{"api_version":"1","generated_at":"2026-04-23T02:57:10+00:00","cve":"CVE-2009-3555","urls":{"html":"https://cve.report/CVE-2009-3555","api":"https://cve.report/api/cve/CVE-2009-3555.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2009-3555","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555"},"summary":{"title":"CVE-2009-3555","description":"The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.","state":"PUBLISHED","assigner":"redhat","published_at":"2009-11-09 17:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-295","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5.8","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://openbsd.org/errata45.html#010_openssl","name":"http://openbsd.org/errata45.html#010_openssl","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"OpenBSD 4.5 errata","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://clicky.me/tlsvuln","name":"http://clicky.me/tlsvuln","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"],"title":"URL shortener analytics and visitor tracking | clicky.me","mime":"application/pdf","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/0086","name":"http://www.vupen.com/english/advisories/2010/0086","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during","name":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Security","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/516397/100/0/threaded","name":"http://www.securityfocus.com/archive/1/516397/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:013","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Announcement: IBM Java 1.4.2 (SUSE-SA:","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.betanews.com/article/1257452450","name":"http://www.betanews.com/article/1257452450","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Indiscreet tweet trips awareness of Web SSL vulnerability | Security News - Betanews","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.links.org/?p=786","name":"http://www.links.org/?p=786","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Links » SSL MitM Attack, Part 2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/1191","name":"http://www.vupen.com/english/advisories/2010/1191","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023273","name":"http://www.securitytracker.com/id?1023273","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco ONS Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.apple.com/kb/HT4004","name":"http://support.apple.com/kb/HT4004","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About Security Update 2010-001","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.apple.com/kb/HT4170","name":"http://support.apple.com/kb/HT4170","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About the security content of Java for Mac OS X 10.5 Update 7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/1673","name":"http://www.vupen.com/english/advisories/2010/1673","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"#273350: Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects Applications Utilizing Network Security Services (NSS)","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 12 Update: java-1.6.0-openjdk-1.6.0.0-41.1.8.2.fc12","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html","name":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"],"title":"US-CERT Technical Cyber Security Alert TA10-222A -- Microsoft Updates for Multiple Vulnerabilities","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084","name":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Advisories | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/2010","name":"http://www.vupen.com/english/advisories/2010/2010","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.tombom.co.uk/blog/?p=85","name":"http://www.tombom.co.uk/blog/?p=85","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Thoughts on the TLS bug «  Chris Paget's Blog","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://secunia.com/advisories/44954","name":"http://secunia.com/advisories/44954","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Red Hat update for java-1.6.0-ibm - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.avaya.com/css/P8/documents/100081611","name":"http://support.avaya.com/css/P8/documents/100081611","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"ASA-2010-119 (RHSA-2010-0165)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E","name":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37383","name":"http://secunia.com/advisories/37383","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Slackware update for openssl - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/508075/100/0/threaded","name":"http://www.securityfocus.com/archive/1/508075/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/0848","name":"http://www.vupen.com/english/advisories/2010/0848","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2","name":"http://marc.info/?l=bugtraq&m=142660345230545&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBHF03293 rev.1 - HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 11 Update: tomcat-native-1.1.18-1.fc11","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/0982","name":"http://www.vupen.com/english/advisories/2010/0982","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:012","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39127","name":"http://secunia.com/advisories/39127","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Red Hat update for gnutls - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-200912-01.xml","name":"http://security.gentoo.org/glsa/glsa-200912-01.xml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Gentoo Linux Documentation\n--\n  OpenSSL: Multiple vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39628","name":"http://secunia.com/advisories/39628","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM WebSphere Application Server for z/OS Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html","name":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"VMware vCenter Server 4.1 Update 1 Release Notes","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2","name":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html","name":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Re: TLS renegotiation MITM","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39500","name":"http://secunia.com/advisories/39500","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM DB2 Data Manipulation and Buffer Overflow Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml","name":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability - Cisco Systems","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html","name":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"SOL10737 - SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html","name":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Oracle Critical Patch Update Pre-Release Announcement - October 2010","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3587","name":"http://www.vupen.com/english/advisories/2009/3587","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/2745","name":"http://www.vupen.com/english/advisories/2010/2745","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt","name":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"404 Not Found","mime":"text/plain","httpstatus":"404","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023214","name":"http://www.securitytracker.com/id?1023214","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Wireless Location Appliance Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 11 Update: openssl-0.9.8n-1.fc11","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://kbase.redhat.com/faq/docs/DOC-20491","name":"http://kbase.redhat.com/faq/docs/DOC-20491","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Red Hat Knowledgebase:  Is Red Hat affected by TLS renegotiation MITM attacks (CVE-2009-3555)?","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/507952/100/0/threaded","name":"http://www.securityfocus.com/archive/1/507952/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37320","name":"http://secunia.com/advisories/37320","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Citrix Secure Gateway TLS Session Renegotiation Plaintext Injection - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2011/dsa-2141","name":"http://www.debian.org/security/2011/dsa-2141","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-2141-1 openssl","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2","name":"http://marc.info/?l=bugtraq&m=130497311408250&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Ap' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39317","name":"http://secunia.com/advisories/39317","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"SUSE Update for Multiple Packages - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/515055/100/0/threaded","name":"http://www.securityfocus.com/archive/1/515055/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/38687","name":"http://secunia.com/advisories/38687","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Red Hat update for JBoss Enterprise Web Server - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0165.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247","name":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM PM12247: SHIP APAR FIXES FOR H28W610 FIX PACK 6.1.0.31. - United States","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2009/Nov/139","name":"http://seclists.org/fulldisclosure/2009/Nov/139","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"Full Disclosure: Re: SSL/TLS MiTM PoC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39461","name":"http://secunia.com/advisories/39461","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Fedora update for openssl - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0339.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0865.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Support | Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2","name":"http://marc.info/?l=bugtraq&m=127128920008563&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Inform' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-1010-1","name":"http://www.ubuntu.com/usn/USN-1010-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"USN-1010-1: OpenJDK vulnerabilities | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0768.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Support | Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2009/11/06/3","name":"http://www.openwall.com/lists/oss-security/2009/11/06/3","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - Re: CVE-2009-3555 for TLS renegotiation MITM attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/1054","name":"http://www.vupen.com/english/advisories/2010/1054","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125","name":"https://bugzilla.redhat.com/show_bug.cgi?id=533125","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"],"title":"Bug 533125 – CVE-2009-3555 TLS: MITM attacks via session renegotiation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt","name":"http://www.arubanetworks.com/support/alerts/aid-020810.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Nothing found for  Support Alerts Aid 020810 Txt","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"https://kb.bluecoat.com/index?page=content&id=SA50","name":"https://kb.bluecoat.com/index?page=content&id=SA50","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://secunia.com/advisories/42467","name":"http://secunia.com/advisories/42467","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About Secunia Research | Flexera","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://support.avaya.com/css/P8/documents/100070150","name":"http://support.avaya.com/css/P8/documents/100070150","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"ASA-2009-548","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023205","name":"http://www.securitytracker.com/id?1023205","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Application Control Engine Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0986.