VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	MODERATE	http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html
generic_textual	MODERATE	http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html
generic_textual	MODERATE	http://blogs.iss.net/archive/sslmitmiscsrf.html
generic_textual	MODERATE	http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during
generic_textual	MODERATE	http://clicky.me/tlsvuln
generic_textual	MODERATE	http://extendedsubset.com/?p=8
generic_textual	MODERATE	http://extendedsubset.com/Renegotiating_TLS.pdf
generic_textual	MODERATE	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686
generic_textual	MODERATE	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041
generic_textual	MODERATE	http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
generic_textual	MODERATE	http://kbase.redhat.com/faq/docs/DOC-20491
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
generic_textual	MODERATE	http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html
cvssv3.1	5.3	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
generic_textual	MODERATE	http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=126150535619567&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=127128920008563&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=127419602507642&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=127557596201693&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=130497311408250&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=132077688910227&w=2
generic_textual	HIGH	http://marc.info/?l=bugtraq&m=133469267822771&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=134254866602253&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=142660345230545&w=2
generic_textual	MODERATE	http://marc.info/?l=cryptography&m=125752275331877&w=2
generic_textual	MODERATE	http://openbsd.org/errata45.html#010_openssl
generic_textual	MODERATE	http://openbsd.org/errata46.html#004_openssl
rhas	Moderate	https://access.redhat.com/errata/RHSA-2009:1579
rhas	Moderate	https://access.redhat.com/errata/RHSA-2009:1580
rhas	Critical	https://access.redhat.com/errata/RHSA-2009:1694
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0011
rhas	Low	https://access.redhat.com/errata/RHSA-2010:0119
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0130
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0155
rhas	Important	https://access.redhat.com/errata/RHSA-2010:0162
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0163
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0164
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0165
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0166
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0167
rhas	Critical	https://access.redhat.com/errata/RHSA-2010:0337
rhas	Critical	https://access.redhat.com/errata/RHSA-2010:0338
rhas	Important	https://access.redhat.com/errata/RHSA-2010:0339
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0408
rhas	Important	https://access.redhat.com/errata/RHSA-2010:0440
rhas	Important	https://access.redhat.com/errata/RHSA-2010:0768
rhas	Critical	https://access.redhat.com/errata/RHSA-2010:0770
rhas	Critical	https://access.redhat.com/errata/RHSA-2010:0786
rhas	Critical	https://access.redhat.com/errata/RHSA-2010:0807
rhas	Important	https://access.redhat.com/errata/RHSA-2010:0865
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0986
rhas	Critical	https://access.redhat.com/errata/RHSA-2010:0987
rhas	Low	https://access.redhat.com/errata/RHSA-2011:0880
cvssv3.1	3.7	https://access.redhat.com/errata/RHSA-2015:1591
generic_textual	MODERATE	https://access.redhat.com/errata/RHSA-2015:1591
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.00362	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.02656	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.02656	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.02942	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03006	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03481	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03571	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03571	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03571	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03869	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03869	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03869	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03936	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03936	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03936	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03936	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03936	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03936	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.03936	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.04027	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.04027	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.04473	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.04473	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
epss	0.04473	https://api.first.org/data/v1/epss?cve=CVE-2009-3555
generic_textual	MODERATE	https://bugzilla.mozilla.org/show_bug.cgi?id=526689
generic_textual	MODERATE	https://bugzilla.mozilla.org/show_bug.cgi?id=545755
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=533125
generic_textual	MODERATE	https://bz.apache.org/bugzilla/show_bug.cgi?id=50325
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
generic_textual	MODERATE	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2009/Nov/139
generic_textual	MODERATE	http://secunia.com/advisories/44183
generic_textual	MODERATE	http://security.gentoo.org/glsa/glsa-200912-01.xml
generic_textual	MODERATE	http://security.gentoo.org/glsa/glsa-201203-22.xml
generic_textual	HIGH	http://security.gentoo.org/glsa/glsa-201406-32.xml
generic_textual	MODERATE	https://exchange.xforce.ibmcloud.com/vulnerabilities/54158
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-f7w7-6pjc-wwm6
cvssv3.1	7.5	https://github.com/apache/tomcat
generic_textual	HIGH	https://github.com/apache/tomcat
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0
generic_textual	MODERATE	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
generic_textual	MODERATE	https://kb.bluecoat.com/index?page=content&id=SA50
generic_textual	MODERATE	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446
generic_textual	MODERATE	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>
generic_textual	HIGH	https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>
