CVE-2014-0160

OpenSSL Information Disclosure Vulnerability

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

*SSVC

Descriptions

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

Las implementaciones de (1) TLS y (2) DTLS en OpenSSL 1.0.1 en versiones anteriores a 1.0.1g no manejan adecuadamente paquetes Heartbeat Extension, lo que permite a atacantes remotos obtener información sensible desde la memoria de proceso a través de paquetes manipulados que desencadenan una sobrelectura del buffer, según lo demostrado mediante la lectura de claves privadas, relacionado con d1_both.c y t1_lib.c, también conocido como bug Heartbleed.

An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys.

Streamworks Job Scheduler Release 7 has all agents using the same X.509 certificates and keys issued by the vendor for authentication. The processing server component does not check received messages properly for authenticity. Agents installed on servers do not check received messages properly for authenticity. Agents and processing servers are vulnerable to the TLS Heartbleed attack.

The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-12-03 CVE Reserved
2014-04-07 CVE Published
2014-04-08 First Exploit
2022-05-04 Exploited in Wild
2022-05-25 KEV Due Date
2024-08-06 CVE Updated
2024-08-30 EPSS Updated

CWE

CWE-125: Out-of-bounds Read
CWE-201: Insertion of Sensitive Information Into Sent Data

CAPEC

References (138)

URL	Tag	Source
http://advisories.mageia.org/MGASA-2014-0165.html	Third Party Advisory
http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog	Issue Tracking
http://cogentdatahub.com/ReleaseNotes.html	Release Notes
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01	Broken Link
http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3	Broken Link
http://heartbleed.com	Third Party Advisory
http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1	Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/109	Mailing List
http://seclists.org/fulldisclosure/2014/Apr/173	Mailing List
http://seclists.org/fulldisclosure/2014/Apr/190	Mailing List
http://seclists.org/fulldisclosure/2014/Apr/90	Mailing List
http://seclists.org/fulldisclosure/2014/Apr/91	Mailing List
http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List
http://secunia.com/advisories/57347	Broken Link
http://secunia.com/advisories/57483	Broken Link
http://secunia.com/advisories/57721	Broken Link
http://secunia.com/advisories/57836	Broken Link
http://secunia.com/advisories/57966	Broken Link
http://secunia.com/advisories/57968	Broken Link
http://secunia.com/advisories/59139	Broken Link
http://secunia.com/advisories/59243	Broken Link
http://secunia.com/advisories/59347	Broken Link
http://support.citrix.com/article/CTX140605	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg400001841	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg400001843	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21670161	Broken Link
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf	Broken Link
http://www.blackberry.com/btsc/KB35882	Broken Link
http://www.f-secure.com/en/web/labs_global/fsc-2014-1	Broken Link
http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release	Release Notes
http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases	Third Party Advisory
http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release	Release Notes
http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release	Release Notes
http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf	Not Applicable
http://www.kb.cert.org/vuls/id/720951	Third Party Advisory
http://www.kerio.com/support/kerio-control/release-history	Broken Link
http://www.securityfocus.com/archive/1/534161/100/0/threaded	Broken Link
http://www.securityfocus.com/bid/66690	Broken Link
http://www.securitytracker.com/id/1030026	Broken Link
http://www.securitytracker.com/id/1030074	Broken Link
http://www.securitytracker.com/id/1030077	Broken Link
http://www.securitytracker.com/id/1030078	Broken Link
http://www.securitytracker.com/id/1030079	Broken Link
http://www.securitytracker.com/id/1030080	Broken Link
http://www.securitytracker.com/id/1030081	Broken Link
http://www.securitytracker.com/id/1030082	Broken Link
http://www.splunk.com/view/SP-CAAAMB3	Third Party Advisory
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00	Third Party Advisory
http://www.us-cert.gov/ncas/alerts/TA14-098A	Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Broken Link
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Broken Link
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160	Issue Tracking
https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf	Third Party Advisory
https://code.google.com/p/mod-spdy/issues/detail?id=85	Issue Tracking
https://filezilla-project.org/versions.php?type=server	Release Notes
https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html	Mailing List
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html	Third Party Advisory
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217	Third Party Advisory
https://www.cert.fi/en/reports/2014/vulnerability788210.html	Not Applicable
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008	Third Party Advisory

