Vulnerability Name:

CVE-2014-3470

Assigned:2014-05-14
Published:2014-06-05
Updated:2017-11-14
Summary:The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
CVSS v3 Severity:3.7 Low (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-310
CWE-476
References:Source: CONFIRM
Type: UNKNOWN
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-9301

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-9308

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:0578

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:0743

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0640

Source: HP
Type: UNKNOWN
SSRT101590

Source: HP
Type: UNKNOWN
HPSBOV03047

Source: HP
Type: UNKNOWN
HPSBMU03057

Source: HP
Type: UNKNOWN
HPSBMU03056

Source: HP
Type: UNKNOWN
HPSBMU03055

Source: HP
Type: UNKNOWN
HPSBMU03051

Source: HP
Type: UNKNOWN
HPSBGN03050

Source: HP
Type: UNKNOWN
HPSBMU03065

Source: HP
Type: UNKNOWN
HPSBMU03069

Source: HP
Type: UNKNOWN
HPSBMU03074

Source: HP
Type: UNKNOWN
HPSBMU03062

Source: HP
Type: UNKNOWN
HPSBMU03076

Source: FULLDISC
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: SECUNIA
Type: UNKNOWN
58337

Source: SECUNIA
Type: UNKNOWN
58615

Source: SECUNIA
Type: UNKNOWN
58667

Source: SECUNIA
Type: UNKNOWN
58713

Source: SECUNIA
Type: UNKNOWN
58714

Source: SECUNIA
Type: UNKNOWN
58716

Source: SECUNIA
Type: UNKNOWN
58742

Source: SECUNIA
Type: UNKNOWN
58945

Source: SECUNIA
Type: UNKNOWN
58977

Source: SECUNIA
Type: UNKNOWN
59167

Source: SECUNIA
Type: UNKNOWN
59175

Source: SECUNIA
Type: UNKNOWN
59189

Source: SECUNIA
Type: UNKNOWN
59192

Source: SECUNIA
Type: UNKNOWN
59223

Source: SECUNIA
Type: UNKNOWN
59264

Source: SECUNIA
Type: UNKNOWN
59282

Source: SECUNIA
Type: UNKNOWN
59284

Source: SECUNIA
Type: UNKNOWN
59287

Source: SECUNIA
Type: UNKNOWN
59306

Source: SECUNIA
Type: UNKNOWN
59310

Source: SECUNIA
Type: UNKNOWN
59340

Source: SECUNIA
Type: UNKNOWN
59362

Source: SECUNIA
Type: UNKNOWN
59364

Source: SECUNIA
Type: UNKNOWN
59365

Source: SECUNIA
Type: UNKNOWN
59431

Source: SECUNIA
Type: UNKNOWN
59437

Source: SECUNIA
Type: UNKNOWN
59440

Source: SECUNIA
Type: UNKNOWN
59441

Source: SECUNIA
Type: UNKNOWN
59445

Source: SECUNIA
Type: UNKNOWN
59449

Source: SECUNIA
Type: UNKNOWN
59460

Source: SECUNIA
Type: UNKNOWN
59483

Source: SECUNIA
Type: UNKNOWN
59518

Source: SECUNIA
Type: UNKNOWN
59525

Source: SECUNIA
Type: UNKNOWN
61254

Source: GENTOO
Type: UNKNOWN
GLSA-201407-05

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT6443

Source: CONFIRM
Type: UNKNOWN
http://support.citrix.com/article/CTX140876

Source: CONFIRM
Type: UNKNOWN
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html

Source: CISCO
Type: UNKNOWN
20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=isg400001841

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=isg400001843

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21673137

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21675626

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21675821

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676035

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676062

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676071

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676419

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676496

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676501

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676529

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676615

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676655

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676879

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21676889

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677527

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677695

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677828

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677836

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678167

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678289

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21683332

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg24037761

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

Source: CONFIRM
Type: UNKNOWN
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

Source: CONFIRM
Type: UNKNOWN
http://www.blackberry.com/btsc/KB36051

Source: CONFIRM
Type: UNKNOWN
http://www.f-secure.com/en/web/labs_global/fsc-2014-6

Source: CONFIRM
Type: UNKNOWN
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg21676356

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg21676793

Source: CONFIRM
Type: UNKNOWN
http://www.ibm.com/support/docview.wss?uid=swg24037783

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2014:105

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2014:106

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:062

Source: CONFIRM
Type: UNKNOWN
http://www.novell.com/support/kb/doc.php?id=7015264

Source: CONFIRM
Type: UNKNOWN
http://www.novell.com/support/kb/doc.php?id=7015300

Source: CONFIRM
Type: VENDOR_ADVISORY
http://www.openssl.org/news/secadv_20140605.txt

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Source: BUGTRAQ
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: BID
Type: UNKNOWN
67898

Source: CONFIRM
Type: UNKNOWN
http://www.splunk.com/view/SP-CAAAM2D

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0006.html

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: CONFIRM
Type: UNKNOWN
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E

Source: CONFIRM
Type: UNKNOWN
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=1103600

Source: XF
Type: UNKNOWN
openssl-cve20143470-dos(93589)

Source: CONFIRM
Type: PATCH
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb

Source: CONFIRM
Type: UNKNOWN
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

Source: CONFIRM
Type: UNKNOWN
https://kb.bluecoat.com/index?page=content&id=SA80

Source: CONFIRM
Type: UNKNOWN
https://kc.mcafee.com/corporate/index?page=content&id=SB10075

Source: CONFIRM
Type: UNKNOWN
https://www.novell.com/support/kb/doc.php?id=7015271