generic_textual	HIGH	https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>
generic_textual	MODERATE	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>
cvssv2	5.8	https://nvd.nist.gov/vuln/detail/CVE-2009-3555
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535
generic_textual	MODERATE	https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html
generic_textual	MODERATE	https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
generic_textual	MODERATE	https://tomcat.apache.org/security-5.html
generic_textual	MODERATE	https://tomcat.apache.org/security-6.html
cvssv3.1	5.9	https://tomcat.apache.org/security-7.html
generic_textual	MODERATE	https://tomcat.apache.org/security-7.html
generic_textual	MODERATE	http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1
generic_textual	MODERATE	http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1
generic_textual	MODERATE	http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1
generic_textual	MODERATE	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1
generic_textual	MODERATE	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1
generic_textual	MODERATE	http://support.apple.com/kb/HT4004
generic_textual	MODERATE	http://support.apple.com/kb/HT4170
generic_textual	MODERATE	http://support.apple.com/kb/HT4171
generic_textual	MODERATE	http://support.avaya.com/css/P8/documents/100070150
generic_textual	MODERATE	http://support.avaya.com/css/P8/documents/100081611
generic_textual	MODERATE	http://support.avaya.com/css/P8/documents/100114315
generic_textual	MODERATE	http://support.avaya.com/css/P8/documents/100114327
generic_textual	MODERATE	http://support.citrix.com/article/CTX123359
generic_textual	MODERATE	http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
generic_textual	MODERATE	http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released
generic_textual	low	https://www.mozilla.org/en-US/security/advisories/mfsa2010-22
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html
generic_textual	MODERATE	http://sysoev.ru/nginx/patch.cve-2009-3555.txt
generic_textual	MODERATE	http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html
generic_textual	MODERATE	http://ubuntu.com/usn/usn-923-1
generic_textual	MODERATE	http://wiki.rpath.com/Advisories:rPSA-2009-0155
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21426108
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21432298
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg24006386
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg24025312
generic_textual	MODERATE	http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only
generic_textual	MODERATE	http://www.arubanetworks.com/support/alerts/aid-020810.txt
generic_textual	MODERATE	http://www.betanews.com/article/1257452450
generic_textual	MODERATE	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml
generic_textual	MODERATE	http://www.debian.org/security/2009/dsa-1934
generic_textual	MODERATE	http://www.debian.org/security/2011/dsa-2141
generic_textual	MODERATE	http://www.debian.org/security/2015/dsa-3253
generic_textual	MODERATE	http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
generic_textual	MODERATE	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
generic_textual	MODERATE	http://www.ietf.org/mail-archive/web/tls/current/msg03928.html
generic_textual	MODERATE	http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
generic_textual	MODERATE	http://www.ingate.com/Relnote.php?ver=481
generic_textual	MODERATE	http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
generic_textual	MODERATE	http://www.kb.cert.org/vuls/id/120541
generic_textual	MODERATE	http://www.links.org/?p=780
generic_textual	MODERATE	http://www.links.org/?p=786
generic_textual	MODERATE	http://www.links.org/?p=789
generic_textual	MODERATE	http://www.mandriva.com/security/advisories?name=MDVSA-2010:076
generic_textual	MODERATE	http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
generic_textual	MODERATE	http://www.mandriva.com/security/advisories?name=MDVSA-2010:089
generic_textual	MODERATE	http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
generic_textual	MODERATE	http://www.openoffice.org/security/cves/CVE-2009-3555.html
generic_textual	MODERATE	http://www.openssl.org/news/secadv_20091111.txt
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2009/11/05/3
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2009/11/05/5
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2009/11/06/3
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2009/11/07/3
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2009/11/20/1
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2009/11/23/10
generic_textual	MODERATE	http://www.opera.com/docs/changelogs/unix/1060
generic_textual	MODERATE	http://www.opera.com/support/search/view/944
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
generic_textual	MODERATE	http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0119.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0130.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0155.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0165.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0167.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0337.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0338.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0339.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0768.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0770.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0786.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0807.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0865.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0986.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2010-0987.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2011-0880.html
generic_textual	MODERATE	http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html
generic_textual	MODERATE	http://www.tombom.co.uk/blog/?p=85
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-1010-1
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-927-1
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-927-4
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-927-5
generic_textual	MODERATE	http://www.us-cert.gov/cas/techalerts/TA10-222A.html
generic_textual	MODERATE	http://www.us-cert.gov/cas/techalerts/TA10-287A.html
generic_textual	MODERATE	http://www.vmware.com/security/advisories/VMSA-2010-0019.html
generic_textual	MODERATE	http://www.vmware.com/security/advisories/VMSA-2011-0003.html
generic_textual	MODERATE	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2010/1107