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37501","name":"http://secunia.com/advisories/37501","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"HP-UX update for OpenSSL - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/36935","name":"http://www.securityfocus.com/bid/36935","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory","VDB Entry"],"title":"Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/40070","name":"http://secunia.com/advisories/40070","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"OpenOffice.org Data Manipulation and Code Execution Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023211","name":"http://www.securitytracker.com/id?1023211","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Application Velocity System Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42724","name":"http://secunia.com/advisories/42724","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About Secunia Research | Flexera","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/3069","name":"http://www.vupen.com/english/advisories/2010/3069","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3521","name":"http://www.vupen.com/english/advisories/2009/3521","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 12 Update: nginx-0.7.64-1.fc12","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/1350","name":"http://www.vupen.com/english/advisories/2010/1350","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023215","name":"http://www.securitytracker.com/id?1023215","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco NX-OS Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 12 Update: tomcat-native-1.1.18-1.fc12","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39819","name":"http://secunia.com/advisories/39819","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Apple Mac OS X update for Java - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2","name":"http://marc.info/?l=bugtraq&m=127557596201693&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBUX02524 SSRT100089 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054","name":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM IC68054: SECURITY: TRANSPORT LAYER SECURITY (TLS) HANDSHAKE RENEGOTIATION WEAK SECURITY CVE-2009-3555 - United States","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html","name":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"VMSA-2011-0003","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/60521","name":"http://osvdb.org/60521","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/39243","name":"http://secunia.com/advisories/39243","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Mozilla SeaMonkey Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42379","name":"http://secunia.com/advisories/42379","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Vulnerability - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-44.1.9.1.fc14","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=cryptography&m=125752275331877&w=2","name":"http://marc.info/?l=cryptography&m=125752275331877&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'OpenSSL 0.9.8l released' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/65202","name":"http://osvdb.org/65202","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/37399","name":"http://secunia.com/advisories/37399","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"SUSE update for openssl - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html","name":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"APPLE-SA-2010-05-18-1 Java for Mac OS X 10.6 Update 2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023210","name":"http://www.securitytracker.com/id?1023210","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - CiscoWorks Common Services Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39713","name":"http://secunia.com/advisories/39713","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Avaya Products NSS TLS Session Renegotiation Vulnerability - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0155.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/60972","name":"http://osvdb.org/60972","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 13 Update: httpd-2.2.15-1.fc13","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023204","name":"http://www.securitytracker.com/id?1023204","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco ASA Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386","name":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM MS81: WebSphere MQ Internet Pass-Thru - United States","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39632","name":"http://secunia.com/advisories/39632","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Fedora update for httpd - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108","name":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM - Security Vulnerabilities and HIPER APARs fixed in DB2 for Linux, UNIX, and Windows Version 9.1 Fix Pack 9","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html","name":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Understanding the TLS Renegotiation Attack - Educated Guesswork","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html","name":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Announcement: openssl (SUSE-SA:2009:05","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39292","name":"http://secunia.com/advisories/39292","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Ubuntu update for openjdk-6 - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:019","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/41490","name":"http://secunia.com/advisories/41490","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"HP System Management Homepage Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://openbsd.org/errata46.html#004_openssl","name":"http://openbsd.org/errata46.html#004_openssl","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"OpenBSD 4.6 errata","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html","name":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"G-SEC - Blog: TLS / SSLv3 renegotiation vulnerability explained (Update #2)(","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312","name":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM - IBM HTTP Server interim fix for PM00675","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2009/dsa-1934","name":"http://www.debian.org/security/2009/dsa-1934","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-1934-1 apache2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023272","name":"http://www.securitytracker.com/id?1023272","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Unified SIP Phones Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/1793","name":"http://www.vupen.com/english/advisories/2010/1793","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c","name":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"404 Not Found","mime":"text/plain","httpstatus":"404","archivestatus":"200"},{"url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html","name":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"NEOHAPSIS - Peace of Mind Through Integrity and Insight","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1024789","name":"http://www.securitytracker.com/id?1024789","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - IBM WebSphere MQ Internet pass-thru Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 11 Update: httpd-2.2.15-1.fc11.1","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0807.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html","name":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"VMSA-2010-0019.3","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049","name":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Microsoft Security Bulletin MS10-049 - Critical | Microsoft Docs","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html","name":"http://www.redhat.com/support/errata/RHSA-2011-0880.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Support | Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html","name":"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"],"title":"CVE-2011-4745, CVE-2011-4746, CVE-2011-4747, CVE-2009-3555, CVE-2011-4748, CVE-2011-4749, XSS, Cross Site Scripting in psa v10.3.1_build1013110726.09 os_RedHat el6, Billing Manager, CWE-79, CAPEC-86, DORK, GHDB","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3354","name":"http://www.vupen.com/english/advisories/2009/3354","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/62210","name":"http://osvdb.org/62210","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/39136","name":"http://secunia.com/advisories/39136","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Mozilla Firefox Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-927-4","name":"http://www.ubuntu.com/usn/USN-927-4","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"USN-927-4: nss vulnerability | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2","name":"http://marc.info/?l=bugtraq&m=134254866602253&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JD' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/43308","name":"http://secunia.com/advisories/43308","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"VMware vCenter / ESX Server Update for Oracle (Sun) JRE - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html","name":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] openSUSE-SU-2011:0845-1: important: compat-openssl09","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/38781","name":"http://secunia.com/advisories/38781","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Red Hat update for java-1.5.0-ibm - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/44183","name":"http://secunia.com/advisories/44183","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"BlackBerry Enterprise Server Multiple Vulnerabilities - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt","name":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"text/x-diff","httpstatus":"404","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848","name":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM IC67848: SECURITY: TRANSPORT LAYER SECURITY (TLS) HANDSHAKE RENEGOTIATIONWEAK SECURITY CVE-2009-3555 - United States","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755","name":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"],"title":"545755 – Update Mozilla stable branches to NSS 3.12.6 and minimal support for RFC 5746","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1023148","name":"http://securitytracker.com/id?1023148","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco IOS Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.opera.com/docs/changelogs/unix/1060/","name":"http://www.opera.com/docs/changelogs/unix/1060/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Opera: Opera 10.60 (with Opera Widgets for Desktop) for UNIX changelog","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html","name":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-43.1.8.2.fc13","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/508130/100/0/threaded","name":"http://www.securityfocus.com/archive/1/508130/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 12 Update: httpd-2.2.14-1.fc12","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.opera.com/support/search/view/944/","name":"http://www.opera.com/support/search/view/944/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Advisory: TLS protocol vulnerable to Man In The Middle attack - Opera Knowledge Base","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.links.org/?p=780","name":"http://www.links.org/?p=780","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Links » Another Protocol Bites The Dust","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023206","name":"http://www.securitytracker.com/id?1023206","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - CiscoWorks Wireless LAN Solution Engine (WLSE)  Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023212","name":"http://www.securitytracker.com/id?1023212","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Telepresence Recording Server Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0987.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Support | Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37504","name":"http://secunia.com/advisories/37504","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About Secunia Research | Flexera","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/38484","name":"http://secunia.com/advisories/38484","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Aruba Mobility Controller TLS Session Renegotiation Plaintext Injection - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37291","name":"http://secunia.com/advisories/37291","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"OpenSSL TLS Session Renegotiation Plaintext Injection Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/41480","name":"http://secunia.com/advisories/41480","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"HP System Management Homepage Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 10 Update: nginx-0.7.64-1.fc10","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39278","name":"http://secunia.com/advisories/39278","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Ubuntu update for nss - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/41818","name":"http://secunia.com/advisories/41818","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Oracle Open Office Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/3086","name":"http://www.vupen.com/english/advisories/2010/3086","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0167.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html","name":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Oracle Java SE and Java for Business Critical Patch Update Advisory - October 2010","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 12 Update: nss-util-3.12.5-1.fc12.1","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37453","name":"http://secunia.com/advisories/37453","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Sun Solaris OpenSSL TLS Session Renegotiation Plaintext Injection Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.apple.com/kb/HT4171","name":"http://support.apple.com/kb/HT4171","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About the security content of Java for Mac OS X 10.6 Update 2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2009/11/05/3","name":"http://www.openwall.com/lists/oss-security/2009/11/05/3","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - CVE-2009-3555 for TLS renegotiation MITM attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0338.