Executive Risk Summary
"The TLS protocol and SSL protocol 3.0 and possibly earlier, as used in various products, does not properly associate renegotiation handshakes with an existing connection, allowing man-in-the-middle attackers to insert data into HTTPS sessions. This vulnerability affects multiple vendors and products, including Microsoft Internet Information Services (IIS), Apache HTTP Server, OpenSSL, and others."
Anticipated Attack Path
- 1. Initial Connection Establishment
- 2. Renegotiation Handshake
- 3. Plaintext Injection
Am I Vulnerable?
- Verify TLS/SSL protocol version
- Check for renegotiation support
- Inspect connection logs for suspicious activity
Operational Audit Arsenal
Target Type Protocol
Target Asset TLS/SSL
Standard Path Network/Transport Layer
Manual Verification Required
This is a non-Windows asset (Multiple). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Potential service interruption during patch application
Internal Work Notes
CVE-2009-3555: TLS/SSL Renegotiation Vulnerability - Multiple Vendors and Products Affected
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Official Advisoryhttp://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html
Official Advisoryhttp://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html
Official Advisoryhttp://blogs.iss.net/archive/sslmitmiscsrf.html
Official Advisoryhttp://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during
Official Advisoryhttp://clicky.me/tlsvuln
Official Advisoryhttp://extendedsubset.com/?p=8
Official Advisoryhttp://extendedsubset.com/Renegotiating_TLS.pdf
Official Advisoryhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686
Official Advisoryhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041
Official Advisoryhttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Official Advisoryhttp://kbase.redhat.com/faq/docs/DOC-20491
Official Advisoryhttp://lists.apple.com/archives/security-announce/2010//May/msg00001.html
Official Advisoryhttp://lists.apple.com/archives/security-announce/2010//May/msg00002.html
Official Advisoryhttp://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Official Advisoryhttp://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
Official Advisoryhttp://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=126150535619567&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=127128920008563&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=127419602507642&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=127557596201693&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=130497311408250&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=132077688910227&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=133469267822771&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=134254866602253&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=142660345230545&w=2
Official Advisoryhttp://marc.info/?l=cryptography&m=125752275331877&w=2
Official Advisoryhttp://openbsd.org/errata45.html#010_openssl
Official Advisoryhttp://openbsd.org/errata46.html#004_openssl
Official Advisoryhttp://osvdb.org/60521
Official Advisoryhttp://osvdb.org/60972
Official Advisoryhttp://osvdb.org/62210
Official Advisoryhttp://osvdb.org/65202
Official Advisoryhttp://seclists.org/fulldisclosure/2009/Nov/139
Official Advisoryhttp://secunia.com/advisories/37291
Official Advisoryhttp://secunia.com/advisories/37292
Official Advisoryhttp://secunia.com/advisories/37320
Official Advisoryhttp://secunia.com/advisories/37383
Official Advisoryhttp://secunia.com/advisories/37399
Official Advisoryhttp://secunia.com/advisories/37453
Official Advisoryhttp://secunia.com/advisories/37501
Official Advisoryhttp://secunia.com/advisories/37504
Official Advisoryhttp://secunia.com/advisories/37604
Official Advisoryhttp://secunia.com/advisories/37640
Official Advisoryhttp://secunia.com/advisories/37656
Official Advisoryhttp://secunia.com/advisories/37675
Official Advisoryhttp://secunia.com/advisories/37859
Official Advisoryhttp://secunia.com/advisories/38003
Official Advisoryhttp://secunia.com/advisories/38020
Official Advisoryhttp://secunia.com/advisories/38056
Official Advisoryhttp://secunia.com/advisories/38241
Official Advisoryhttp://secunia.com/advisories/38484
Official Advisoryhttp://secunia.com/advisories/38687
Official Advisoryhttp://secunia.com/advisories/38781
Official Advisoryhttp://secunia.com/advisories/39127
Official Advisoryhttp://secunia.com/advisories/39136
Official Advisoryhttp://secunia.com/advisories/39242
Official Advisoryhttp://secunia.com/advisories/39243
Official Advisoryhttp://secunia.com/advisories/39278
Official Advisoryhttp://secunia.com/advisories/39292
Official Advisoryhttp://secunia.com/advisories/39317