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*

  • Configuration 4:
  • cpe:/a:redhat:storage:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20143470
    V
    CVE-2014-3470
    2017-11-19
    oval:org.mitre.oval:def:28333
    P
    SUSE-SU-2015:0743-1 -- Security update for mariadb (important)
    2015-08-17
    oval:org.mitre.oval:def:29338
    P
    DSA-2950-2 -- openssl -- security update
    2015-08-17
    oval:org.mitre.oval:def:25085
    V
    Remote Code Execution or Unauthorized Accesss
    2015-04-20
    oval:org.mitre.oval:def:27123
    P
    ELSA-2014-0679 -- openssl security update (important)
    2015-02-23
    oval:org.mitre.oval:def:28044
    P
    SUSE-SU-2014:1557-2 -- Security update for compat-openssl097g (moderate)
    2015-02-23
    oval:org.mitre.oval:def:25803
    P
    USN-2232-4 -- openssl vulnerabilities
    2014-10-27
    oval:org.mitre.oval:def:25014
    P
    RHSA-2014:0679: openssl security update (Important)
    2014-09-08
    oval:org.mitre.oval:def:25291
    P
    SUSE-SU-2014:0759-1 -- Security update for OpenSSL
    2014-09-08
    oval:org.mitre.oval:def:24677
    P
    SUSE-SU-2014:0761-1 -- Security update for OpenSSL
    2014-09-08
    oval:org.mitre.oval:def:25318
    P
    SUSE-SU-2014:0759-2 -- Security update for OpenSSL
    2014-09-08
    oval:org.mitre.oval:def:25171
    P
    ELSA-2014:0625: openssl security update (Important)
    2014-09-01
    oval:org.mitre.oval:def:25039
    V
    Vulnerability in OpenSSL 0.9.8 - 0.9.8za, 1.0.0 - 1.0.0m and 1.0.1 - 1.0.1h, allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information
    2014-08-18
    oval:org.mitre.oval:def:25082
    P
    USN-2232-2 -- openssl regression
    2014-08-11
    oval:org.mitre.oval:def:24628
    P
    USN-2232-3 -- openssl regression
    2014-08-11
    oval:org.mitre.oval:def:24780
    V
    AIX OpenSSL Anonymous ECDH denial of service
    2014-08-11
    oval:org.mitre.oval:def:24892
    P
    RHSA-2014:0625: openssl security update (Important)
    2014-07-21
    oval:org.mitre.oval:def:24448
    P
    USN-2232-1 -- openssl vulnerabilities
    2014-07-21
    oval:org.mitre.oval:def:24711
    P
    DSA-2950-1 openssl - security update
    2014-07-21
    oval:com.redhat.rhsa:def:20140679
    P
    RHSA-2014:0679: openssl security update (Important)
    2014-06-10
    oval:com.redhat.rhsa:def:20140625
    P
    RHSA-2014:0625: openssl security update (Important)
    2014-06-05
    oval:com.ubuntu.precise:def:20143470000
    V
    CVE-2014-3470 on Ubuntu 12.04 LTS (precise) - medium.
    2014-06-05
    oval:com.ubuntu.trusty:def:20143470000
    V
    CVE-2014-3470 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-06-05
    BACK
    openssl openssl 1.0.1
    openssl openssl 1.0.1 beta1
    openssl openssl 1.0.1 beta2
    openssl openssl 1.0.1 beta3
    openssl openssl 1.0.1a
    openssl openssl 1.0.1b
    openssl openssl 1.0.1c
    openssl openssl 1.0.1d
    openssl openssl 1.0.1e
    openssl openssl 1.0.1f
    openssl openssl 1.0.1g
    openssl openssl 1.0.0
    openssl openssl 1.0.0 beta1
    openssl openssl 1.0.0 beta2
    openssl openssl 1.0.0 beta3
    openssl openssl 1.0.0 beta4
    openssl openssl 1.0.0 beta5
    openssl openssl 1.0.0a
    openssl openssl 1.0.0b
    openssl openssl 1.0.0c
    openssl openssl 1.0.0d
    openssl openssl 1.0.0e
    openssl openssl 1.0.0f
    openssl openssl 1.0.0g
    openssl openssl 1.0.0h
    openssl openssl 1.0.0i
    openssl openssl 1.0.0j
    openssl openssl 1.0.0k
    openssl openssl 1.0.0l
    openssl openssl 0.9.8
    openssl openssl 0.9.8a
    openssl openssl 0.9.8b
    openssl openssl 0.9.8c
    openssl openssl 0.9.8d
    openssl openssl 0.9.8e
    openssl openssl 0.9.8f
    openssl openssl 0.9.8g
    openssl openssl 0.9.8h
    openssl openssl 0.9.8i
    openssl openssl 0.9.8j
    openssl openssl 0.9.8k
    openssl openssl 0.9.8l
    openssl openssl 0.9.8m
    openssl openssl 0.9.8m beta1
    openssl openssl 0.9.8n
    openssl openssl 0.9.8o
    openssl openssl 0.9.8p
    openssl openssl 0.9.8q
    openssl openssl 0.9.8r
    openssl openssl 0.9.8s
    openssl openssl 0.9.8t
    openssl openssl 0.9.8u
    openssl openssl 0.9.8v
    openssl openssl 0.9.8w
    openssl openssl 0.9.8x
    openssl openssl 0.9.8y
    redhat storage 2.1
    fedoraproject fedora *
    redhat enterprise_linux 5
    redhat enterprise_linux 6
    redhat enterprise_linux 6
    redhat enterprise_linux 7