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://secunia.com/advisories/37675","name":"http://secunia.com/advisories/37675","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"F5 Products TLS Session Renegotiation Plaintext Injection Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:008","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0130.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3353","name":"http://www.vupen.com/english/advisories/2009/3353","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42816","name":"http://secunia.com/advisories/42816","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian update for apache2 - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"#273029: Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects OpenSSL","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html","name":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[TLS] MITM attack on delayed TLS-client auth through renegotiation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.links.org/?p=789","name":"http://www.links.org/?p=789","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Links » SSL MitM, Day 4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-201406-32.xml","name":"http://security.gentoo.org/glsa/glsa-201406-32.xml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Gentoo Linux Documentation\n--\n  IcedTea JDK: Multiple vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/40747","name":"http://secunia.com/advisories/40747","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Cisco Multiple Products TLS Session Renegotiation Plaintext Injection - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.avaya.com/css/P8/documents/100114327","name":"http://support.avaya.com/css/P8/documents/100114327","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"ASA-2010-308 (RHSA-2010-0768)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/41972","name":"http://secunia.com/advisories/41972","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Ubuntu update for openjdk - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023243","name":"http://www.securitytracker.com/id?1023243","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - OpenBSD Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0119.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://extendedsubset.com/?p=8","name":"http://extendedsubset.com/?p=8","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Extended Subset  » Blog Archive   » Authentication Gap in TLS Renegotiation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2011/0086","name":"http://www.vupen.com/english/advisories/2011/0086","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041","name":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"HPSBGN02562 SSRT090249 rev.1 - HP ProCurve Threat Management Services (TMS) zl Module J9155A and J9156A running TLS/SSL, Remote Unauthorized Data Injection, Denial of Service (DoS) - c02436041 - \r\n\t\tHP Business Support Center","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://extendedsubset.com/Renegotiating_TLS.pdf","name":"http://extendedsubset.com/Renegotiating_TLS.pdf","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Page not found - Thủ thuật nhà cái","mime":"application/pdf","httpstatus":"404","archivestatus":"200"},{"url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html","name":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"APPLE-SA-2010-01-19-1 Security Update 2010-001","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42733","name":"http://secunia.com/advisories/42733","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About Secunia Research | Flexera","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html","name":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"],"title":"US-CERT Technical Cyber Security Alert TA10-287A -- Oracle Updates for Multiple Vulnerabilities","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0786.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023217","name":"http://www.securitytracker.com/id?1023217","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Video Surveillance Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3313","name":"http://www.vupen.com/english/advisories/2009/3313","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3484","name":"http://www.vupen.com/english/advisories/2009/3484","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/522176","name":"http://www.securityfocus.com/archive/1/522176","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023209","name":"http://www.securitytracker.com/id?1023209","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Secure Access Control Server Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3220","name":"http://www.vupen.com/english/advisories/2009/3220","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/0994","name":"http://www.vupen.com/english/advisories/2010/0994","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2009/11/23/10","name":"http://www.openwall.com/lists/oss-security/2009/11/23/10","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - Re: CVEs for nginx","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023275","name":"http://www.securitytracker.com/id?1023275","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Security Agent Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/38056","name":"http://secunia.com/advisories/38056","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Zeus Web Server Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/38020","name":"http://secunia.com/advisories/38020","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Sun Java System Products TLS Session Renegotiation Plaintext Injection - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/40866","name":"http://secunia.com/advisories/40866","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"HP ProCurve Threat Management Services zl Module TLS/SSL Vulnerability - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E","name":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Apache Mail Archives","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES","name":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"text/plain","httpstatus":"-1","archivestatus":"200"},{"url":"http://secunia.com/advisories/40545","name":"http://secunia.com/advisories/40545","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"HP Systems Insight Manager Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://blogs.iss.net/archive/sslmitmiscsrf.html","name":"http://blogs.iss.net/archive/sslmitmiscsrf.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Frequency X Blog","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995","name":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.vupen.com/english/advisories/2010/0748","name":"http://www.vupen.com/english/advisories/2010/0748","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html","name":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"The Apache Tomcat Native - Miscellaneous Documentation -","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076","name":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Security Advisories | Mandriva Linux","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E","name":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Apache Mail Archives","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/0173","name":"http://www.vupen.com/english/advisories/2010/0173","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023270","name":"http://www.securitytracker.com/id?1023270","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Wide Area Application Services Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023426","name":"http://www.securitytracker.com/id?1023426","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Sun Java System Web Server Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689","name":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"],"title":"526689 – (CVE-2009-3555) SSL3 & TLS Renegotiation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/0916","name":"http://www.vupen.com/english/advisories/2010/0916","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2","name":"http://marc.info/?l=bugtraq&m=126150535619567&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data In' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023218","name":"http://www.securitytracker.com/id?1023218","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Content Services Switch Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 11 Update: nginx-0.7.64-1.fc11","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html","name":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[TLS] TLS renegotiation issue","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023224","name":"http://www.securitytracker.com/id?1023224","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Solaris Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/1639","name":"http://www.vupen.com/english/advisories/2010/1639","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42377","name":"http://secunia.com/advisories/42377","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Hitachi Products Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3310","name":"http://www.vupen.com/english/advisories/2009/3310","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023274","name":"http://www.securitytracker.com/id?1023274","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Unified Contact Center Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2011/0032","name":"http://www.vupen.com/english/advisories/2011/0032","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html","name":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"MFSA 2010-22: Update NSS to support TLS renegotiation indication","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ingate.com/Relnote.php?ver=481","name":"http://www.ingate.com/Relnote.php?ver=481","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Release notice for Ingate Firewall® 4.8.1 and Ingate SIParator® 4.8.1","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37640","name":"http://secunia.com/advisories/37640","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"ProFTPD TLS Session Renegotiation Plaintext Injection Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42811","name":"http://secunia.com/advisories/42811","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian update for openssl - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37604","name":"http://secunia.com/advisories/37604","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About Secunia Research | Flexera","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-201203-22.xml","name":"http://security.gentoo.org/glsa/glsa-201203-22.xml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Gentoo Linux Documentation\n--\n  nginx: Multiple vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:011","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2","name":"http://marc.info/?l=bugtraq&m=132077688910227&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBHF02706 SSRT100613 rev.1 - HP Integrated Lights-Out iLO2 and iLO3 running SS' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://ubuntu.com/usn/usn-923-1","name":"http://ubuntu.com/usn/usn-923-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"USN-923-1: OpenJDK vulnerabilities | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888","name":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Document Display | HPE Support Center","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://secunia.com/advisories/38241","name":"http://secunia.com/advisories/38241","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Apple Mac OS X Security Update Fixes Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/41967","name":"http://secunia.com/advisories/41967","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Red Hat update for java-1.5.0-ibm - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/3126","name":"http://www.vupen.com/english/advisories/2010/3126","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023208","name":"http://www.securitytracker.com/id?1023208","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Wireless LAN Controller Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openssl.org/news/secadv_20091111.txt","name":"http://www.openssl.org/news/secadv_20091111.