",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 14.1r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.3r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.3x48-d15",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.3r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x47-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x46-d35",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 12.1x44-d50",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.110"
},
{
"model": "wx5004-ei (comware r2507p35",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "vsr (comware r0204p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"model": "vcx",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.17"
},
{
"model": "(comware r1513p95",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "v19105)"
},
{
"model": "u200s and cs (comware f5123p31",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "u200a and m (comware f5123p31",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "smb1920 (comware r1106",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "smb1910 (comware r1108",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "smb (comware r1105",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "16205)"
},
{
"model": "secblade iii (comware r3820p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "secblade fw (comware r3181p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "msr50 ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr50 g2 r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5-"
},
{
"model": "msr50 epu ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr50 r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5-"
},
{
"model": "msr4000 (comware r0106p31",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"model": "msr316 ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr301x ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr3000 (comware r0106p31",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"model": "msr30-1x r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5-"
},
{
"model": "msr30-16 r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5-"
},
{
"model": "msr30 ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr30 r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5-"
},
{
"model": "msr2000 (comware r0106p31",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"model": "msr20-1x ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr20-1x (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "msr20-1x r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5-"
},
{
"model": "msr20 ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr20 (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "msr20 r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5-"
},
{
"model": "msr1000 ru r2513l61",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "msr1000 (comware r0106p31",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"model": "msr1000 (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "msr (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9xx5)"
},
{
"model": "msr (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "93x5)"
},
{
"model": "msr 50-g2 (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "msr (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "505)"
},
{
"model": "msr (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "30-1x5)"
},
{
"model": "msr (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "30-165)"
},
{
"model": "msr (comware r2513p45",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "305)"
},
{
"model": "hsr6800 ru r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "hsr6800 (comware r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "hsr6602 ru r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"model": "hsr6602 (comware r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "hp870 (comware r2607p35",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "hp850 (comware r2607p35",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "hp830 (comware r3507p35",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "hp6000 (comware r2507p35",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "f5000-c/s (comware r3811p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "f5000-a (comware f3210p23",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "f1000-s-ei (comware r3734p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "f1000-e (comware r3181p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "f1000-a-ei (comware r3734p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "a6600 (comware r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "9500e (comware r1828p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "(comware r3627p04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "88005)"
},
{
"model": "(comware r2122",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "79007)"
},
{
"model": "(comware r6708p10",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "75005)"
},
{
"model": "ru r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "66025"
},
{