Reference id

Reference type

URL

http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html

http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html

http://blogs.iss.net/archive/sslmitmiscsrf.html

http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during

http://clicky.me/tlsvuln

http://extendedsubset.com/?p=8

http://extendedsubset.com/Renegotiating_TLS.pdf

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

http://kbase.redhat.com/faq/docs/DOC-20491

http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html

http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html

http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2

http://marc.info/?l=bugtraq&m=126150535619567&w=2

http://marc.info/?l=bugtraq&m=127128920008563&w=2

http://marc.info/?l=bugtraq&m=127419602507642&w=2

http://marc.info/?l=bugtraq&m=127557596201693&w=2

http://marc.info/?l=bugtraq&m=130497311408250&w=2

http://marc.info/?l=bugtraq&m=132077688910227&w=2

http://marc.info/?l=bugtraq&m=133469267822771&w=2

http://marc.info/?l=bugtraq&m=134254866602253&w=2

http://marc.info/?l=bugtraq&m=142660345230545&w=2

http://marc.info/?l=cryptography&m=125752275331877&w=2

http://openbsd.org/errata45.html#010_openssl

http://openbsd.org/errata46.html#004_openssl

http://osvdb.org/60521

http://osvdb.org/60972

http://osvdb.org/62210

http://osvdb.org/65202

https://access.redhat.com/errata/RHSA-2015:1591

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json

https://api.first.org/data/v1/epss?cve=CVE-2009-3555

https://bugzilla.mozilla.org/show_bug.cgi?id=526689

https://bugzilla.mozilla.org/show_bug.cgi?id=545755

https://bugzilla.redhat.com/show_bug.cgi?id=533125

https://bz.apache.org/bugzilla/show_bug.cgi?id=50325

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049

http://seclists.org/fulldisclosure/2009/Nov/139

http://secunia.com/advisories/37291

http://secunia.com/advisories/37292

http://secunia.com/advisories/37320

http://secunia.com/advisories/37383

http://secunia.com/advisories/37399

http://secunia.com/advisories/37453

http://secunia.com/advisories/37501

http://secunia.com/advisories/37504

http://secunia.com/advisories/37604

http://secunia.com/advisories/37640

http://secunia.com/advisories/37656

http://secunia.com/advisories/37675

http://secunia.com/advisories/37859

http://secunia.com/advisories/38003

http://secunia.com/advisories/38020

http://secunia.com/advisories/38056

http://secunia.com/advisories/38241

http://secunia.com/advisories/38484

http://secunia.com/advisories/38687

http://secunia.com/advisories/38781

http://secunia.com/advisories/39127

http://secunia.com/advisories/39136

http://secunia.com/advisories/39242

http://secunia.com/advisories/39243

http://secunia.com/advisories/39278

http://secunia.com/advisories/39292

http://secunia.com/advisories/39317

http://secunia.com/advisories/39461

http://secunia.com/advisories/39500

http://secunia.com/advisories/39628

http://secunia.com/advisories/39632

http://secunia.com/advisories/39713

http://secunia.com/advisories/39819

http://secunia.com/advisories/40070

http://secunia.com/advisories/40545

http://secunia.com/advisories/40747

http://secunia.com/advisories/40866

http://secunia.com/advisories/41480

http://secunia.com/advisories/41490

http://secunia.com/advisories/41818

http://secunia.com/advisories/41967

http://secunia.com/advisories/41972

http://secunia.com/advisories/42377

http://secunia.com/advisories/42379

http://secunia.com/advisories/42467

http://secunia.com/advisories/42724

http://secunia.com/advisories/42733

http://secunia.com/advisories/42808

http://secunia.com/advisories/42811

http://secunia.com/advisories/42816

http://secunia.com/advisories/43308

http://secunia.com/advisories/44183

http://secunia.com/advisories/44954

http://secunia.com/advisories/48577

http://security.gentoo.org/glsa/glsa-200912-01.xml

http://security.gentoo.org/glsa/glsa-201203-22.xml

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://securitytracker.com/id?1023148