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/38003","name":"http://secunia.com/advisories/38003","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Avaya Products TLS Session Renegotiation Plaintext Injection Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023219","name":"http://www.securitytracker.com/id?1023219","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Content Switching Module Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-927-1","name":"http://www.ubuntu.com/usn/USN-927-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"USN-927-1: NSS vulnerability | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3165","name":"http://www.vupen.com/english/advisories/2009/3165","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","name":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2010:024","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.avaya.com/css/P8/documents/100114315","name":"http://support.avaya.com/css/P8/documents/100114315","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"ASA-2010-307 (RHSA-2010-0770)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686","name":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS) - c01945686 - \r\n\t\tHP Business Support Center","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://secunia.com/advisories/48577","name":"http://secunia.com/advisories/48577","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"About Secunia Research | Flexera","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089","name":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Advisories | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37859","name":"http://secunia.com/advisories/37859","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Fedora update for tomcat-native - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2","name":"http://marc.info/?l=bugtraq&m=133469267822771&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CS' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html","name":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"The Secure Goose: TLS renegotiation vulnerability  (CVE-2009-3555)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023427","name":"http://www.securitytracker.com/id?1023427","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Sun Java System Web Proxy Server Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/39242","name":"http://secunia.com/advisories/39242","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Mozilla Thunderbird Multiple Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023271","name":"http://www.securitytracker.com/id?1023271","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Application Networking Manager Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E","name":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.citrix.com/article/CTX123359","name":"http://support.citrix.com/article/CTX123359","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"CTX123359 - Transport Layer Security Renegotiation Vulnerability - Citrix Knowledge Center","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023411","name":"http://www.securitytracker.com/id?1023411","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Red Hat JBoss Enterprise Web Server Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/0933","name":"http://www.vupen.com/english/advisories/2010/0933","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2011/0033","name":"http://www.vupen.com/english/advisories/2011/0033","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155","name":"http://wiki.rpath.com/Advisories:rPSA-2009-0155","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Advisories:rPSA-2009-0155 - rPath Wiki","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055","name":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM IC68055: SECURITY: TRANSPORT LAYER SECURITY (TLS) HANDSHAKE RENEGOTIATION WEAK SECURITY CVE-2009-3555 - United States","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/42808","name":"http://secunia.com/advisories/42808","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian update for nss - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 10 Update: httpd-2.2.14-1.fc10","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2010/1107","name":"http://www.vupen.com/english/advisories/2010/1107","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2009/11/05/5","name":"http://www.openwall.com/lists/oss-security/2009/11/05/5","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - Re: CVE-2009-3555 for TLS renegotiation MITM attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html","name":"http://www.openoffice.org/security/cves/CVE-2009-3555.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"CVE-2009-3555","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023213","name":"http://www.securitytracker.com/id?1023213","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Digital Media Media Player and Digital Media Manager Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023207","name":"http://www.securitytracker.com/id?1023207","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Wireless Control System Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446","name":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"The Slackware Linux Project: Slackware Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2009/11/07/3","name":"http://www.openwall.com/lists/oss-security/2009/11/07/3","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM\n attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0770.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2","name":"http://marc.info/?l=bugtraq&m=127419602507642&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"'[security bulletin] HPSBMA02534 SSRT090180 rev.1 - HP System Management Homepage (SMH) for Linux and' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released","name":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"ZWS 4.3r5 released (News)","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/120541","name":"http://www.kb.cert.org/vuls/id/120541","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"],"title":"US-CERT Vulnerability Note VU#120541","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37292","name":"http://secunia.com/advisories/37292","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"GnuTLS TLS Session Renegotiation Plaintext Injection Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html","name":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"[security-announce] SUSE-SU-2011:0847-1: important: Security update for","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37656","name":"http://secunia.com/advisories/37656","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"F5 Products TLS Session Renegotiation Plaintext Injection Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3164","name":"http://www.vupen.com/english/advisories/2009/3164","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0337.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.securitytracker.com/id?1023216","name":"http://www.securitytracker.com/id?1023216","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Cisco Firewall Services Module Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html","name":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Cosminexusにおける複数の脆弱性：ソフトウェア製品セキュリティ情報：ソフトウェア：日立","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023428","name":"http://www.securitytracker.com/id?1023428","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Sun GlassFish Enterprise Server/Sun Java Application Server SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751","name":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"#274990: Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2009/11/20/1","name":"http://www.openwall.com/lists/oss-security/2009/11/20/1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - CVEs for nginx","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only","name":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM Search results - United States","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298","name":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"IBM - Security Vulnerabilities and HIPER APARs fixed in DB2 for Linux, UNIX, and Windows Version 9.7 Fix Pack 2","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html","name":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"cpuapr2011","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2015/dsa-3253","name":"http://www.debian.org/security/2015/dsa-3253","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-3253-1 pound","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html","name":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"APPLE-SA-2010-05-18-2 Java for Mac OS X 10.5 Update 7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3205","name":"http://www.vupen.com/english/advisories/2009/3205","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023163","name":"http://www.securitytracker.com/id?1023163","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Citrix Products Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-927-5","name":"http://www.ubuntu.com/usn/USN-927-5","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"USN-927-5: nspr update | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2009:1579","name":"MISC:https://access.redhat.com/errata/RHSA-2009:1579","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2009:1580","name":"MISC:https://access.redhat.com/errata/RHSA-2009:1580","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2009:1694","name":"MISC:https://access.redhat.com/errata/RHSA-2009:1694","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0011","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0011","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0119","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0119","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0130","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0130","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0155","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0155","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2010:0162","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0162","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0163","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0163","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0164","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0164","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0165","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0165","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0166","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0166","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0167","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0167","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0337","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0337","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0338","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0338","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0339","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0339","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0408","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0408","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0440","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0440","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0768","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0768","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0770","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0770","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0786","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0786","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0807","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0807","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0865","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0865","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0986","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0986","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2010:0987","name":"MISC:https://access.redhat.com/errata/RHSA-2010:0987","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2011:0880","name":"MISC:https://access.redhat.com/errata/RHSA-2011:0880","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2015:1591","name":"MISC:https://access.redhat.com/errata/RHSA-2015:1591","refsource":"MITRE","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2009-3555","name":"MISC:https://access.redhat.com/security/cve/CVE-2009-3555","refsource":"MITRE","tags":[],"title":"access.redhat.com | CVE-2009-3555","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E","name":"MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/","refsource":"MITRE","tags":[],"title":"Apache Mail Archives","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E","name":"MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/","refsource":"MITRE","tags":[],"title":"Apache Mail Archives","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E","name":"MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/","refsource":"MITRE","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E","name":"MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/","refsource":"MITRE","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2009-3555","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"2.2.14","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"http_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"10.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"10.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"8.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"8.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"9.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"9.