Official Advisoryhttp://secunia.com/advisories/39461
Official Advisoryhttp://secunia.com/advisories/39500
Official Advisoryhttp://secunia.com/advisories/39628
Official Advisoryhttp://secunia.com/advisories/39632
Official Advisoryhttp://secunia.com/advisories/39713
Official Advisoryhttp://secunia.com/advisories/39819
Official Advisoryhttp://secunia.com/advisories/40070
Official Advisoryhttp://secunia.com/advisories/40545
Official Advisoryhttp://secunia.com/advisories/40747
Official Advisoryhttp://secunia.com/advisories/40866
Official Advisoryhttp://secunia.com/advisories/41480
Official Advisoryhttp://secunia.com/advisories/41490
Official Advisoryhttp://secunia.com/advisories/41818
Official Advisoryhttp://secunia.com/advisories/41967
Official Advisoryhttp://secunia.com/advisories/41972
Official Advisoryhttp://secunia.com/advisories/42377
Official Advisoryhttp://secunia.com/advisories/42379
Official Advisoryhttp://secunia.com/advisories/42467
Official Advisoryhttp://secunia.com/advisories/42724
Official Advisoryhttp://secunia.com/advisories/42733
Official Advisoryhttp://secunia.com/advisories/42808
Official Advisoryhttp://secunia.com/advisories/42811
Official Advisoryhttp://secunia.com/advisories/42816
Official Advisoryhttp://secunia.com/advisories/43308
Official Advisoryhttp://secunia.com/advisories/44183
Official Advisoryhttp://secunia.com/advisories/44954
Official Advisoryhttp://secunia.com/advisories/48577
Official Advisoryhttp://security.gentoo.org/glsa/glsa-200912-01.xml
Official Advisoryhttp://security.gentoo.org/glsa/glsa-201203-22.xml
Official Advisoryhttp://security.gentoo.org/glsa/glsa-201406-32.xml
Official Advisoryhttp://securitytracker.com/id?1023148
Official Advisoryhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1
Official Advisoryhttp://support.apple.com/kb/HT4004
Official Advisoryhttp://support.apple.com/kb/HT4170
Official Advisoryhttp://support.apple.com/kb/HT4171
Official Advisoryhttp://support.avaya.com/css/P8/documents/100070150
Official Advisoryhttp://support.avaya.com/css/P8/documents/100081611
Official Advisoryhttp://support.avaya.com/css/P8/documents/100114315
Official Advisoryhttp://support.avaya.com/css/P8/documents/100114327
Official Advisoryhttp://support.citrix.com/article/CTX123359
Official Advisoryhttp://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
Official Advisoryhttp://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released
Official Advisoryhttp://sysoev.ru/nginx/patch.cve-2009-3555.txt
Official Advisoryhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html
Official Advisoryhttp://ubuntu.com/usn/usn-923-1
Official Advisoryhttp://wiki.rpath.com/Advisories:rPSA-2009-0155
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC67848
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC68054
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC68055
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg21426108
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg21432298
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg24006386
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg24025312
Official Advisoryhttp://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only
Official Advisoryhttp://www.arubanetworks.com/support/alerts/aid-020810.txt
Official Advisoryhttp://www.betanews.com/article/1257452450
Official Advisoryhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml
Official Advisoryhttp://www.debian.org/security/2009/dsa-1934
Official Advisoryhttp://www.debian.org/security/2011/dsa-2141
Official Advisoryhttp://www.debian.org/security/2015/dsa-3253
Official Advisoryhttp://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
Official Advisoryhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Official Advisoryhttp://www.ietf.org/mail-archive/web/tls/current/msg03928.html
Official Advisoryhttp://www.ietf.org/mail-archive/web/tls/current/msg03948.html
Official Advisoryhttp://www.ingate.com/Relnote.php?ver=481
Official Advisoryhttp://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
Official Advisoryhttp://www.kb.cert.org/vuls/id/120541
Official Advisoryhttp://www.links.org/?p=780
Official Advisoryhttp://www.links.org/?p=786
Official Advisoryhttp://www.links.org/?p=789
Official Advisoryhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:076
Official Advisoryhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:084
Official Advisoryhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:089
Official Advisoryhttp://www.mozilla.org/security/announce/2010/mfsa2010-22.html
Official Advisoryhttp://www.openoffice.org/security/cves/CVE-2009-3555.html
Official Advisoryhttp://www.openssl.org/news/secadv_20091111.txt