URL	Date	SRC
https://www.exploit-db.com/exploits/32764	2014-04-09
https://www.exploit-db.com/exploits/32791	2014-04-10
https://www.exploit-db.com/exploits/32998	2014-04-24
https://www.exploit-db.com/exploits/32745	2014-04-08
https://github.com/0x90/CVE-2014-0160	2014-05-09
https://github.com/jdauphant/patch-openssl-CVE-2014-0160	2014-12-02
https://github.com/caiqiqi/OpenSSL-HeartBleed-CVE-2014-0160-PoC	2018-11-08
https://github.com/obayesshelton/CVE-2014-0160-Scanner	2014-04-10
https://github.com/MrE-Fog/CVE-2014-0160-Chrome-Plugin	2023-04-30
https://github.com/Xyl2k/CVE-2014-0160-Chrome-Plugin	2016-02-16
https://github.com/artofscripting-zz/cmty-ssl-heartbleed-CVE-2014-0160-HTTP-HTTPS	2019-04-02
http://www.exploit-db.com/exploits/32745	2024-08-06
http://www.exploit-db.com/exploits/32764	2024-08-06
https://gist.github.com/chapmajs/10473815	2024-08-06
https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd	2024-08-06

URL	Date	SRC
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	2024-07-02
http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html	2024-07-02
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	2024-07-02
https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E	2024-07-02
https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E	2024-07-02
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	2024-07-02

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html	2024-07-02
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html	2024-07-02
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	2024-07-02
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html	2024-07-02
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html	2024-07-02
http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html	2024-07-02
http://marc.info/?l=bugtraq&m=139722163017074&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139757726426985&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139757819327350&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139757919027752&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139758572430452&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139765756720506&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139774054614965&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139774703817488&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139808058921905&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139817685517037&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139817727317190&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139817782017443&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139824923705461&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139824993005633&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139833395230364&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139835815211508&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139835844111589&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139836085512508&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139842151128341&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139843768401936&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139869720529462&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139869891830365&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139889113431619&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139889295732144&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905202427693&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905243827825&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905295427946&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905351928096&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905405728262&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905458328378&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905653828999&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=139905868529690&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=140015787404650&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=140075368411126&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=140724451518351&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=140752315422991&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=141287864628122&w=2	2024-07-02
http://marc.info/?l=bugtraq&m=142660345230545&w=2	2024-07-02
http://rhn.redhat.com/errata/RHSA-2014-0376.html	2024-07-02
http://rhn.redhat.com/errata/RHSA-2014-0377.html	2024-07-02
http://rhn.redhat.com/errata/RHSA-2014-0378.html	2024-07-02
http://rhn.redhat.com/errata/RHSA-2014-0396.html	2024-07-02
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed	2024-07-02
http://www.debian.org/security/2014/dsa-2896	2024-07-02
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	2024-07-02
http://www.openssl.org/news/secadv_20140407.txt	2024-07-02
http://www.ubuntu.com/usn/USN-2165-1	2024-07-02
https://bugzilla.redhat.com/show_bug.cgi?id=1084875	2014-04-17
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken	2024-07-02
https://access.redhat.com/security/cve/CVE-2014-0160	2014-04-17

