CVE-2009-3555
Description
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.tomcat:tomcatMaven | >= 7.0.0, < 7.0.10 | 7.0.10 |
org.apache.tomcat:tomcatMaven | >= 6.0.0, < 6.0.32 | 6.0.32 |
org.apache.tomcat:tomcatMaven | >= 5.0.0, < 5.5.33 | 5.5.33 |
Affected products
25cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*range: <=0.9.8k
- cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 5 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
- ghsa-coords5 versionspkg:maven/org.apache.tomcat/tomcatpkg:rpm/opensuse/apache2&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweed
>= 7.0.0, < 7.0.10+ 4 more
- (no CPE)range: >= 7.0.0, < 7.0.10
- (no CPE)range: < 2.4.23-4.1
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
- (no CPE)range: < 45.5.1-1.1
Patches
Vulnerability mechanics
References
351- docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049nvdPatchVendor AdvisoryWEB
- clicky.me/tlsvulnnvdExploitThird Party AdvisoryWEB
- www.securityfocus.com/bid/36935nvdExploitPatchThird Party AdvisoryVDB EntryWEB
- xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.htmlnvdExploitThird Party AdvisoryWEB
- blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.htmlnvdThird Party AdvisoryWEB
- blogs.sun.com/security/entry/vulnerability_in_tls_protocol_duringnvdThird Party AdvisoryWEB
- kbase.redhat.com/faq/docs/DOC-20491nvdThird Party AdvisoryWEB
- lists.apple.com/archives/security-announce/2010//May/msg00001.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.apple.com/archives/security-announce/2010//May/msg00002.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.apple.com/archives/security-announce/2010/Jan/msg00000.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.htmlnvdThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.htmlnvdThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.htmlnvdThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.htmlnvdThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.htmlnvdThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.htmlnvdThird Party AdvisoryWEB
- lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.htmlnvdThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.htmlnvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- marc.infonvdThird Party AdvisoryWEB
- openbsd.org/errata45.htmlnvdThird Party AdvisoryWEB
- openbsd.org/errata46.htmlnvdThird Party AdvisoryWEB
- seclists.org/fulldisclosure/2009/Nov/139nvdMailing ListThird Party AdvisoryWEB
- secunia.com/advisories/37291nvdThird Party Advisory
- secunia.com/advisories/37292nvdThird Party Advisory
- secunia.com/advisories/37320nvdThird Party Advisory
- secunia.com/advisories/37383nvdThird Party Advisory
- secunia.com/advisories/37399nvdThird Party Advisory
- secunia.com/advisories/37453nvdThird Party Advisory
- secunia.com/advisories/37501nvdThird Party Advisory
- secunia.com/advisories/37504nvdThird Party Advisory
- secunia.com/advisories/37604nvdThird Party Advisory
- secunia.com/advisories/37640nvdThird Party Advisory
- secunia.com/advisories/37656nvdThird Party Advisory
- secunia.com/advisories/37675nvdThird Party Advisory
- secunia.com/advisories/37859nvdThird Party Advisory
- secunia.com/advisories/38003nvdThird Party Advisory
- secunia.com/advisories/38020nvdThird Party Advisory
- secunia.com/advisories/38056nvdThird Party Advisory
- secunia.com/advisories/38241nvdThird Party Advisory
- secunia.com/advisories/38484nvdThird Party Advisory
- secunia.com/advisories/38687nvdThird Party Advisory
- secunia.com/advisories/38781nvdThird Party Advisory
- secunia.com/advisories/39127nvdThird Party Advisory
- secunia.com/advisories/39136nvdThird Party Advisory
- secunia.com/advisories/39242nvdThird Party Advisory
- secunia.com/advisories/39243nvdThird Party Advisory
- secunia.com/advisories/39278nvdThird Party Advisory
- secunia.com/advisories/39292nvdThird Party Advisory
- secunia.com/advisories/39317nvdThird Party Advisory
- secunia.com/advisories/39461nvdThird Party Advisory
- secunia.com/advisories/39500nvdThird Party Advisory
- secunia.com/advisories/39628nvdThird Party Advisory
- secunia.com/advisories/39632nvdThird Party Advisory
- secunia.com/advisories/39713nvdThird Party Advisory
- secunia.com/advisories/39819nvdThird Party Advisory
- secunia.com/advisories/40070nvdThird Party Advisory
- secunia.com/advisories/40545nvdThird Party Advisory
- secunia.com/advisories/40747nvdThird Party Advisory
- secunia.com/advisories/40866nvdThird Party Advisory
- secunia.com/advisories/41480nvdThird Party Advisory
- secunia.com/advisories/41490nvdThird Party Advisory