https://exchange.xforce.ibmcloud.com/vulnerabilities/54158

https://github.com/apache/tomcat

https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5

https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d

https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3

https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701

https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02

https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3

https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d

https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366

https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888

https://kb.bluecoat.com/index?page=content&id=SA50

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446

https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>

https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>

https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>

https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>

https://nginx.org/download/patch.cve-2009-3555.txt

https://nginx.org/download/patch.cve-2009-3555.txt.asc

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535

https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html

https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

https://tomcat.apache.org/security-5.html

https://tomcat.apache.org/security-6.html

https://tomcat.apache.org/security-7.html

http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1

http://support.apple.com/kb/HT4004

http://support.apple.com/kb/HT4170

http://support.apple.com/kb/HT4171

http://support.avaya.com/css/P8/documents/100070150

http://support.avaya.com/css/P8/documents/100081611

http://support.avaya.com/css/P8/documents/100114315

http://support.avaya.com/css/P8/documents/100114327

http://support.citrix.com/article/CTX123359

http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES

http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released

https://www.openssl.org/news/secadv/20091111.txt

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html

http://sysoev.ru/nginx/patch.cve-2009-3555.txt

http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html

http://ubuntu.com/usn/usn-923-1

http://wiki.rpath.com/Advisories:rPSA-2009-0155

http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055

http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

http://www-01.ibm.com/support/docview.wss?uid=swg24006386

http://www-01.ibm.com/support/docview.wss?uid=swg24025312

http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only

http://www.arubanetworks.com/support/alerts/aid-020810.txt

http://www.betanews.com/article/1257452450

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml

http://www.debian.org/security/2009/dsa-1934

http://www.debian.org/security/2011/dsa-2141

http://www.debian.org/security/2015/dsa-3253

http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html

http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html

http://www.ietf.org/mail-archive/web/tls/current/msg03928.html

http://www.ietf.org/mail-archive/web/tls/current/msg03948.html

http://www.ingate.com/Relnote.php?ver=481

http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995

http://www.kb.cert.org/vuls/id/120541

http://www.links.org/?p=780

http://www.links.org/?p=786

http://www.links.org/?p=789

http://www.mandriva.com/security/advisories?name=MDVSA-2010:076

http://www.mandriva.com/security/advisories?name=MDVSA-2010:084

http://www.mandriva.com/security/advisories?name=MDVSA-2010:089

http://www.mozilla.org/security/announce/2010/mfsa2010-22.html

http://www.openoffice.org/security/cves/CVE-2009-3555.html

http://www.openssl.org/news/secadv_20091111.txt

http://www.openwall.com/lists/oss-security/2009/11/05/3

http://www.openwall.com/lists/oss-security/2009/11/05/5

http://www.openwall.com/lists/oss-security/2009/11/06/3

http://www.openwall.com/lists/oss-security/2009/11/07/3

http://www.openwall.com/lists/oss-security/2009/11/20/1

http://www.openwall.com/lists/oss-security/2009/11/23/10

http://www.opera.com/docs/changelogs/unix/1060

http://www.opera.com/docs/changelogs/unix/1060/

http://www.opera.com/support/search/view/944

http://www.opera.com/support/search/view/944/

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c

http://www.redhat.com/support/errata/RHSA-2010-0119.html

http://www.redhat.com/support/errata/RHSA-2010-0130.html

http://www.redhat.com/support/errata/RHSA-2010-0155.html