"model": "rse ru r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "66005"
},
{
"model": "rpe ru r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "66005"
},
{
"model": "(comware r2311p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "59207)"
},
{
"model": "(comware r2311p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "59007)"
},
{
"model": "(comware r1118p11",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "58305)"
},
{
"model": "(comware r1809p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "58205)"
},
{
"model": "(comware r7006p12",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "58007)"
},
{
"model": "(comware r1809p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "58005)"
},
{
"model": "(comware r2311p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "57007)"
},
{
"model": "5500si (comware r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"model": "hi (comware r5501p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "55005)"
},
{
"model": "(comware r3108p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51307)"
},
{
"model": "(comware r1112",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "129007)"
},
{
"model": "(comware r7328p04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "125007)"
},
{
"model": "(comware r7169p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "119007)"
},
{
"model": "(comware r7150",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "105007)"
},
{
"model": "vipr srm",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.1"
},
{
"model": "m\u0026r 6.5u1",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#852879"
},
{
"db": "BID",
"id": "71761"
},
{
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stephen Roettger and Neel Mehta of the Google Security Team.",
"sources": [
{
"db": "BID",
"id": "71761"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9295",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-9295",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9295",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-9295",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-9295"
},
{
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function. The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. These vulnerabilities may affect ntpd acting as a server or client. Network Time Protocol is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nSuccessful exploits may allow an attacker to execute arbitrary code with the privileges of the ntpd process. Failed attempts will likely cause a denial-of-service condition. \nNetwork Time Protocol 4.2.7 and prior are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: ntp security update\nAdvisory ID: RHSA-2015:0104-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0104.html\nIssue date: 2015-01-28\nCVE Names: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 \n CVE-2014-9296 \n=====================================================================\n\n1. Summary:\n\nUpdated ntp packages that fix several security issues are now available for\nRed Hat Enterprise Linux 6.5 Extended Update Support. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.5) - noarch, x86_64\nRed Hat Enterprise Linux HPC Node EUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.5) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.5) - i386, noarch, ppc64, s390x, x86_64\n\n3. \n\nMultiple buffer overflow flaws were discovered in ntpd\u0027s crypto_recv(),\nctl_putdata(), and configure() functions. Note: the crypto_recv() flaw requires non-default\nconfigurations to be active, while the ctl_putdata() flaw, by default, can\nonly be exploited via local attackers, and the configure() flaw requires\nadditional authentication to exploit. (CVE-2014-9295)\n\nIt was found that ntpd automatically generated weak keys for its internal\nuse if no ntpdc request authentication key was specified in the ntp.conf\nconfiguration file. A remote attacker able to match the configured IP\nrestrictions could guess the generated key, and possibly use it to send\nntpdc query or configuration requests. (CVE-2014-9293)\n\nIt was found that ntp-keygen used a weak method for generating MD5 keys. \nThis could possibly allow an attacker to guess generated MD5 keys that\ncould then be used to spoof an NTP client or server. Note: it is\nrecommended to regenerate any MD5 keys that had explicitly been generated\nwith ntp-keygen; the default installation does not contain such keys. \n(CVE-2014-9294)\n\nA missing return statement in the receive() function could potentially\nallow a remote attacker to bypass NTP\u0027s authentication mechanism. \n(CVE-2014-9296)\n\nAll ntp users are advised to upgrade to this updated package, which\ncontains backported patches to resolve these issues. After installing the\nupdate, the ntpd daemon will restart automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata \nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1176032 - CVE-2014-9293 ntp: automatic generation of weak default key in config_auth()\n1176035 - CVE-2014-9294 ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys\n1176037 - CVE-2014-9295 ntp: Multiple buffer overflows via specially-crafted packets\n1176040 - CVE-2014-9296 ntp: receive() missing return on error\n\n6. Package List:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.5):\n\nSource:\nntp-4.2.6p5-2.el6_5.src.rpm\n\nx86_64:\nntp-4.2.6p5-2.el6_5.x86_64.rpm\nntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm\nntpdate-4.2.6p5-2.