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/05/3
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/05/5
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/06/3
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/07/3
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/20/1
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/23/10
Official Advisoryhttp://www.opera.com/docs/changelogs/unix/1060/
Official Advisoryhttp://www.opera.com/support/search/view/944/
Official Advisoryhttp://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
Official Advisoryhttp://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
Official Advisoryhttp://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Official Advisoryhttp://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0119.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0130.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0155.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0165.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0167.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0337.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0338.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0339.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0768.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0770.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0786.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0807.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0865.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0986.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0987.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2011-0880.html
Official Advisoryhttp://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html
Official Advisoryhttp://www.securityfocus.com/archive/1/507952/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/508075/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/508130/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/515055/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/516397/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/522176
Official Advisoryhttp://www.securityfocus.com/bid/36935
Official Advisoryhttp://www.securitytracker.com/id?1023163
Official Advisoryhttp://www.securitytracker.com/id?1023204
Official Advisoryhttp://www.securitytracker.com/id?1023205
Official Advisoryhttp://www.securitytracker.com/id?1023206
Official Advisoryhttp://www.securitytracker.com/id?1023207
Official Advisoryhttp://www.securitytracker.com/id?1023208
Official Advisoryhttp://www.securitytracker.com/id?1023209
Official Advisoryhttp://www.securitytracker.com/id?1023210
Official Advisoryhttp://www.securitytracker.com/id?1023211
Official Advisoryhttp://www.securitytracker.com/id?1023212
Official Advisoryhttp://www.securitytracker.com/id?1023213
Official Advisoryhttp://www.securitytracker.com/id?1023214
Official Advisoryhttp://www.securitytracker.com/id?1023215
Official Advisoryhttp://www.securitytracker.com/id?1023216
Official Advisoryhttp://www.securitytracker.com/id?1023217
Official Advisoryhttp://www.securitytracker.com/id?1023218
Official Advisoryhttp://www.securitytracker.com/id?1023219
Official Advisoryhttp://www.securitytracker.com/id?1023224
Official Advisoryhttp://www.securitytracker.com/id?1023243
Official Advisoryhttp://www.securitytracker.com/id?1023270
Official Advisoryhttp://www.securitytracker.com/id?1023271
Official Advisoryhttp://www.securitytracker.com/id?1023272
Official Advisoryhttp://www.securitytracker.com/id?1023273
Official Advisoryhttp://www.securitytracker.com/id?1023274
Official Advisoryhttp://www.securitytracker.com/id?1023275
Official Advisoryhttp://www.securitytracker.com/id?1023411
Official Advisoryhttp://www.securitytracker.com/id?1023426
Official Advisoryhttp://www.securitytracker.com/id?1023427
Official Advisoryhttp://www.securitytracker.com/id?1023428
Official Advisoryhttp://www.securitytracker.com/id?1024789
Official Advisoryhttp://www.tombom.co.uk/blog/?p=85
Official Advisoryhttp://www.ubuntu.com/usn/USN-1010-1
Official Advisoryhttp://www.ubuntu.com/usn/USN-927-1
Official Advisoryhttp://www.ubuntu.com/usn/USN-927-4
Official Advisoryhttp://www.ubuntu.com/usn/USN-927-5
Official Advisoryhttp://www.us-cert.gov/cas/techalerts/TA10-222A.html
Official Advisoryhttp://www.us-cert.gov/cas/techalerts/TA10-287A.html
Official Advisoryhttp://www.vmware.com/security/advisories/VMSA-2010-0019.html
Official Advisoryhttp://www.vmware.com/security/advisories/VMSA-2011-0003.html
Official Advisoryhttp://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3164
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3165
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3205