- secunia.com/advisories/41818nvdThird Party Advisory
- secunia.com/advisories/41967nvdThird Party Advisory
- secunia.com/advisories/41972nvdThird Party Advisory
- secunia.com/advisories/42377nvdThird Party Advisory
- secunia.com/advisories/42379nvdThird Party Advisory
- secunia.com/advisories/42467nvdThird Party Advisory
- secunia.com/advisories/42724nvdThird Party Advisory
- secunia.com/advisories/42733nvdThird Party Advisory
- secunia.com/advisories/42808nvdThird Party Advisory
- secunia.com/advisories/42811nvdThird Party Advisory
- secunia.com/advisories/42816nvdThird Party Advisory
- secunia.com/advisories/43308nvdThird Party Advisory
- secunia.com/advisories/44183nvdThird Party Advisory
- secunia.com/advisories/44954nvdThird Party Advisory
- secunia.com/advisories/48577nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200912-01.xmlnvdThird Party AdvisoryWEB
- security.gentoo.org/glsa/glsa-201203-22.xmlnvdThird Party AdvisoryWEB
- security.gentoo.org/glsa/glsa-201406-32.xmlnvdThird Party AdvisoryWEB
- securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- slackware.com/security/viewer.phpnvdThird Party AdvisoryWEB
- support.apple.com/kb/HT4004nvdThird Party AdvisoryWEB
- support.apple.com/kb/HT4170nvdThird Party AdvisoryWEB
- support.apple.com/kb/HT4171nvdThird Party AdvisoryWEB
- support.avaya.com/css/P8/documents/100070150nvdThird Party AdvisoryWEB
- support.avaya.com/css/P8/documents/100081611nvdThird Party AdvisoryWEB
- support.avaya.com/css/P8/documents/100114315nvdThird Party AdvisoryWEB
- support.avaya.com/css/P8/documents/100114327nvdThird Party AdvisoryWEB
- support.citrix.com/article/CTX123359nvdThird Party AdvisoryWEB
- ubuntu.com/usn/usn-923-1nvdThird Party AdvisoryWEB
- wiki.rpath.com/Advisories:rPSA-2009-0155nvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-01.ibm.com/support/docview.wssnvdThird Party AdvisoryWEB
- www-1.ibm.com/support/search.wssnvdThird Party AdvisoryWEB
- www.betanews.com/article/1257452450nvdThird Party AdvisoryWEB
- www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtmlnvdThird Party AdvisoryWEB
- www.debian.org/security/2009/dsa-1934nvdThird Party AdvisoryWEB
- www.debian.org/security/2011/dsa-2141nvdThird Party AdvisoryWEB
- www.debian.org/security/2015/dsa-3253nvdThird Party AdvisoryWEB
- www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.htmlnvdThird Party AdvisoryWEB
- www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.htmlnvdThird Party AdvisoryWEB
- www.ietf.org/mail-archive/web/tls/current/msg03928.htmlnvdThird Party AdvisoryWEB
- www.ietf.org/mail-archive/web/tls/current/msg03948.htmlnvdThird Party AdvisoryWEB
- www.ingate.com/Relnote.phpnvdThird Party AdvisoryWEB
- www.itrc.hp.com/service/cki/docDisplay.donvdThird Party AdvisoryWEB
- www.kb.cert.org/vuls/id/120541nvdThird Party AdvisoryUS Government ResourceWEB
- www.links.orgnvdThird Party AdvisoryWEB
- www.links.orgnvdThird Party AdvisoryWEB
- www.links.orgnvdThird Party AdvisoryWEB
- www.mozilla.org/security/announce/2010/mfsa2010-22.htmlnvdThird Party AdvisoryWEB
- www.openoffice.org/security/cves/CVE-2009-3555.htmlnvdThird Party AdvisoryWEB
- www.openssl.org/news/secadv_20091111.txtnvdThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2009/11/05/3nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2009/11/05/5nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2009/11/06/3nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2009/11/07/3nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2009/11/20/1nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2009/11/23/10nvdMailing ListThird Party AdvisoryWEB
- www.opera.com/docs/changelogs/unix/1060/nvdThird Party Advisory
- www.opera.com/support/search/view/944/nvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpuapr2011-301950.htmlnvdThird Party AdvisoryWEB
- www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlnvdThird Party AdvisoryWEB
- www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0119.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0130.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0155.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0165.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0167.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0337.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0338.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0339.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0768.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0770.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0786.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0807.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0865.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0986.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2010-0987.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/support/errata/RHSA-2011-0880.htmlnvdThird Party AdvisoryWEB