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"	Application Processing Engine Firmware Search vendor "Siemens" for product "Application Processing Engine Firmware"	2.0 Search vendor "Siemens" for product "Application Processing Engine Firmware" and version "2.0"	-	Affected	in	Siemens Search vendor "Siemens"	Application Processing Engine Search vendor "Siemens" for product "Application Processing Engine"	-	-	Safe
Siemens Search vendor "Siemens"	Cp 1543-1 Firmware Search vendor "Siemens" for product "Cp 1543-1 Firmware"	1.1 Search vendor "Siemens" for product "Cp 1543-1 Firmware" and version "1.1"	-	Affected	in	Siemens Search vendor "Siemens"	Cp 1543-1 Search vendor "Siemens" for product "Cp 1543-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-1500 Firmware Search vendor "Siemens" for product "Simatic S7-1500 Firmware"	1.5 Search vendor "Siemens" for product "Simatic S7-1500 Firmware" and version "1.5"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-1500 Search vendor "Siemens" for product "Simatic S7-1500"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-1500t Firmware Search vendor "Siemens" for product "Simatic S7-1500t Firmware"	1.5 Search vendor "Siemens" for product "Simatic S7-1500t Firmware" and version "1.5"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-1500t Search vendor "Siemens" for product "Simatic S7-1500t"	-	-	Safe
Intellian Search vendor "Intellian"	V100 Firmware Search vendor "Intellian" for product "V100 Firmware"	1.20 Search vendor "Intellian" for product "V100 Firmware" and version "1.20"	-	Affected	in	Intellian Search vendor "Intellian"	V100 Search vendor "Intellian" for product "V100"	-	-	Safe
Intellian Search vendor "Intellian"	V100 Firmware Search vendor "Intellian" for product "V100 Firmware"	1.21 Search vendor "Intellian" for product "V100 Firmware" and version "1.21"	-	Affected	in	Intellian Search vendor "Intellian"	V100 Search vendor "Intellian" for product "V100"	-	-	Safe
Intellian Search vendor "Intellian"	V100 Firmware Search vendor "Intellian" for product "V100 Firmware"	1.24 Search vendor "Intellian" for product "V100 Firmware" and version "1.24"	-	Affected	in	Intellian Search vendor "Intellian"	V100 Search vendor "Intellian" for product "V100"	-	-	Safe
Intellian Search vendor "Intellian"	V60 Firmware Search vendor "Intellian" for product "V60 Firmware"	1.15 Search vendor "Intellian" for product "V60 Firmware" and version "1.15"	-	Affected	in	Intellian Search vendor "Intellian"	V60 Search vendor "Intellian" for product "V60"	-	-	Safe
Intellian Search vendor "Intellian"	V60 Firmware Search vendor "Intellian" for product "V60 Firmware"	1.25 Search vendor "Intellian" for product "V60 Firmware" and version "1.25"	-	Affected	in	Intellian Search vendor "Intellian"	V60 Search vendor "Intellian" for product "V60"	-	-	Safe
Ricon Search vendor "Ricon"	S9922l Firmware Search vendor "Ricon" for product "S9922l Firmware"	16.10.3\(3794\) Search vendor "Ricon" for product "S9922l Firmware" and version "16.10.3\(3794\)"	-	Affected	in	Ricon Search vendor "Ricon"	S9922l Search vendor "Ricon" for product "S9922l"	1.0 Search vendor "Ricon" for product "S9922l" and version "1.0"	-	Safe
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				>= 1.0.1 < 1.0.1g Search vendor "Openssl" for product "Openssl" and version " >= 1.0.1 < 1.0.1g"		-		Affected
Filezilla-project Search vendor "Filezilla-project"		Filezilla Server Search vendor "Filezilla-project" for product "Filezilla Server"				< 0.9.44 Search vendor "Filezilla-project" for product "Filezilla Server" and version " < 0.9.44"		-		Affected
Siemens Search vendor "Siemens"		Elan-8.2 Search vendor "Siemens" for product "Elan-8.2"				< 8.3.3 Search vendor "Siemens" for product "Elan-8.2" and version " < 8.3.3"		-		Affected
Siemens Search vendor "Siemens"		Wincc Open Architecture Search vendor "Siemens" for product "Wincc Open Architecture"				3.12 Search vendor "Siemens" for product "Wincc Open Architecture" and version "3.12"		-		Affected