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"0.8.22","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"2.8.5","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnu","cpe5":"gnutls","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"3.12.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mozilla","cpe5":"nss","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openssl","cpe5":"openssl","cpe6":"1.0","cpe7":"*","cpe8":"openvms","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"3555","vulnerable":"1","versionEndIncluding":"0.9.8k","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openssl","cpe5":"openssl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[{"cvename":"CVE-2009-3555","organization":"Red Hat","lastmodified":"2009-11-20","contributor":"Tomas Hoger","statementText":"Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3555 Additional information can be found in the Red Hat Knowledgebase article: http://kbase.redhat.com/faq/docs/DOC-20491","cve_year":"2009","cve_id":"3555","crc32":"a08ad32d"}],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2009-3555","qid":"390279","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for nss (OVMSA-2023-0014)"},{"cve":"CVE-2009-3555","qid":"390284","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for Open Secure Sockets Layer (OpenSSL) (OVMSA-2023-0013)"},{"cve":"CVE-2009-3555","qid":"591186","title":"Mitsubishi Electric Air Conditioning Systems Multiple Vulnerabilities (ICSA-22-160-01)"},{"cve":"CVE-2009-3555","qid":"997471","title":"Java (Maven) Security Update for org.apache.tomcat:tomcat (GHSA-f7w7-6pjc-wwm6)"}]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T06:31:10.430Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"APPLE-SA-2010-05-18-1","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"},{"name":"1023427","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023427"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.avaya.com/css/P8/documents/100081611"},{"name":"62210","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/62210"},{"name":"37640","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37640"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt"},{"name":"ADV-2010-0916","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0916"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.avaya.com/css/P8/documents/100114327"},{"name":"RHSA-2010:0167","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html"},{"name":"ADV-2010-2010","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/2010"},{"name":"FEDORA-2009-12750","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html"},{"name":"ADV-2010-0086","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0086"},{"name":"ADV-2010-1673","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1673"},{"name":"[tls] 20091104 TLS renegotiation issue","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"},{"name":"37656","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37656"},{"name":"RHSA-2010:0865","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html"},{"name":"39628","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39628"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"},{"name":"42724","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42724"},{"name":"ADV-2009-3310","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3310"},{"name":"ADV-2009-3205","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3205"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"},{"name":"39461","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39461"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.avaya.com/css/P8/documents/100114315"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c"},{"name":"GLSA-201406-32","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://security.gentoo.org/glsa/glsa-201406-32.xml"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.ingate.com/Relnote.php?ver=481"},{"name":"1023204","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023204"},{"name":"40866","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/40866"},{"name":"HPSBMU02799","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2"},{"name":"TA10-222A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"name":"1023211","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023211"},{"name":"SSRT090249","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"},{"name":"39317","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39317"},{"name":"1023212","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023212"},{"name":"SUSE-SA:2010:061","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"},{"name":"39127","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39127"},{"name":"40545","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/40545"},{"name":"ADV-2010-3069","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/3069"},{"name":"[4.5] 010: SECURITY FIX: November 26, 2009","tags":["vendor-advisory","x_refsource_OPENBSD","x_transferred"],"url":"http://openbsd.org/errata45.html#010_openssl"},{"name":"1023210","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023210"},{"name":"1023270","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023270"},{"name":"40070","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/40070"},{"name":"1023273","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023273"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://kbase.redhat.com/faq/docs/DOC-20491"},{"name":"USN-927-5","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-927-5"},{"name":"PM12247","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"},{"name":"SUSE-SU-2011:0847","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"},{"name":"MDVSA-2010:089","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"},{"name":"RHSA-2010:0770","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.openssl.org/news/secadv_20091111.txt"},{"name":"1023275","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023275"},{"name":"DSA-3253","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2015/dsa-3253"},{"name":"ADV-2009-3484","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3484"},{"name":"1023207","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023207"},{"name":"37859","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37859"},{"name":"SSRT101846","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"name":"1021752","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"},{"name":"FEDORA-2010-6131","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"},{"name":"ADV-2010-0848","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0848"},{"name":"[oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/07/3"},{"name":"39819","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39819"},{"name":"IC68055","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.links.org/?p=786"},{"name":"60521","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/60521"},{"name":"[oss-security] 20091123 Re: CVEs for nginx","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/23/10"},{"name":"VU#120541","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/120541"},{"name":"1023217","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023217"},{"name":"RHSA-2010:0768","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html"},{"name":"ADV-2009-3353","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3353"},{"name":"FEDORA-2010-5357","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"},{"name":"39136","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39136"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html"},{"name":"ADV-2011-0032","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2011/0032"},{"name":"1023148","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1023148"},{"name":"openSUSE-SU-2011:0845","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"},{"name":"36935","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/36935"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.tombom.co.uk/blog/?p=85"},{"name":"SSRT090208","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"name":"ADV-2010-1107","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1107"},{"name":"1023218","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023218"},{"name":"ADV-2010-1350","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1350"},{"name":"RHSA-2010:0338","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html"},{"name":"42379","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42379"},{"name":"FEDORA-2009-12775","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html"},{"name":"20091109 Transport Layer Security Renegotiation Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml"},{"name":"IC67848","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848"},{"name":"1023213","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023213"},{"name":"FEDORA-2010-16240","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"},{"name":"ADV-2010-1793","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1793"},{"name":"oval:org.mitre.oval:def:11617","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://extendedsubset.com/?p=8"},{"name":"37292","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37292"},{"name":"SSRT100817","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.securityfocus.com/archive/1/522176"},{"name":"tls-renegotiation-weak-security(54158)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"},{"name":"APPLE-SA-2010-05-18-2","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"},{"name":"39278","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39278"},{"name":"1023205","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023205"},{"name":"RHSA-2010:0130","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html"},{"name":"HPSBUX02482","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"},{"name":"HPSBHF03293","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.apple.com/kb/HT4004"},{"name":"1023215","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023215"},{"name":"USN-1010-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1010-1"},{"name":"1023206","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023206"},{"name":"SUSE-SR:2010:011","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"},{"name":"GLSA-200912-01","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://security.gentoo.org/glsa/glsa-200912-01.xml"},{"name":"SSRT090180","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2"},{"name":"ADV-2009-3313","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3313"},{"name":"274990","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"},{"name":"1023208","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023208"},{"name":"43308","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/43308"},{"name":"1023214","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023214"},{"name":"SUSE-SA:2009:057","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"},{"name":"38781","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38781"},{"name":"HPSBOV02762","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2"},{"name":"HPSBMA02534","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2"},{"name":"DSA-1934","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2009/dsa-1934"},{"name":"FEDORA-2009-12782","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html"},{"name":"oval:org.mitre.oval:def:7478","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478"},{"name":"1023271","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023271"},{"name":"APPLE-SA-2010-01-19-1","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"},{"name":"[cryptography] 20091105 OpenSSL 0.9.8l released","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://marc.info/?l=cryptography&m=125752275331877&w=2"},{"name":"42467","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42467"},{"name":"20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/508130/100/0/threaded"},{"name":"oval:org.mitre.oval:def:7315","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315"},{"name":"1023224","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023224"},{"name":"SUSE-SR:2010:013","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"name":"USN-927-4","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-927-4"},{"name":"41490","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/41490"},{"name":"20091124 rPSA-2009-0155-1 httpd