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.5):\n\nSource:\nntp-4.2.6p5-2.el6_5.src.rpm\n\nnoarch:\nntp-doc-4.2.6p5-2.el6_5.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm\nntp-perl-4.2.6p5-2.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.5):\n\nSource:\nntp-4.2.6p5-2.el6_5.src.rpm\n\ni386:\nntp-4.2.6p5-2.el6_5.i686.rpm\nntp-debuginfo-4.2.6p5-2.el6_5.i686.rpm\nntpdate-4.2.6p5-2.el6_5.i686.rpm\n\nppc64:\nntp-4.2.6p5-2.el6_5.ppc64.rpm\nntp-debuginfo-4.2.6p5-2.el6_5.ppc64.rpm\nntpdate-4.2.6p5-2.el6_5.ppc64.rpm\n\ns390x:\nntp-4.2.6p5-2.el6_5.s390x.rpm\nntp-debuginfo-4.2.6p5-2.el6_5.s390x.rpm\nntpdate-4.2.6p5-2.el6_5.s390x.rpm\n\nx86_64:\nntp-4.2.6p5-2.el6_5.x86_64.rpm\nntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm\nntpdate-4.2.6p5-2.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.5):\n\nSource:\nntp-4.2.6p5-2.el6_5.src.rpm\n\ni386:\nntp-debuginfo-4.2.6p5-2.el6_5.i686.rpm\nntp-perl-4.2.6p5-2.el6_5.i686.rpm\n\nnoarch:\nntp-doc-4.2.6p5-2.el6_5.noarch.rpm\n\nppc64:\nntp-debuginfo-4.2.6p5-2.el6_5.ppc64.rpm\nntp-perl-4.2.6p5-2.el6_5.ppc64.rpm\n\ns390x:\nntp-debuginfo-4.2.6p5-2.el6_5.s390x.rpm\nntp-perl-4.2.6p5-2.el6_5.s390x.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-2.el6_5.x86_64.rpm\nntp-perl-4.2.6p5-2.el6_5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-9293\nhttps://access.redhat.com/security/cve/CVE-2014-9294\nhttps://access.redhat.com/security/cve/CVE-2014-9295\nhttps://access.redhat.com/security/cve/CVE-2014-9296\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUyTXWXlSAg2UNWIIRAsXzAKCilJuJeeWLOABs1xY+ueRvRTSpWACcDhoC\nYQlhn66RRMYQCWymo1OCUoI=\n=4Rft\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nRelease Date: 2015-02-18\nLast Updated: 2015-02-18\n\nPotential Security Impact: Remote execution of code, Denial of Service (DoS),\nor other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running\nNTP. These could be exploited remotely to execute code, create a Denial of\nService (DoS), or other vulnerabilities. \n\nReferences:\n\nCVE-2014-9293 - Insufficient Entropy in Pseudo-Random Number Generator (PRNG)\n(CWE-332)\nCVE-2014-9294 - Use of Cryptographically Weak PRNG (CWE-338)\nCVE-2014-9295 - Stack Buffer Overflow (CWE-121)\nCVE-2014-9296 - Error Conditions, Return Values, Status Codes (CWE-389)\nCVE-2014-9297 - Improper Check for Unusual or Exceptional Conditions\n(CWE-754)\nSSRT101872\nVU#852879\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP-UX B.11.31 running NTP version C.4.2.6.4.0 or previous\nHP-UX B.11.23 running XNTP version 3.5 or previous\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-9293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9294 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9295 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9296 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-9297 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following patch for HP-UX B.11.31. A workaround for HP-UX\nB.11.23 and B.11.11 to temporarily resolve these vulnerabilities follows\nbelow. \n\nThe B.11.31 patch is available from:\nftp://ntp42650:Secure12@h2.usa.hp.com or https://h20392.www2.hp.com/portal/sw\ndepot/displayProductInfo.do?productNumber=HPUX-NTP\n\nMitigation steps for HP-UX B.11.23 and B.11.11 for CVE-2014-9295\n\nRestrict query for server status (Time Service is not affected) from\nntpq/ntpdc by enabling .noquery. using the restrict command in /etc/ntp.conf\nfile. \n\nReference: http://support.ntp.org/bin/view/Main/SecurityNotice\n\nNOTE: This bulletin will be revised when patches for XNTP v3.5 on B.11.23 and\nB.11.11 become available. \n\nMANUAL ACTIONS: No\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.31\n==================\nNTP.INETSVCS2-BOOT\nNTP.NTP-AUX\nNTP.NTP-RUN\naction: install revision C.4.2.6.5.0 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 18 February 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nThe two patches are available from the HP Support Center (HPSC). \n\nReference: http://support.ntp.org/bin/view/Main/SecurityNotice\n\nMANUAL ACTIONS: Yes - Update\n\nIf patch installation on B.11.11 or B.11.23 is not possible, mitigate with\nstep above. \n \n A section of code in ntpd handling a rare error is missing a return\n statement, therefore processing did not stop when the error was\n encountered. This situation may be exploitable by an attacker\n (CVE-2014-9296). \n \n Stephen Roettger of the Google Security Team, Sebastian Krahmer of\n the SUSE Security Team and Harlan Stenn of Network Time Foundation\n discovered that the length value in extension fields is not properly\n validated in several code paths in ntp_crypto.c, which could lead to\n information leakage or denial of service (CVE-2014-9297). \n \n Stephen Roettger of the Google Security Team reported that ACLs based\n on IPv6 ::1 (localhost) addresses can be bypassed (CVE-2014-9298). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9298\n http://advisories.mageia.org/MGASA-2014-0541.html\n http://advisories.mageia.org/MGASA-2015-0063.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 8f7d14b95c55bd1de7230cff0c8ea9d7 mbs2/x86_64/ntp-4.2.6p5-16.1.mbs2.x86_64.rpm\n 09063ab11459b1f935809b37c742ff12 mbs2/x86_64/ntp-client-4.2.6p5-16.1.mbs2.x86_64.rpm\n 7a0d0eca35911d9f15b76b474c5512cf mbs2/x86_64/ntp-doc-4.2.6p5-16.1.mbs2.noarch.rpm \n cb0371050702950084ff633ea45c2c5c mbs2/SRPMS/ntp-4.2.6p5-16.1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVF9K3mqjQ0CJFipgRAn26AJwInkxLvDh/Gbb3uYRz9IjuaSK8+ACgiM1Z\nrou2syvF1hyhVhxh7M5sv3c=\n=uncU\n-----END PGP SIGNATURE-----\n. Attackers could use this key to\n reconfigure ntpd (or to exploit other vulnerabilities). \n\nThe default ntpd configuration in Debian restricts access to localhost\n(and possible the adjacent network in case of IPv6). \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1:4.2.6.p5+dfsg-2+deb7u1. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/ntp-4.2.8-i486-1_slack14.1.txz: Upgraded. \n In addition to bug fixes and enhancements, this release fixes\n several high-severity vulnerabilities discovered by Neel Mehta\n and Stephen Roettger of the Google Security Team. \n For more information, see:\n https://www.kb.cert.org/vuls/id/852879\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n18d7f09e90cf2434f59d7e9f11478fba ntp-4.2.8-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nedd178e3d2636433dd18f52331af17a5 ntp-4.2.8-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n4b6da6fa564b1fe00920d402ff97bd43 ntp-4.2.8-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n292ae7dbd3ea593c5e28cbba7c2b71fa ntp-4.2.8-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n294b8197d360f9a3cf8186619b60b73c ntp-4.2.8-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n7cd5b63f8371b1cc369bc56e4b4efd5a ntp-4.2.8-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n32eab67538c33e4669bda9200799a497 ntp-4.2.8-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n33ecf4845fa8533a12a98879815bde08 ntp-4.2.8-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nf2b45a45c846a909ae201176ce359939 ntp-4.2.8-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n12d7ab6e2541af4d1282621d3773e7f7 ntp-4.2.8-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n5b2150cee9840d8bb547098cccde879a n/ntp-4.2.8-i486-1.txz\n\nSlackware x86_64 -current package:\n9ce09c5d6a60d3e2117988e4551e4af1 n/ntp-4.2.8-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg ntp-4.2.8-i486-1_slack14.1.txz\n\nThen, restart the NTP daemon:\n\n# sh /etc/rc.d/rc.ntpd restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nReferences:\n\nCVE-2014-9293\nCVE-2014-9294\nCVE-2014-9295\nCVE-2014-9296\nCVE-2013-5211\nSSRT102239\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n Platform\n Patch Kit Name\n\n Alpha IA64 V8.4\n 75-117-380_2015-08-24.BCK\n\n NOTE: Please contact OpenVMS Technical Support to request these patch kits",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9295"
},
{
"db": "CERT/CC",
"id": "VU#852879"
},
{
"db": "BID",
"id": "71761"
},
{
"db": "VULMON",
"id": "CVE-2014-9295"
},
{
"db": "PACKETSTORM",
"id": "130140"
},
{
"db": "PACKETSTORM",
"id": "130481"
},
{
"db": "PACKETSTORM",
"id": "131356"
},
{
"db": "PACKETSTORM",
"id": "131149"
},
{
"db": "PACKETSTORM",
"id": "129680"
},
{
"db": "PACKETSTORM",
"id": "129693"
},
{
"db": "PACKETSTORM",
"id": "133517"
},
{
"db": "PACKETSTORM",
"id": "129683"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#852879",
"trust": 2.3
},
{
"db": "NVD",
"id": "CVE-2014-9295",
"trust": 2.2
},
{
"db": "BID",
"id": "71761",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSA-14-353-01",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "62209",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10103",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-14-353-01A",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10663",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-9295",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130481",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131356",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131149",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129680",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129693",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133517",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129683",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#852879"
},
{
"db": "VULMON",
"id": "CVE-2014-9295"
},
{
"db": "BID",
"id": "71761"
},
{
"db": "PACKETSTORM",
"id": "130140"
},
{
"db": "PACKETSTORM",
"id": "130481"
},
{
"db": "PACKETSTORM",
"id": "131356"
},
{
"db": "PACKETSTORM",
"id": "131149"
},
{
"db": "PACKETSTORM",
"id": "129680"
},
{
"db": "PACKETSTORM",
"id": "129693"
},
{
"db": "PACKETSTORM",