- www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.htmlnvdThird Party AdvisoryWEB
- www.securityfocus.com/archive/1/507952/100/0/threadednvdThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/archive/1/508075/100/0/threadednvdThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/archive/1/508130/100/0/threadednvdThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/archive/1/515055/100/0/threadednvdThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/archive/1/516397/100/0/threadednvdThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/archive/1/522176nvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/idnvdThird Party AdvisoryVDB EntryWEB
- www.ubuntu.com/usn/USN-1010-1nvdThird Party AdvisoryWEB
- www.ubuntu.com/usn/USN-927-1nvdThird Party AdvisoryWEB
- www.ubuntu.com/usn/USN-927-4nvdThird Party AdvisoryWEB
- www.ubuntu.com/usn/USN-927-5nvdThird Party AdvisoryWEB
- www.us-cert.gov/cas/techalerts/TA10-222A.htmlnvdThird Party AdvisoryUS Government ResourceWEB
- www.us-cert.gov/cas/techalerts/TA10-287A.htmlnvdThird Party AdvisoryUS Government ResourceWEB
- www.vmware.com/security/advisories/VMSA-2010-0019.htmlnvdThird Party AdvisoryWEB
- www.vmware.com/security/advisories/VMSA-2011-0003.htmlnvdThird Party AdvisoryWEB
- www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.htmlnvdThird Party AdvisoryWEB
- www.vupen.com/english/advisories/2009/3164nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3165nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3205nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3220nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3310nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3313nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3353nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3354nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3484nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3521nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/3587nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0086nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0173nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0748nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0848nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0916nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0933nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0982nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0994nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1054nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1107nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1191nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1350nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1639nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1673nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1793nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/2010nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/2745nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/3069nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/3086nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/3126nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0032nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0033nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0086nvdThird Party Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/54158nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-f7w7-6pjc-wwm6ghsaADVISORY
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdThird Party AdvisoryWEB
- kb.bluecoat.com/indexnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2009-3555ghsaADVISORY
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088nvdThird Party AdvisoryWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578nvdThird Party AdvisoryWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617nvdThird Party AdvisoryWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315nvdThird Party AdvisoryWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478nvdThird Party AdvisoryWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973nvdThird Party AdvisoryWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366nvdThird Party AdvisoryWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535nvdThird Party AdvisoryWEB