mod_ssl","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/508075/100/0/threaded"},{"name":"1023243","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023243"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"},{"name":"37504","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37504"},{"name":"1023219","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023219"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html"},{"name":"1023163","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023163"},{"name":"HPSBHF02706","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2"},{"name":"ADV-2009-3521","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3521"},{"name":"oval:org.mitre.oval:def:7973","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973"},{"name":"HPSBMA02568","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125"},{"name":"oval:org.mitre.oval:def:10088","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088"},{"name":"44183","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/44183"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"},{"name":"42808","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42808"},{"name":"39500","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39500"},{"name":"oval:org.mitre.oval:def:11578","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"},{"name":"ADV-2009-3220","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3220"},{"name":"SSRT100179","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"},{"name":"SSRT100089","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2"},{"name":"RHSA-2010:0165","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html"},{"name":"20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/515055/100/0/threaded"},{"name":"RHSA-2010:0987","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://blogs.iss.net/archive/sslmitmiscsrf.html"},{"name":"1023411","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023411"},{"name":"RHSA-2010:0339","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html"},{"name":"RHSA-2010:0986","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html"},{"name":"ADV-2009-3164","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3164"},{"name":"37383","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37383"},{"name":"FEDORA-2009-12229","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"},{"name":"44954","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/44954"},{"name":"[tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"},{"name":"HPSBUX02524","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.avaya.com/css/P8/documents/100070150"},{"name":"40747","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/40747"},{"name":"HPSBUX02498","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2"},{"name":"HPSBMU02759","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.securityfocus.com/archive/1/522176"},{"name":"39292","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39292"},{"name":"42816","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42816"},{"name":"IC68054","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054"},{"name":"273029","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"},{"name":"FEDORA-2009-12604","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://extendedsubset.com/Renegotiating_TLS.pdf"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.apple.com/kb/HT4170"},{"name":"20091118 TLS / SSLv3 vulnerability explained (DRAFT)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/507952/100/0/threaded"},{"name":"1023209","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023209"},{"name":"PM00675","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"},{"name":"HPSBOV02683","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"name":"48577","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48577"},{"name":"SSA:2009-320-01","tags":["vendor-advisory","x_refsource_SLACKWARE","x_transferred"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.links.org/?p=789"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.opera.com/docs/changelogs/unix/1060/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"},{"name":"RHSA-2011:0880","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html"},{"name":"SUSE-SR:2010:008","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"},{"name":"[oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/06/3"},{"name":"FEDORA-2009-12305","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155"},{"name":"SUSE-SR:2010:012","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.citrix.com/article/CTX123359"},{"name":"37501","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37501"},{"name":"MDVSA-2010:076","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"},{"name":"HPSBUX02517","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2"},{"name":"ADV-2009-3587","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3587"},{"name":"39632","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39632"},{"name":"SSRT090264","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2"},{"name":"38687","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38687"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689"},{"name":"MS10-049","tags":["vendor-advisory","x_refsource_MS","x_transferred"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"},{"name":"ADV-2010-0982","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0982"},{"name":"SSRT100825","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2"},{"name":"37399","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37399"},{"name":"USN-927-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-927-1"},{"name":"1023272","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023272"},{"name":"FEDORA-2009-12606","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"},{"name":"ADV-2010-3126","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/3126"},{"name":"37320","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37320"},{"name":"ADV-2009-3165","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3165"},{"name":"ADV-2010-1639","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1639"},{"name":"38020","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38020"},{"name":"USN-923-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://ubuntu.com/usn/usn-923-1"},{"name":"39243","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39243"},{"name":"oval:org.mitre.oval:def:8366","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366"},{"name":"37453","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37453"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"},{"name":"ADV-2010-0933","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0933"},{"name":"SSRT100219","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html"},{"name":"41972","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/41972"},{"name":"ADV-2010-3086","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/3086"},{"name":"DSA-2141","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2011/dsa-2141"},{"name":"1024789","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1024789"},{"name":"RHSA-2010:0155","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"},{"name":"ADV-2011-0033","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2011/0033"},{"name":"RHSA-2010:0337","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html"},{"name":"1023216","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023216"},{"name":"41480","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/41480"},{"name":"ADV-2011-0086","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2011/0086"},{"name":"41818","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/41818"},{"name":"37604","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37604"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.opera.com/support/search/view/944/"},{"name":"[announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2"},{"name":"SUSE-SR:2010:024","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"},{"name":"TA10-287A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.links.org/?p=780"},{"name":"RHSA-2010:0119","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html"},{"name":"38056","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38056"},{"name":"ADV-2010-0748","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0748"},{"name":"37675","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37675"},{"name":"oval:org.mitre.oval:def:8535","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535"},{"name":"HPSBMA02547","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"},{"name":"SSRT100058","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html"},{"name":"RHSA-2010:0786","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"},{"name":"38003","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38003"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.apple.com/kb/HT4171"},{"name":"1023428","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023428"},{"name":"SSRT100613","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2"},{"name":"[oss-security] 20091120 CVEs for nginx","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/20/1"},{"name":"ADV-2009-3354","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3354"},{"name":"1023274","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023274"},{"name":"FEDORA-2009-12968","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html"},{"name":"39242","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39242"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"name":"38241","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38241"},{"name":"42377","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42377"},{"name":"GLSA-201203-22","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://security.gentoo.org/glsa/glsa-201203-22.xml"},{"name":"[oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/3"},{"name":"SUSE-SR:2010:019","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"name":"60972","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/60972"},{"name":"1023426","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023426"},{"name":"38484","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/38484"},{"name":"MDVSA-2010:084","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.betanews.com/article/1257452450"},{"name":"1021653","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"},{"name":"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/516397/100/0/threaded"},{"name":"[4.6] 004: SECURITY FIX: November 26, 2009","tags":["vendor-advisory","x_refsource_OPENBSD","x_transferred"],"url":"http://openbsd.org/errata46.html#004_openssl"},{"name":"41967","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/41967"},{"name":"RHSA-2010:0807","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html"},{"name":"ADV-2010-1191","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1191"},{"name":"20091111 Re: SSL/TLS MiTM PoC","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2009/Nov/139"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"},{"name":"[oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/5"},{"name":"39713","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39713"},{"name":"42733","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42733"},{"name":"37291","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37291"},{"name":"FEDORA-2010-16312","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"},{"name":"FEDORA-2010-5942","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"},{"name":"ADV-2010-2745","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/2745"},{"name":"273350","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"},{"name":"ADV-2010-0994","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0994"},{"name":"ADV-2010-0173","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/0173"},{"name":"ADV-2010-1054","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1054"},{"name":"65202","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/65202"},{"name":"HPSBGN02562","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041"},{"name":"FEDORA-2010-16294","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"},{"name":"[gnutls-devel] 20091105 Re: TLS renegotiation MITM","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"},{"name":"20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://clicky.me/tlsvuln"},{"name":"42811","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/42811"},{"name":"[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"},{"name":"[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"},{"name":"[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"},{"name":"[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2009-11-04T00:00:00.000Z","descriptions":[{"lang":"en","value":"The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-02-13T16:08:08.