http://www.redhat.com/support/errata/RHSA-2010-0165.html

http://www.redhat.com/support/errata/RHSA-2010-0167.html

http://www.redhat.com/support/errata/RHSA-2010-0337.html

http://www.redhat.com/support/errata/RHSA-2010-0338.html

http://www.redhat.com/support/errata/RHSA-2010-0339.html

http://www.redhat.com/support/errata/RHSA-2010-0768.html

http://www.redhat.com/support/errata/RHSA-2010-0770.html

http://www.redhat.com/support/errata/RHSA-2010-0786.html

http://www.redhat.com/support/errata/RHSA-2010-0807.html

http://www.redhat.com/support/errata/RHSA-2010-0865.html

http://www.redhat.com/support/errata/RHSA-2010-0986.html

http://www.redhat.com/support/errata/RHSA-2010-0987.html

http://www.redhat.com/support/errata/RHSA-2011-0880.html

http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html

http://www.securityfocus.com/archive/1/507952/100/0/threaded

http://www.securityfocus.com/archive/1/508075/100/0/threaded

http://www.securityfocus.com/archive/1/508130/100/0/threaded

http://www.securityfocus.com/archive/1/515055/100/0/threaded

http://www.securityfocus.com/archive/1/516397/100/0/threaded

http://www.securityfocus.com/archive/1/522176

http://www.securityfocus.com/bid/36935

http://www.securitytracker.com/id?1023163

http://www.securitytracker.com/id?1023204

http://www.securitytracker.com/id?1023205

http://www.securitytracker.com/id?1023206

http://www.securitytracker.com/id?1023207

http://www.securitytracker.com/id?1023208

http://www.securitytracker.com/id?1023209

http://www.securitytracker.com/id?1023210

http://www.securitytracker.com/id?1023211

http://www.securitytracker.com/id?1023212

http://www.securitytracker.com/id?1023213

http://www.securitytracker.com/id?1023214

http://www.securitytracker.com/id?1023215

http://www.securitytracker.com/id?1023216

http://www.securitytracker.com/id?1023217

http://www.securitytracker.com/id?1023218

http://www.securitytracker.com/id?1023219

http://www.securitytracker.com/id?1023224

http://www.securitytracker.com/id?1023243

http://www.securitytracker.com/id?1023270

http://www.securitytracker.com/id?1023271

http://www.securitytracker.com/id?1023272

http://www.securitytracker.com/id?1023273

http://www.securitytracker.com/id?1023274

http://www.securitytracker.com/id?1023275

http://www.securitytracker.com/id?1023411

http://www.securitytracker.com/id?1023426

http://www.securitytracker.com/id?1023427

http://www.securitytracker.com/id?1023428

http://www.securitytracker.com/id?1024789

http://www.tombom.co.uk/blog/?p=85

http://www.ubuntu.com/usn/USN-1010-1

http://www.ubuntu.com/usn/USN-927-1

http://www.ubuntu.com/usn/USN-927-4

http://www.ubuntu.com/usn/USN-927-5

http://www.us-cert.gov/cas/techalerts/TA10-222A.html

http://www.us-cert.gov/cas/techalerts/TA10-287A.html

http://www.vmware.com/security/advisories/VMSA-2010-0019.html

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

http://www.vupen.com/english/advisories/2009/3164

http://www.vupen.com/english/advisories/2009/3165

http://www.vupen.com/english/advisories/2009/3205

http://www.vupen.com/english/advisories/2009/3220

http://www.vupen.com/english/advisories/2009/3310

http://www.vupen.com/english/advisories/2009/3313

http://www.vupen.com/english/advisories/2009/3353

http://www.vupen.com/english/advisories/2009/3354

http://www.vupen.com/english/advisories/2009/3484

http://www.vupen.com/english/advisories/2009/3521

http://www.vupen.com/english/advisories/2009/3587

http://www.vupen.com/english/advisories/2010/0086

http://www.vupen.com/english/advisories/2010/0173

http://www.vupen.com/english/advisories/2010/0748

http://www.vupen.com/english/advisories/2010/0848

http://www.vupen.com/english/advisories/2010/0916

http://www.vupen.com/english/advisories/2010/0933

http://www.vupen.com/english/advisories/2010/0982

http://www.vupen.com/english/advisories/2010/0994

http://www.vupen.com/english/advisories/2010/1054

http://www.vupen.com/english/advisories/2010/1107

http://www.vupen.com/english/advisories/2010/1191

http://www.vupen.com/english/advisories/2010/1350

http://www.vupen.com/english/advisories/2010/1639

http://www.vupen.com/english/advisories/2010/1673

http://www.vupen.com/english/advisories/2010/1793

http://www.vupen.com/english/advisories/2010/2010

http://www.vupen.com/english/advisories/2010/2745

http://www.vupen.com/english/advisories/2010/3069

http://www.vupen.com/english/advisories/2010/3086

http://www.vupen.com/english/advisories/2010/3126