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3220
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3310
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3313
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3353
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3354
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3484
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3521
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3587
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0086
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0173
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0748
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0848
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0916
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0933
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0982
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0994
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1054
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1107
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1191
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1350
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1639
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1673
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1793
Official Advisoryhttp://www.vupen.com/english/advisories/2010/2010
Official Advisoryhttp://www.vupen.com/english/advisories/2010/2745
Official Advisoryhttp://www.vupen.com/english/advisories/2010/3069
Official Advisoryhttp://www.vupen.com/english/advisories/2010/3086
Official Advisoryhttp://www.vupen.com/english/advisories/2010/3126
Official Advisoryhttp://www.vupen.com/english/advisories/2011/0032
Official Advisoryhttp://www.vupen.com/english/advisories/2011/0033
Official Advisoryhttp://www.vupen.com/english/advisories/2011/0086
Official Advisoryhttp://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html
Official Advisoryhttps://bugzilla.mozilla.org/show_bug.cgi?id=526689
Official Advisoryhttps://bugzilla.mozilla.org/show_bug.cgi?id=545755
Official Advisoryhttps://bugzilla.redhat.com/show_bug.cgi?id=533125
MSRC Advisoryhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049
Official Advisoryhttps://exchange.xforce.ibmcloud.com/vulnerabilities/54158
Official Advisoryhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
Official Advisoryhttps://kb.bluecoat.com/index?page=content&id=SA50
Official Advisoryhttps://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535
Official Advisoryhttps://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html
Official Advisoryhttps://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html
Official Advisoryhttp://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html
Official Advisoryhttp://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html
Official Advisoryhttp://blogs.iss.net/archive/sslmitmiscsrf.html
Official Advisoryhttp://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during
Official Advisoryhttp://clicky.me/tlsvuln
Official Advisoryhttp://extendedsubset.com/?p=8
Official Advisoryhttp://extendedsubset.com/Renegotiating_TLS.pdf
Official Advisoryhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686
Official Advisoryhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041
Official Advisoryhttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Official Advisoryhttp://kbase.redhat.com/faq/docs/DOC-20491
Official Advisoryhttp://lists.apple.com/archives/security-announce/2010//May/msg00001.html
Official Advisoryhttp://lists.apple.com/archives/security-announce/2010//May/msg00002.html
Official Advisoryhttp://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Official Advisoryhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Official Advisoryhttp://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
Official Advisoryhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
Official Advisoryhttp://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=126150535619567&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=127128920008563&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=127419602507642&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=127557596201693&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=130497311408250&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=132077688910227&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=133469267822771&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=134254866602253&w=2
Official Advisoryhttp://marc.info/?l=bugtraq&m=142660345230545&w=2
Official Advisoryhttp://marc.info/?l=cryptography&m=125752275331877&w=2
Official Advisoryhttp://openbsd.org/errata45.html#010_openssl