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"APPLE-SA-2010-05-18-1","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"},{"name":"1023427","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023427"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.avaya.com/css/P8/documents/100081611"},{"name":"62210","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/62210"},{"name":"37640","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37640"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt"},{"name":"ADV-2010-0916","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0916"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.avaya.com/css/P8/documents/100114327"},{"name":"RHSA-2010:0167","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html"},{"name":"ADV-2010-2010","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/2010"},{"name":"FEDORA-2009-12750","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html"},{"name":"ADV-2010-0086","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0086"},{"name":"ADV-2010-1673","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1673"},{"name":"[tls] 20091104 TLS renegotiation issue","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"},{"name":"37656","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37656"},{"name":"RHSA-2010:0865","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html"},{"name":"39628","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39628"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"},{"name":"42724","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42724"},{"name":"ADV-2009-3310","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3310"},{"name":"ADV-2009-3205","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3205"},{"tags":["x_refsource_CONFIRM"],"url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"},{"name":"39461","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39461"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.avaya.com/css/P8/documents/100114315"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c"},{"name":"GLSA-201406-32","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://security.gentoo.org/glsa/glsa-201406-32.xml"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.ingate.com/Relnote.php?ver=481"},{"name":"1023204","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023204"},{"name":"40866","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/40866"},{"name":"HPSBMU02799","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2"},{"name":"TA10-222A","tags":["third-party-advisory","x_refsource_CERT"],"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"name":"1023211","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023211"},{"name":"SSRT090249","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"},{"name":"39317","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39317"},{"name":"1023212","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023212"},{"name":"SUSE-SA:2010:061","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"},{"name":"39127","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39127"},{"name":"40545","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/40545"},{"name":"ADV-2010-3069","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/3069"},{"name":"[4.5] 010: SECURITY FIX: November 26, 2009","tags":["vendor-advisory","x_refsource_OPENBSD"],"url":"http://openbsd.org/errata45.html#010_openssl"},{"name":"1023210","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023210"},{"name":"1023270","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023270"},{"name":"40070","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/40070"},{"name":"1023273","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023273"},{"tags":["x_refsource_CONFIRM"],"url":"http://kbase.redhat.com/faq/docs/DOC-20491"},{"name":"USN-927-5","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-927-5"},{"name":"PM12247","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"},{"name":"SUSE-SU-2011:0847","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"},{"name":"MDVSA-2010:089","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"},{"name":"RHSA-2010:0770","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.openssl.org/news/secadv_20091111.txt"},{"name":"1023275","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023275"},{"name":"DSA-3253","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2015/dsa-3253"},{"name":"ADV-2009-3484","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3484"},{"name":"1023207","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023207"},{"name":"37859","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37859"},{"name":"SSRT101846","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"name":"1021752","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"},{"name":"FEDORA-2010-6131","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"},{"name":"ADV-2010-0848","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0848"},{"name":"[oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/07/3"},{"name":"39819","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39819"},{"name":"IC68055","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055"},{"tags":["x_refsource_MISC"],"url":"http://www.links.org/?p=786"},{"name":"60521","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/60521"},{"name":"[oss-security] 20091123 Re: CVEs for nginx","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/23/10"},{"name":"VU#120541","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/120541"},{"name":"1023217","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023217"},{"name":"RHSA-2010:0768","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html"},{"name":"ADV-2009-3353","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3353"},{"name":"FEDORA-2010-5357","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"},{"name":"39136","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39136"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html"},{"name":"ADV-2011-0032","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2011/0032"},{"name":"1023148","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1023148"},{"name":"openSUSE-SU-2011:0845","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"},{"name":"36935","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/36935"},{"tags":["x_refsource_MISC"],"url":"http://www.tombom.co.uk/blog/?p=85"},{"name":"SSRT090208","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"name":"ADV-2010-1107","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1107"},{"name":"1023218","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023218"},{"name":"ADV-2010-1350","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1350"},{"name":"RHSA-2010:0338","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html"},{"name":"42379","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42379"},{"name":"FEDORA-2009-12775","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html"},{"name":"20091109 Transport Layer Security Renegotiation Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml"},{"name":"IC67848","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848"},{"name":"1023213","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023213"},{"name":"FEDORA-2010-16240","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"},{"name":"ADV-2010-1793","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1793"},{"name":"oval:org.mitre.oval:def:11617","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617"},{"tags":["x_refsource_MISC"],"url":"http://extendedsubset.com/?p=8"},{"name":"37292","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37292"},{"name":"SSRT100817","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.securityfocus.com/archive/1/522176"},{"name":"tls-renegotiation-weak-security(54158)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"},{"name":"APPLE-SA-2010-05-18-2","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"},{"name":"39278","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39278"},{"name":"1023205","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023205"},{"name":"RHSA-2010:0130","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html"},{"name":"HPSBUX02482","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"},{"name":"HPSBHF03293","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"tags":["x_refsource_CONFIRM"],"url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.apple.com/kb/HT4004"},{"name":"1023215","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023215"},{"name":"USN-1010-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1010-1"},{"name":"1023206","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023206"},{"name":"SUSE-SR:2010:011","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"},{"name":"GLSA-200912-01","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://security.gentoo.org/glsa/glsa-200912-01.xml"},{"name":"SSRT090180","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2"},{"name":"ADV-2009-3313","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3313"},{"name":"274990","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"},{"name":"1023208","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023208"},{"name":"43308","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/43308"},{"name":"1023214","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023214"},{"name":"SUSE-SA:2009:057","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"},{"name":"38781","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38781"},{"name":"HPSBOV02762","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2"},{"name":"HPSBMA02534","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2"},{"name":"DSA-1934","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2009/dsa-1934"},{"name":"FEDORA-2009-12782","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html"},{"name":"oval:org.mitre.oval:def:7478","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478"},{"name":"1023271","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023271"},{"name":"APPLE-SA-2010-01-19-1","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"},{"name":"[cryptography] 20091105 OpenSSL 0.9.8l released","tags":["mailing-list","x_refsource_MLIST"],"url":"http://marc.info/?l=cryptography&m=125752275331877&w=2"},{"name":"42467","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42467"},{"name":"20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/508130/100/0/threaded"},{"name":"oval:org.mitre.oval:def:7315","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315"},{"name":"1023224","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023224"},{"name":"SUSE-SR:2010:013","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"name":"USN-927-4","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-927-4"},{"name":"41490","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/41490"},{"name":"20091124 rPSA-2009-0155-1 httpd mod_ssl","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/508075/100/0/threaded"},{"name":"1023243","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023243"},{"tags":["x_refsource_MISC"],"url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"},{"name":"37504","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37504"},{"name":"1023219","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023219"},{"tags":["x_refsource_CONFIRM"],"url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt"},{"tags":["x_refsource_MISC"],"url":"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html"},{"name":"1023163","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023163"},{"name":"HPSBHF02706","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2"},{"name":"ADV-2009-3521","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3521"},{"name":"oval:org.mitre.oval:def:7973","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973"},{"name":"HPSBMA02568","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125"},{"name":"oval:org.mitre.oval:def:10088","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088"},{"name":"44183","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/44183"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"},{"name":"42808","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42808"},{"name":"39500","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39500"},{"name":"oval:org.mitre.oval:def:11578","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"},{"name":"ADV-2009-3220","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3220"},{"name":"SSRT100179","tags":["vendor-advisory","x_refsource_HP"],"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"},{"name":"SSRT100089","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2"},{"name":"RHSA-2010:0165","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html"},{"name":"20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/515055/100/0/threaded"},{"name":"RHSA-2010:0987","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755"},{"tags":["x_refsource_CONFIRM"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108"},{"tags":["x_refsource_MISC"],"url":"http://blogs.iss.net/archive/sslmitmiscsrf.html"},{"name":"1023411","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023411"},{"name":"RHSA-2010:0339","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html"},{"name":"RHSA-2010:0986","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html"},{"name":"ADV-2009-3164","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3164"},{"name":"37383","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37383"},{"name":"FEDORA-2009-12229","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"},{"name":"44954","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/44954"},{"name":"[tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"},{"name":"HPSBUX02524","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.avaya.com/css/P8/documents/100070150"},{"name":"40747","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/40747"},{"name":"HPSBUX02498","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2"},{"name":"HPSBMU02759","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.securityfocus.com/archive/1/522176"},{"name":"39292","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39292"},{"name":"42816","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42816"},{"name":"IC68054","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054"},{"name":"273029","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"},{"name":"FEDORA-2009-12604","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298"},{"tags":["x_refsource_MISC"],"url":"http://extendedsubset.com/Renegotiating_TLS.pdf"},{"tags":["x_refsource_CONFIRM"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312"},{"tags":["x_refsource_CONFIRM"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.apple.com/kb/HT4170"},{"name":"20091118 