- support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.htmlnvdThird Party AdvisoryWEB
- svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txtnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.htmlnvdThird Party AdvisoryWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.htmlnvdThird Party AdvisoryWEB
- archives.neohapsis.com/archives/bugtraq/2013-11/0120.htmlnvdBroken LinkWEB
- blogs.iss.net/archive/sslmitmiscsrf.htmlnvdBroken LinkWEB
- extendedsubset.comnvdBroken LinkWEB
- extendedsubset.com/Renegotiating_TLS.pdfnvdBroken LinkWEB
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdBroken LinkWEB
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdBroken LinkWEB
- itrc.hp.com/service/cki/docDisplay.donvdBroken LinkWEB
- osvdb.org/60521nvdBroken Link
- osvdb.org/60972nvdBroken Link
- osvdb.org/62210nvdBroken Link
- osvdb.org/65202nvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken LinkWEB
- sunsolve.sun.com/search/document.donvdBroken LinkWEB
- sunsolve.sun.com/search/document.donvdBroken LinkWEB
- sunsolve.sun.com/search/document.donvdBroken LinkWEB
- sunsolve.sun.com/search/document.donvdBroken LinkWEB
- support.zeus.com/zws/media/docs/4.3/RELEASE_NOTESnvdBroken LinkWEB
- support.zeus.com/zws/news/2010/01/13/zws_4_3r5_releasednvdBroken LinkWEB
- sysoev.ru/nginx/patch.cve-2009-3555.txtnvdBroken LinkWEB
- tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.htmlnvdBroken LinkWEB
- www.arubanetworks.com/support/alerts/aid-020810.txtnvdBroken LinkWEB
- www.mandriva.com/security/advisoriesnvdBroken LinkWEB
- www.mandriva.com/security/advisoriesnvdBroken LinkWEB
- www.mandriva.com/security/advisoriesnvdBroken LinkWEB
- www.opera.com/docs/changelogs/unix/1060ghsaWEB
- www.opera.com/support/search/view/944ghsaWEB
- www.proftpd.org/docs/RELEASE_NOTES-1.3.2cnvdBroken LinkWEB
- www.tombom.co.uk/blog/nvdBroken LinkWEB
- access.redhat.com/errata/RHSA-2009:1579ghsaWEB
- access.redhat.com/errata/RHSA-2009:1580ghsaWEB
- access.redhat.com/errata/RHSA-2009:1694ghsaWEB
- access.redhat.com/errata/RHSA-2010:0011ghsaWEB
- access.redhat.com/errata/RHSA-2010:0119ghsaWEB
- access.redhat.com/errata/RHSA-2010:0130ghsaWEB
- access.redhat.com/errata/RHSA-2010:0155ghsaWEB
- access.redhat.com/errata/RHSA-2010:0162ghsaWEB
- access.redhat.com/errata/RHSA-2010:0163ghsaWEB
- access.redhat.com/errata/RHSA-2010:0164ghsaWEB
- access.redhat.com/errata/RHSA-2010:0165ghsaWEB
- access.redhat.com/errata/RHSA-2010:0166ghsaWEB
- access.redhat.com/errata/RHSA-2010:0167ghsaWEB
- access.redhat.com/errata/RHSA-2010:0337ghsaWEB
- access.redhat.com/errata/RHSA-2010:0338ghsaWEB
- access.redhat.com/errata/RHSA-2010:0339ghsaWEB
- access.redhat.com/errata/RHSA-2010:0408ghsaWEB
- access.redhat.com/errata/RHSA-2010:0440ghsaWEB
- access.redhat.com/errata/RHSA-2010:0768ghsaWEB
- access.redhat.com/errata/RHSA-2010:0770ghsaWEB
- access.redhat.com/errata/RHSA-2010:0786ghsaWEB
- access.redhat.com/errata/RHSA-2010:0807ghsaWEB
- access.redhat.com/errata/RHSA-2010:0865ghsaWEB
- access.redhat.com/errata/RHSA-2010:0986ghsaWEB
- access.redhat.com/errata/RHSA-2010:0987ghsaWEB
- access.redhat.com/errata/RHSA-2011:0880ghsaWEB
- access.redhat.com/errata/RHSA-2015:1591ghsaWEB
- access.redhat.com/security/cve/CVE-2009-3555ghsaWEB
- bz.apache.org/bugzilla/show_bug.cgighsaWEB
- github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30dghsaWEB
- github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3ghsaWEB
- github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701ghsaWEB
- github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02ghsaWEB
- github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3ghsaWEB
- github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7dghsaWEB
- github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366ghsaWEB
- github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0ghsaWEB
- lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3EnvdWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088ghsaWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578ghsaWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617ghsaWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315ghsaWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478ghsaWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973ghsaWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366ghsaWEB
- oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535ghsaWEB
- tomcat.apache.org/security-5.htmlghsaWEB
- tomcat.apache.org/security-6.htmlghsaWEB
- tomcat.apache.org/security-7.htmlghsaWEB
- www.exploit-db.com/exploits/10579nvdWEB
News mentions
0No linked articles in our index yet.