Official Advisoryhttp://openbsd.org/errata46.html#004_openssl
Official Advisoryhttp://osvdb.org/60521
Official Advisoryhttp://osvdb.org/60972
Official Advisoryhttp://osvdb.org/62210
Official Advisoryhttp://osvdb.org/65202
Official Advisoryhttp://seclists.org/fulldisclosure/2009/Nov/139
Official Advisoryhttp://secunia.com/advisories/37291
Official Advisoryhttp://secunia.com/advisories/37292
Official Advisoryhttp://secunia.com/advisories/37320
Official Advisoryhttp://secunia.com/advisories/37383
Official Advisoryhttp://secunia.com/advisories/37399
Official Advisoryhttp://secunia.com/advisories/37453
Official Advisoryhttp://secunia.com/advisories/37501
Official Advisoryhttp://secunia.com/advisories/37504
Official Advisoryhttp://secunia.com/advisories/37604
Official Advisoryhttp://secunia.com/advisories/37640
Official Advisoryhttp://secunia.com/advisories/37656
Official Advisoryhttp://secunia.com/advisories/37675
Official Advisoryhttp://secunia.com/advisories/37859
Official Advisoryhttp://secunia.com/advisories/38003
Official Advisoryhttp://secunia.com/advisories/38020
Official Advisoryhttp://secunia.com/advisories/38056
Official Advisoryhttp://secunia.com/advisories/38241
Official Advisoryhttp://secunia.com/advisories/38484
Official Advisoryhttp://secunia.com/advisories/38687
Official Advisoryhttp://secunia.com/advisories/38781
Official Advisoryhttp://secunia.com/advisories/39127
Official Advisoryhttp://secunia.com/advisories/39136
Official Advisoryhttp://secunia.com/advisories/39242
Official Advisoryhttp://secunia.com/advisories/39243
Official Advisoryhttp://secunia.com/advisories/39278
Official Advisoryhttp://secunia.com/advisories/39292
Official Advisoryhttp://secunia.com/advisories/39317
Official Advisoryhttp://secunia.com/advisories/39461
Official Advisoryhttp://secunia.com/advisories/39500
Official Advisoryhttp://secunia.com/advisories/39628
Official Advisoryhttp://secunia.com/advisories/39632
Official Advisoryhttp://secunia.com/advisories/39713
Official Advisoryhttp://secunia.com/advisories/39819
Official Advisoryhttp://secunia.com/advisories/40070
Official Advisoryhttp://secunia.com/advisories/40545
Official Advisoryhttp://secunia.com/advisories/40747
Official Advisoryhttp://secunia.com/advisories/40866
Official Advisoryhttp://secunia.com/advisories/41480
Official Advisoryhttp://secunia.com/advisories/41490
Official Advisoryhttp://secunia.com/advisories/41818
Official Advisoryhttp://secunia.com/advisories/41967
Official Advisoryhttp://secunia.com/advisories/41972
Official Advisoryhttp://secunia.com/advisories/42377
Official Advisoryhttp://secunia.com/advisories/42379
Official Advisoryhttp://secunia.com/advisories/42467
Official Advisoryhttp://secunia.com/advisories/42724
Official Advisoryhttp://secunia.com/advisories/42733
Official Advisoryhttp://secunia.com/advisories/42808
Official Advisoryhttp://secunia.com/advisories/42811
Official Advisoryhttp://secunia.com/advisories/42816
Official Advisoryhttp://secunia.com/advisories/43308
Official Advisoryhttp://secunia.com/advisories/44183
Official Advisoryhttp://secunia.com/advisories/44954
Official Advisoryhttp://secunia.com/advisories/48577
Official Advisoryhttp://security.gentoo.org/glsa/glsa-200912-01.xml
Official Advisoryhttp://security.gentoo.org/glsa/glsa-201203-22.xml
Official Advisoryhttp://security.gentoo.org/glsa/glsa-201406-32.xml
Official Advisoryhttp://securitytracker.com/id?1023148
Official Advisoryhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1
Official Advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1
Official Advisoryhttp://support.apple.com/kb/HT4004
Official Advisoryhttp://support.apple.com/kb/HT4170
Official Advisoryhttp://support.apple.com/kb/HT4171
Official Advisoryhttp://support.avaya.com/css/P8/documents/100070150
Official Advisoryhttp://support.avaya.com/css/P8/documents/100081611
Official Advisoryhttp://support.avaya.com/css/P8/documents/100114315
Official Advisoryhttp://support.avaya.com/css/P8/documents/100114327
Official Advisoryhttp://support.citrix.com/article/CTX123359
Official Advisoryhttp://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
Official Advisoryhttp://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released
Official Advisoryhttp://sysoev.ru/nginx/patch.cve-2009-3555.txt
Official Advisoryhttp://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html
Official Advisoryhttp://ubuntu.com/usn/usn-923-1
Official Advisoryhttp://wiki.rpath.com/Advisories:rPSA-2009-0155
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC67848
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC68054
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC68055
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg21426108