TLS / SSLv3 vulnerability explained (DRAFT)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/507952/100/0/threaded"},{"name":"1023209","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023209"},{"name":"PM00675","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"},{"name":"HPSBOV02683","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"name":"48577","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48577"},{"name":"SSA:2009-320-01","tags":["vendor-advisory","x_refsource_SLACKWARE"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446"},{"tags":["x_refsource_MISC"],"url":"http://www.links.org/?p=789"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.opera.com/docs/changelogs/unix/1060/"},{"tags":["x_refsource_MISC"],"url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"},{"name":"RHSA-2011:0880","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html"},{"name":"SUSE-SR:2010:008","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"},{"name":"[oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/06/3"},{"name":"FEDORA-2009-12305","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155"},{"name":"SUSE-SR:2010:012","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.citrix.com/article/CTX123359"},{"name":"37501","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37501"},{"name":"MDVSA-2010:076","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"},{"name":"HPSBUX02517","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2"},{"name":"ADV-2009-3587","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3587"},{"name":"39632","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39632"},{"name":"SSRT090264","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2"},{"name":"38687","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38687"},{"tags":["x_refsource_MISC"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689"},{"name":"MS10-049","tags":["vendor-advisory","x_refsource_MS"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"},{"name":"ADV-2010-0982","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0982"},{"name":"SSRT100825","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2"},{"name":"37399","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37399"},{"name":"USN-927-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-927-1"},{"name":"1023272","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023272"},{"name":"FEDORA-2009-12606","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"},{"name":"ADV-2010-3126","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/3126"},{"name":"37320","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37320"},{"name":"ADV-2009-3165","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3165"},{"name":"ADV-2010-1639","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1639"},{"name":"38020","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38020"},{"name":"USN-923-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://ubuntu.com/usn/usn-923-1"},{"name":"39243","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39243"},{"name":"oval:org.mitre.oval:def:8366","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366"},{"name":"37453","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37453"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"},{"name":"ADV-2010-0933","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0933"},{"name":"SSRT100219","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html"},{"name":"41972","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/41972"},{"name":"ADV-2010-3086","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/3086"},{"name":"DSA-2141","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2011/dsa-2141"},{"name":"1024789","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1024789"},{"name":"RHSA-2010:0155","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html"},{"tags":["x_refsource_MISC"],"url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"},{"name":"ADV-2011-0033","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2011/0033"},{"name":"RHSA-2010:0337","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html"},{"name":"1023216","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023216"},{"name":"41480","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/41480"},{"name":"ADV-2011-0086","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2011/0086"},{"name":"41818","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/41818"},{"name":"37604","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37604"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.opera.com/support/search/view/944/"},{"name":"[announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation","tags":["mailing-list","x_refsource_MLIST"],"url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2"},{"name":"SUSE-SR:2010:024","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"},{"name":"TA10-287A","tags":["third-party-advisory","x_refsource_CERT"],"url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html"},{"tags":["x_refsource_MISC"],"url":"http://www.links.org/?p=780"},{"name":"RHSA-2010:0119","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html"},{"name":"38056","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38056"},{"name":"ADV-2010-0748","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0748"},{"name":"37675","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37675"},{"name":"oval:org.mitre.oval:def:8535","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535"},{"name":"HPSBMA02547","tags":["vendor-advisory","x_refsource_HP"],"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"},{"name":"SSRT100058","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html"},{"name":"RHSA-2010:0786","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html"},{"tags":["x_refsource_MISC"],"url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"},{"name":"38003","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38003"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.apple.com/kb/HT4171"},{"name":"1023428","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023428"},{"name":"SSRT100613","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2"},{"name":"[oss-security] 20091120 CVEs for nginx","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/20/1"},{"name":"ADV-2009-3354","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3354"},{"name":"1023274","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023274"},{"name":"FEDORA-2009-12968","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html"},{"name":"39242","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39242"},{"tags":["x_refsource_CONFIRM"],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"name":"38241","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38241"},{"name":"42377","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42377"},{"name":"GLSA-201203-22","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://security.gentoo.org/glsa/glsa-201203-22.xml"},{"name":"[oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/3"},{"name":"SUSE-SR:2010:019","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"name":"60972","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/60972"},{"name":"1023426","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023426"},{"name":"38484","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/38484"},{"name":"MDVSA-2010:084","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"},{"tags":["x_refsource_MISC"],"url":"http://www.betanews.com/article/1257452450"},{"name":"1021653","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"},{"name":"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/516397/100/0/threaded"},{"name":"[4.6] 004: SECURITY FIX: November 26, 2009","tags":["vendor-advisory","x_refsource_OPENBSD"],"url":"http://openbsd.org/errata46.html#004_openssl"},{"name":"41967","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/41967"},{"name":"RHSA-2010:0807","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html"},{"name":"ADV-2010-1191","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1191"},{"name":"20091111 Re: SSL/TLS MiTM PoC","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2009/Nov/139"},{"tags":["x_refsource_MISC"],"url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"},{"name":"[oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/5"},{"name":"39713","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39713"},{"name":"42733","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42733"},{"name":"37291","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37291"},{"name":"FEDORA-2010-16312","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"},{"name":"FEDORA-2010-5942","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"},{"name":"ADV-2010-2745","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/2745"},{"name":"273350","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"},{"name":"ADV-2010-0994","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0994"},{"name":"ADV-2010-0173","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/0173"},{"name":"ADV-2010-1054","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1054"},{"name":"65202","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/65202"},{"name":"HPSBGN02562","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041"},{"name":"FEDORA-2010-16294","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"},{"name":"[gnutls-devel] 20091105 Re: TLS renegotiation MITM","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"},{"name":"20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"},{"tags":["x_refsource_MISC"],"url":"http://clicky.me/tlsvuln"},{"name":"42811","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/42811"},{"name":"[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"},{"name":"[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"},{"name":"[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"},{"name":"[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"}]}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2009-3555","datePublished":"2009-11-09T17:00:00.000Z","dateReserved":"2009-10-05T00:00:00.000Z","dateUpdated":"2024-08-07T06:31:10.430Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2009-11-09 17:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-295","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","versionEndIncluding":"2.2.14","matchCriteriaId":"F1BD8600-0EF7-4612-B5C4-E327C0828479"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*","versionEndIncluding":"2.8.5","matchCriteriaId":"38090AC3-C511-4C40-91A5-084CBEC11F34"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*","versionEndIncluding":"3.12.4","matchCriteriaId":"285433B6-03F9-495E-BACA-AA47A014411C"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionEndIncluding":"0.9.8k","matchCriteriaId":"EB35F63F-7856-42EE-87A6-7EC7F10C2032"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*","matchCriteriaId":"718F8E8D-0940-4055-A948-96D25C79323B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","matchCriteriaId":"C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*","matchCriteriaId":"4747CC68-FAF4-482F-929A-9DA6C24CB663"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*","matchCriteriaId":"A5D026D0-EF78-438D-BEDD-FC8571F3ACEB"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","matchCriteriaId":"A2BCB73E-27BB-4878-AD9C-90C4F20C25A0"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*","matchCriteriaId":"5D37DF0F-F863-45AC-853A-3E04F9FEC7CA"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*","matchCriteriaId":"87614B58-24AB-49FB-9C84-E8DDBA16353B"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","matchCriteriaId":"0F92AB32-E7DE-43F4-B877-1F41FA162EC7"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","matchCriteriaId":"8C757774-08E7-40AA-B532-6F705C8F7639"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"036E8A89-7A16-411F-9D31-676313BB7244"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*","matchCriteriaId":"B3BB5EDB-520B-4DEF-B06E-65CA13152824"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*","matchCriteriaId":"E44669D7-6C1E-4844-B78A-73E253A7CC17"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*","matchCriteriaId":"A2D59BD0-43DE-4E58-A057-640AB98359A6"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*","matchCriteriaId":"BDE52846-24EC-4068-B788-EC7F915FFF11"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","versionStartIncluding":"0.1.0","versionEndIncluding":"0.8.22","matchCriteriaId":"06B2E3E1-C2E0-4A4E-A84D-93C456E868E7"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2009","CveId":"3555","Ordinal":"1","Title":"CVE-2009-3555","CVE":"CVE-2009-3555","Year":"2009"},"notes":[{"CveYear":"2009","CveId":"3555","Ordinal":"1","NoteData":"The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.","Type":"Description","Title":"CVE-2009-3555"},{"CveYear":"2009","CveId":"3555","Ordinal":"2","NoteData":"2009-11-09","Type":"Other","Title":"Published"},{"CveYear":"2009","CveId":"3555","Ordinal":"3","NoteData":"2020-02-13","Type":"Other","Title":"Modified"}]}}}