http://www.vupen.com/english/advisories/2011/0032

http://www.vupen.com/english/advisories/2011/0033

http://www.vupen.com/english/advisories/2011/0086

http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html

704946

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704946

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*

cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

CVE-2009-3555

https://access.redhat.com/security/cve/CVE-2009-3555

CVE-2009-3555

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py

CVE-2009-3555

https://nvd.nist.gov/vuln/detail/CVE-2009-3555

CVE-2009-3555;OSVDB-59970

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt

CVE-2009-3555;OSVDB-59970

Exploit

https://www.securityfocus.com/bid/35888/info

GHSA-f7w7-6pjc-wwm6

https://github.com/advisories/GHSA-f7w7-6pjc-wwm6

GLSA-200912-01

https://security.gentoo.org/glsa/200912-01

GLSA-201006-18

https://security.gentoo.org/glsa/201006-18

GLSA-201110-05

https://security.gentoo.org/glsa/201110-05

GLSA-201203-22

https://security.gentoo.org/glsa/201203-22

GLSA-201206-18

https://security.gentoo.org/glsa/201206-18

GLSA-201301-01

https://security.gentoo.org/glsa/201301-01

GLSA-201309-15

https://security.gentoo.org/glsa/201309-15

GLSA-201311-13

https://security.gentoo.org/glsa/201311-13

GLSA-201406-32

https://security.gentoo.org/glsa/201406-32

mfsa2010-22

https://www.mozilla.org/en-US/security/advisories/mfsa2010-22

RHSA-2009:1579

https://access.redhat.com/errata/RHSA-2009:1579

RHSA-2009:1580

https://access.redhat.com/errata/RHSA-2009:1580

RHSA-2009:1694

https://access.redhat.com/errata/RHSA-2009:1694

RHSA-2010:0011

https://access.redhat.com/errata/RHSA-2010:0011

RHSA-2010:0119

https://access.redhat.com/errata/RHSA-2010:0119

RHSA-2010:0130

https://access.redhat.com/errata/RHSA-2010:0130

RHSA-2010:0155

https://access.redhat.com/errata/RHSA-2010:0155

RHSA-2010:0162

https://access.redhat.com/errata/RHSA-2010:0162

RHSA-2010:0163

https://access.redhat.com/errata/RHSA-2010:0163

RHSA-2010:0164

https://access.redhat.com/errata/RHSA-2010:0164

RHSA-2010:0165

https://access.redhat.com/errata/RHSA-2010:0165

RHSA-2010:0166

https://access.redhat.com/errata/RHSA-2010:0166

RHSA-2010:0167

https://access.redhat.com/errata/RHSA-2010:0167

RHSA-2010:0337

https://access.redhat.com/errata/RHSA-2010:0337

RHSA-2010:0338

https://access.redhat.com/errata/RHSA-2010:0338

RHSA-2010:0339

https://access.redhat.com/errata/RHSA-2010:0339

RHSA-2010:0408

https://access.redhat.com/errata/RHSA-2010:0408

RHSA-2010:0440

https://access.redhat.com/errata/RHSA-2010:0440

RHSA-2010:0768

https://access.redhat.com/errata/RHSA-2010:0768

RHSA-2010:0770

https://access.redhat.com/errata/RHSA-2010:0770

RHSA-2010:0786

https://access.redhat.com/errata/RHSA-2010:0786

RHSA-2010:0807

https://access.redhat.com/errata/RHSA-2010:0807

RHSA-2010:0865

https://access.redhat.com/errata/RHSA-2010:0865

RHSA-2010:0986

https://access.redhat.com/errata/RHSA-2010:0986

RHSA-2010:0987

https://access.redhat.com/errata/RHSA-2010:0987

RHSA-2011:0880

https://access.redhat.com/errata/RHSA-2011:0880

USN-1010-1

https://usn.ubuntu.com/1010-1/

USN-860-1

https://usn.ubuntu.com/860-1/

USN-923-1

https://usn.ubuntu.com/923-1/

USN-927-1

https://usn.ubuntu.com/927-1/

USN-927-4

https://usn.ubuntu.com/927-4/

USN-927-6

https://usn.ubuntu.com/927-6/

USN-990-1

https://usn.ubuntu.com/990-1/

USN-990-2

https://usn.ubuntu.com/990-2/

Data source	Exploit-DB
Date added	Dec. 20, 2009
Description	TLS - Renegotiation
Ransomware campaign use	Known
Source publication date	Dec. 21, 2009
Exploit type	remote
Platform	multiple

Exploit-DB

Dec. 20, 2009

TLS - Renegotiation

Known

Dec. 21, 2009

remote

multiple

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2015:1591

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/tomcat

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2009-3555

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://tomcat.apache.org/security-7.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-55ga-282t-aaah
Aliases	CVE-2009-3555 GHSA-f7w7-6pjc-wwm6 VC-OPENSSL-20091105-CVE-2009-3555 VU#120541
Summary	The renegotiation vulnerability in SSL protocol
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-295	Improper Certificate Validation
CWE-300	Channel Accessible by Non-Endpoint
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.72813
EPSS Score	0.00362
Published At	Nov. 1, 2024, midnight