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg21432298
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg24006386
Official Advisoryhttp://www-01.ibm.com/support/docview.wss?uid=swg24025312
Official Advisoryhttp://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only
Official Advisoryhttp://www.arubanetworks.com/support/alerts/aid-020810.txt
Official Advisoryhttp://www.betanews.com/article/1257452450
Official Advisoryhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml
Official Advisoryhttp://www.debian.org/security/2009/dsa-1934
Official Advisoryhttp://www.debian.org/security/2011/dsa-2141
Official Advisoryhttp://www.debian.org/security/2015/dsa-3253
Official Advisoryhttp://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
Official Advisoryhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Official Advisoryhttp://www.ietf.org/mail-archive/web/tls/current/msg03928.html
Official Advisoryhttp://www.ietf.org/mail-archive/web/tls/current/msg03948.html
Official Advisoryhttp://www.ingate.com/Relnote.php?ver=481
Official Advisoryhttp://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
Official Advisoryhttp://www.kb.cert.org/vuls/id/120541
Official Advisoryhttp://www.links.org/?p=780
Official Advisoryhttp://www.links.org/?p=786
Official Advisoryhttp://www.links.org/?p=789
Official Advisoryhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:076
Official Advisoryhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:084
Official Advisoryhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:089
Official Advisoryhttp://www.mozilla.org/security/announce/2010/mfsa2010-22.html
Official Advisoryhttp://www.openoffice.org/security/cves/CVE-2009-3555.html
Official Advisoryhttp://www.openssl.org/news/secadv_20091111.txt
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/05/3
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/05/5
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/06/3
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/07/3
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/20/1
Official Advisoryhttp://www.openwall.com/lists/oss-security/2009/11/23/10
Official Advisoryhttp://www.opera.com/docs/changelogs/unix/1060/
Official Advisoryhttp://www.opera.com/support/search/view/944/
Official Advisoryhttp://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
Official Advisoryhttp://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
Official Advisoryhttp://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Official Advisoryhttp://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0119.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0130.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0155.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0165.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0167.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0337.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0338.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0339.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0768.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0770.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0786.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0807.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0865.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0986.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2010-0987.html
Official Advisoryhttp://www.redhat.com/support/errata/RHSA-2011-0880.html
Official Advisoryhttp://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html
Official Advisoryhttp://www.securityfocus.com/archive/1/507952/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/508075/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/508130/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/515055/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/516397/100/0/threaded
Official Advisoryhttp://www.securityfocus.com/archive/1/522176
Official Advisoryhttp://www.securityfocus.com/bid/36935
Official Advisoryhttp://www.securitytracker.com/id?1023163
Official Advisoryhttp://www.securitytracker.com/id?1023204
Official Advisoryhttp://www.securitytracker.com/id?1023205
Official Advisoryhttp://www.securitytracker.com/id?1023206
Official Advisoryhttp://www.securitytracker.com/id?1023207
Official Advisoryhttp://www.securitytracker.com/id?1023208
Official Advisoryhttp://www.securitytracker.com/id?1023209
Official Advisoryhttp://www.securitytracker.com/id?1023210
Official Advisoryhttp://www.securitytracker.com/id?1023211
Official Advisoryhttp://www.securitytracker.com/id?1023212
Official Advisoryhttp://www.securitytracker.com/id?1023213
Official Advisoryhttp://www.securitytracker.com/id?1023214