"id": "133517"
},
{
"db": "PACKETSTORM",
"id": "129683"
},
{
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"id": "VAR-201412-0613",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38031465624999994
},
"last_update_date": "2024-09-19T22:38:50.793000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: Important: ntp security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20142025 - Security Advisory"
},
{
"title": "Red Hat: Important: ntp security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150104 - Security Advisory"
},
{
"title": "Red Hat: Important: ntp security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20142024 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: ntp: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1bb105aaeb75e38cf89e5f63d6e49db9"
},
{
"title": "Red Hat: CVE-2014-9295",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-9295"
},
{
"title": "Ubuntu Security Notice: ntp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2449-1"
},
{
"title": "Debian Security Advisories: DSA-3108-1 ntp -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d5c63d464b27e49c6a53057fab75a16d"
},
{
"title": "Amazon Linux AMI: ALAS-2014-462",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-462"
},
{
"title": "Tenable Security Advisories: [R3] Tenable Appliance Affected by NTP Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-01"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for NTP Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=e9432b762bf2c2945bfb43af8d6842d5"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "osx-10.7-ntp",
"trust": 0.1,
"url": "https://github.com/opragel/osx-10.7-ntp "
},
{
"title": "ntp",
"trust": 0.1,
"url": "https://github.com/sous-chefs/ntp "
},
{
"title": "ntp",
"trust": 0.1,
"url": "https://github.com/chef-cookbooks/ntp "
},
{
"title": "LinuxFlaw",
"trust": 0.1,
"url": "https://github.com/mudongliang/LinuxFlaw "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-9295"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141222-ntpd"
},
{
"trust": 2.1,
"url": "http://support.ntp.org/bin/view/main/securitynotice"
},
{
"trust": 1.6,
"url": "http://lists.ntp.org/pipermail/announce/2014-december/000122.html"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/852879"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-2025.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0104.html"
},
{
"trust": 1.2,
"url": "http://advisories.mageia.org/mgasa-2014-0541.html"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-353-01"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht6601"
},
{
"trust": 1.1,
"url": "http://bk1.ntp.org/ntp-dev/?page=patch\u0026rev=548acf55dxkfhb6muyqwzu8edls97g"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176037"
},
{
"trust": 1.1,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2668"
},
{
"trust": 1.1,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2667"
},
{
"trust": 1.1,
"url": "http://bk1.ntp.org/ntp-dev/?page=patch\u0026rev=548acdf3tusfizxcv_x4b77jt_y-cg"
},
{
"trust": 1.1,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2669"
},
{
"trust": 1.1,
"url": "http://bk1.ntp.org/ntp-dev/?page=patch\u0026rev=548acc4dn1tbm1trjrbpca4yc1atda"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142469153211996\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142590659431171\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:003"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144182594518755\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142853370924302\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/71761"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04916783"
},
{
"trust": 1.1,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04790232"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10103"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/62209"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8"
},
{
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/support/accessrestrictions#section_6.5.2"
},
{
"trust": 0.8,
"url": "http://www.ntp.org/downloads.html"
},
{
"trust": 0.8,
"url": "http://www.ntp.org/ntpfaq/ntp-s-algo-crypt.htm"
},
{
"trust": 0.8,
"url": "http://googleprojectzero.blogspot.com/2015/01/finding-and-exploiting-ntpd.html"
},
{
"trust": 0.8,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15936.html"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-15:07.ntp.asc"
},
{
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2014-2024.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9294"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9295"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9293"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9296"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2014-9295"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_ntp"
},
{
"trust": 0.3,
"url": "http://www.ntp.org/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10663\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-408044.htm"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04574882"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101006439"