Mitel Search vendor "Mitel"		Micollab Search vendor "Mitel" for product "Micollab"				6.0 Search vendor "Mitel" for product "Micollab" and version "6.0"		-		Affected
Mitel Search vendor "Mitel"		Micollab Search vendor "Mitel" for product "Micollab"				7.0 Search vendor "Mitel" for product "Micollab" and version "7.0"		-		Affected
Mitel Search vendor "Mitel"		Micollab Search vendor "Mitel" for product "Micollab"				7.1 Search vendor "Mitel" for product "Micollab" and version "7.1"		-		Affected
Mitel Search vendor "Mitel"		Micollab Search vendor "Mitel" for product "Micollab"				7.2 Search vendor "Mitel" for product "Micollab" and version "7.2"		-		Affected
Mitel Search vendor "Mitel"		Micollab Search vendor "Mitel" for product "Micollab"				7.3 Search vendor "Mitel" for product "Micollab" and version "7.3"		-		Affected
Mitel Search vendor "Mitel"		Micollab Search vendor "Mitel" for product "Micollab"				7.3.0.104 Search vendor "Mitel" for product "Micollab" and version "7.3.0.104"		-		Affected
Mitel Search vendor "Mitel"		Mivoice Search vendor "Mitel" for product "Mivoice"				1.1.2.5 Search vendor "Mitel" for product "Mivoice" and version "1.1.2.5"		lync		Affected
Mitel Search vendor "Mitel"		Mivoice Search vendor "Mitel" for product "Mivoice"				1.1.3.3 Search vendor "Mitel" for product "Mivoice" and version "1.1.3.3"		skype_for_business		Affected
Mitel Search vendor "Mitel"		Mivoice Search vendor "Mitel" for product "Mivoice"				1.2.0.11 Search vendor "Mitel" for product "Mivoice" and version "1.2.0.11"		skype_for_business		Affected
Mitel Search vendor "Mitel"		Mivoice Search vendor "Mitel" for product "Mivoice"				1.3.2.2 Search vendor "Mitel" for product "Mivoice" and version "1.3.2.2"		skype_for_business		Affected
Mitel Search vendor "Mitel"		Mivoice Search vendor "Mitel" for product "Mivoice"				1.4.0.102 Search vendor "Mitel" for product "Mivoice" and version "1.4.0.102"		skype_for_business		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				12.3 Search vendor "Opensuse" for product "Opensuse" and version "12.3"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		esm		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				13.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "13.10"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				19 Search vendor "Fedoraproject" for product "Fedora" and version "19"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				20 Search vendor "Fedoraproject" for product "Fedora" and version "20"		-		Affected
Redhat Search vendor "Redhat"		Gluster Storage Search vendor "Redhat" for product "Gluster Storage"				2.1 Search vendor "Redhat" for product "Gluster Storage" and version "2.1"		-		Affected
Redhat Search vendor "Redhat"		Storage Search vendor "Redhat" for product "Storage"				2.1 Search vendor "Redhat" for product "Storage" and version "2.1"		-		Affected
Redhat Search vendor "Redhat"		Virtualization Search vendor "Redhat" for product "Virtualization"				6.0 Search vendor "Redhat" for product "Virtualization" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				6.5 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				6.5 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				6.5 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "6.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				6.0 Search vendor "Debian" for product "Debian Linux" and version "6.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected
Broadcom Search vendor "Broadcom"		Symantec Messaging Gateway Search vendor "Broadcom" for product "Symantec Messaging Gateway"				10.6.0 Search vendor "Broadcom" for product "Symantec Messaging Gateway" and version "10.6.0"		-		Affected
Broadcom Search vendor "Broadcom"		Symantec Messaging Gateway Search vendor "Broadcom" for product "Symantec Messaging Gateway"				10.6.1 Search vendor "Broadcom" for product "Symantec Messaging Gateway" and version "10.6.1"		-		Affected
Splunk Search vendor "Splunk"		Splunk Search vendor "Splunk" for product "Splunk"				>= 6.0.0 < 6.0.3 Search vendor "Splunk" for product "Splunk" and version " >= 6.0.0 < 6.0.3"		enterprise		Affected