Official Advisoryhttp://www.securitytracker.com/id?1023215
Official Advisoryhttp://www.securitytracker.com/id?1023216
Official Advisoryhttp://www.securitytracker.com/id?1023217
Official Advisoryhttp://www.securitytracker.com/id?1023218
Official Advisoryhttp://www.securitytracker.com/id?1023219
Official Advisoryhttp://www.securitytracker.com/id?1023224
Official Advisoryhttp://www.securitytracker.com/id?1023243
Official Advisoryhttp://www.securitytracker.com/id?1023270
Official Advisoryhttp://www.securitytracker.com/id?1023271
Official Advisoryhttp://www.securitytracker.com/id?1023272
Official Advisoryhttp://www.securitytracker.com/id?1023273
Official Advisoryhttp://www.securitytracker.com/id?1023274
Official Advisoryhttp://www.securitytracker.com/id?1023275
Official Advisoryhttp://www.securitytracker.com/id?1023411
Official Advisoryhttp://www.securitytracker.com/id?1023426
Official Advisoryhttp://www.securitytracker.com/id?1023427
Official Advisoryhttp://www.securitytracker.com/id?1023428
Official Advisoryhttp://www.securitytracker.com/id?1024789
Official Advisoryhttp://www.tombom.co.uk/blog/?p=85
Official Advisoryhttp://www.ubuntu.com/usn/USN-1010-1
Official Advisoryhttp://www.ubuntu.com/usn/USN-927-1
Official Advisoryhttp://www.ubuntu.com/usn/USN-927-4
Official Advisoryhttp://www.ubuntu.com/usn/USN-927-5
Official Advisoryhttp://www.us-cert.gov/cas/techalerts/TA10-222A.html
Official Advisoryhttp://www.us-cert.gov/cas/techalerts/TA10-287A.html
Official Advisoryhttp://www.vmware.com/security/advisories/VMSA-2010-0019.html
Official Advisoryhttp://www.vmware.com/security/advisories/VMSA-2011-0003.html
Official Advisoryhttp://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3164
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3165
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3205
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3220
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3310
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3313
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3353
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3354
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3484
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3521
Official Advisoryhttp://www.vupen.com/english/advisories/2009/3587
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0086
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0173
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0748
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0848
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0916
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0933
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0982
Official Advisoryhttp://www.vupen.com/english/advisories/2010/0994
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1054
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1107
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1191
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1350
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1639
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1673
Official Advisoryhttp://www.vupen.com/english/advisories/2010/1793
Official Advisoryhttp://www.vupen.com/english/advisories/2010/2010
Official Advisoryhttp://www.vupen.com/english/advisories/2010/2745
Official Advisoryhttp://www.vupen.com/english/advisories/2010/3069
Official Advisoryhttp://www.vupen.com/english/advisories/2010/3086
Official Advisoryhttp://www.vupen.com/english/advisories/2010/3126
Official Advisoryhttp://www.vupen.com/english/advisories/2011/0032
Official Advisoryhttp://www.vupen.com/english/advisories/2011/0033
Official Advisoryhttp://www.vupen.com/english/advisories/2011/0086
Official Advisoryhttp://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html
Official Advisoryhttps://bugzilla.mozilla.org/show_bug.cgi?id=526689
Official Advisoryhttps://bugzilla.mozilla.org/show_bug.cgi?id=545755
Official Advisoryhttps://bugzilla.redhat.com/show_bug.cgi?id=533125
MSRC Advisoryhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049
Official Advisoryhttps://exchange.xforce.ibmcloud.com/vulnerabilities/54158
Official Advisoryhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
Official Advisoryhttps://kb.bluecoat.com/index?page=content&id=SA50
Official Advisoryhttps://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535
Official Advisoryhttps://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html
Official Advisoryhttps://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html
Official Advisoryhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html
Official Advisoryhttps://www.exploit-db.com/exploits/10579
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.