},
{
"trust": 0.3,
"url": "http://support.citrix.com/article/ctx200355"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/jan/att-97/esa-2015-004.txt"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:31.ntp.asc"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04582466"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04916783"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/sep/41"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04554677"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966675"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967791"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696755"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-353-01a"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory2.asc"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101006440"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022036"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1ssrvpoaix71security150210-1549"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097113"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022073"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696812"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020645"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097490"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005067"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/products/it/server/security/global/info/vulnerable/ntpd_cve-2014-9293.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.3,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9297"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-9294"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-9293"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9294"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9296"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9293"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9295"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2014:2025"
},
{
"trust": 0.1,
"url": "https://github.com/opragel/osx-10.7-ntp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-353-01-supplementa"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9296"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/sw"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hp.com/portal/site/hpsc?"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9297"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2015-0063.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9298"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9298"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5211"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#852879"
},
{
"db": "VULMON",
"id": "CVE-2014-9295"
},
{
"db": "BID",
"id": "71761"
},
{
"db": "PACKETSTORM",
"id": "130140"
},
{
"db": "PACKETSTORM",
"id": "130481"
},
{
"db": "PACKETSTORM",
"id": "131356"
},
{
"db": "PACKETSTORM",
"id": "131149"
},
{
"db": "PACKETSTORM",
"id": "129680"
},
{
"db": "PACKETSTORM",
"id": "129693"
},
{
"db": "PACKETSTORM",
"id": "133517"
},
{
"db": "PACKETSTORM",
"id": "129683"
},
{
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#852879"
},
{
"db": "VULMON",
"id": "CVE-2014-9295"
},
{
"db": "BID",
"id": "71761"
},
{
"db": "PACKETSTORM",
"id": "130140"
},
{
"db": "PACKETSTORM",
"id": "130481"
},
{
"db": "PACKETSTORM",
"id": "131356"
},
{
"db": "PACKETSTORM",
"id": "131149"
},
{
"db": "PACKETSTORM",
"id": "129680"
},
{
"db": "PACKETSTORM",
"id": "129693"
},
{
"db": "PACKETSTORM",
"id": "133517"
},
{
"db": "PACKETSTORM",
"id": "129683"
},
{
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-19T00:00:00",
"db": "CERT/CC",
"id": "VU#852879"
},
{
"date": "2014-12-20T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9295"
},
{
"date": "2014-12-19T00:00:00",
"db": "BID",
"id": "71761"
},
{
"date": "2015-01-29T06:07:22",
"db": "PACKETSTORM",
"id": "130140"
},
{
"date": "2015-02-19T19:22:00",
"db": "PACKETSTORM",
"id": "130481"
},
{
"date": "2015-04-09T16:21:15",
"db": "PACKETSTORM",
"id": "131356"
},
{
"date": "2015-03-30T21:48:37",
"db": "PACKETSTORM",
"id": "131149"
},
{
"date": "2014-12-22T17:15:01",
"db": "PACKETSTORM",
"id": "129680"
},
{
"date": "2014-12-23T15:41:03",
"db": "PACKETSTORM",
"id": "129693"
},
{
"date": "2015-09-10T00:10:00",
"db": "PACKETSTORM",
"id": "133517"
},
{
"date": "2014-12-22T17:15:48",
"db": "PACKETSTORM",
"id": "129683"
},
{
"date": "2014-12-20T02:59:02.693000",
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-27T00:00:00",
"db": "CERT/CC",
"id": "VU#852879"
},
{
"date": "2021-11-17T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9295"
},
{
"date": "2016-10-26T04:13:00",
"db": "BID",
"id": "71761"
},
{
"date": "2021-11-17T22:15:38.877000",
"db": "NVD",
"id": "CVE-2014-9295"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "71761"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)",
"sources": [
{
"db": "CERT/CC",
"id": "VU#852879"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "71761"
}
],
"trust": 0.3
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.