CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
oraclecommunications_application_session_controller
3.0.0 ≤
𝑥
≤ 3.9.0
oraclecommunications_policy_management
𝑥
< 9.9.2
oraclehttp_server
11.1.1.7.0
oraclehttp_server
11.1.1.9.0
oraclehttp_server
12.1.3.0.0
oraclehttp_server
12.2.1.1.0
oraclehttp_server
12.2.1.2.0
oracleintegrated_lights_out_manager_firmware
3.0.0 ≤
𝑥
≤ 3.2.11
oracleintegrated_lights_out_manager_firmware
4.0.0 ≤
𝑥
≤ 4.0.4
debiandebian_linux
7.0
debiandebian_linux
8.0
redhatsatellite
5.7
redhatenterprise_linux_desktop
5.0
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_eus
6.6
redhatenterprise_linux_eus
7.1
redhatenterprise_linux_eus
7.2
redhatenterprise_linux_eus
7.3
redhatenterprise_linux_eus
7.4
redhatenterprise_linux_eus
7.5
redhatenterprise_linux_eus
7.6
redhatenterprise_linux_eus
7.7
redhatenterprise_linux_server
5.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
6.6
redhatenterprise_linux_server_aus
7.3
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_aus
7.6
redhatenterprise_linux_server_aus
7.7
redhatenterprise_linux_server_tus
7.3
redhatenterprise_linux_server_tus
7.6
redhatenterprise_linux_server_tus
7.7
redhatenterprise_linux_workstation
5.0
redhatenterprise_linux_workstation
6.0
redhatenterprise_linux_workstation
7.0
opensuseopensuse
13.1
opensuseopensuse
13.2
susemanager
1.7
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.04
redhatsatellite
5.6
huaweie6000_firmware
-
huaweie9000_firmware
-
huaweioceanstor_18500_firmware
-
huaweioceanstor_18800_firmware
-
huaweioceanstor_18800f_firmware
-
huaweioceanstor_9000_firmware
-
huaweioceanstor_cse_firmware
-
huaweioceanstor_hvs85t_firmware
-
huaweioceanstor_s2600t_firmware
-
huaweioceanstor_s5500t_firmware
-
huaweioceanstor_s5600t_firmware
-
huaweioceanstor_s5800t_firmware
-
huaweioceanstor_s6800t_firmware
-
huaweioceanstor_vis6600t_firmware
-
huaweiquidway_s9300_firmware
-
huaweis7700_firmware
-
huaweis7700_firmware
-
huawei9700_firmware
-
huawei9700_firmware
-
huaweis12700_firmware
-
huaweis12700_firmware
-
huaweis2700_firmware
-
huaweis3700_firmware
-
huaweis5700ei_firmware
-
huaweis5700hi_firmware
-
huaweis5700si_firmware
-
huaweis5710ei_firmware
-
huaweis5710hi_firmware
-
huaweis6700_firmware
-
huaweis2750_firmware
-
huaweis5700li_firmware
-
huaweis5700s-li_firmware
-
huaweis5720hi_firmware
-
huaweis2750_firmware
-
huaweis5700li_firmware
-
huaweis5700s-li_firmware
-
huaweis5720hi_firmware
-
huaweis5720ei_firmware
-
huaweite60_firmware
-
ibmcognos_metrics_manager
10.1
ibmcognos_metrics_manager
10.1.1
ibmcognos_metrics_manager
10.2
ibmcognos_metrics_manager
10.2.1
ibmcognos_metrics_manager
10.2.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openjdk-8
sid
8u432-b06-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
precise
Fixed 6b36-1.13.8-0ubuntu1~12.04
released
trusty
Fixed 6b36-1.13.8-0ubuntu1~14.04
released
utopic
ignored
vivid
Fixed 6b36-1.13.8-0ubuntu1~15.04.1
released
wily
not-affected
openjdk-7
precise
Fixed 7u79-2.5.6-0ubuntu1.12.04.1
released
trusty
Fixed 7u79-2.5.6-0ubuntu1.14.04.1
released
utopic
ignored
vivid
Fixed 7u79-2.5.6-0ubuntu1.15.04.1
released
wily
not-affected
openjdk-8
precise
dne
trusty
dne
utopic
ignored
vivid
ignored
wily
Fixed 8u66-b17-1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
java-1_7_0-openjdk
suse enterprise sap 12
1.7.0.85-18.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.85-18.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-demo
suse enterprise sap 12
1.7.0.85-18.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.85-18.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-devel
suse enterprise sap 12
1.7.0.85-18.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.85-18.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-headless
suse enterprise sap 12
1.7.0.85-18.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.85-18.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_8_0-openjdk
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
java-1_8_0-openjdk-demo
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
java-1_8_0-openjdk-devel
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
java-1_8_0-openjdk-headless
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.16.10-1jpp.1.el6_6
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.16.10-1jpp.1.el6_6
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.16.10-1jpp.1.el6_6
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.16.10-1jpp.1.el6_6
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.16.10-1jpp.1.el6_6
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.16.10-1jpp.1.el6_6
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.16.10-1jpp.1.el6_6
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.16.4-1jpp.1.el6_6
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.16.4-1jpp.1.el6_6
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.16.4-1jpp.1.el6_6
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.16.4-1jpp.1.el6_6
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.16.4-1jpp.1.el6_6
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.16.4-1jpp.1.el6_6
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.16.4-1jpp.1.el6_6
fixed
java-1.6.0-openjdk
RHEL 6
1:1.6.0.36-1.13.8.1.el6_7
fixed
RHEL 7
1:1.6.0.36-1.13.8.1.el7_1
fixed
java-1.6.0-openjdk-demo
RHEL 6
1:1.6.0.36-1.13.8.1.el6_7
fixed
RHEL 7
1:1.6.0.36-1.13.8.1.el7_1
fixed
java-1.6.0-openjdk-devel
RHEL 6
1:1.6.0.36-1.13.8.1.el6_7
fixed
RHEL 7
1:1.6.0.36-1.13.8.1.el7_1
fixed
java-1.6.0-openjdk-javadoc
RHEL 6
1:1.6.0.36-1.13.8.1.el6_7
fixed
RHEL 7
1:1.6.0.36-1.13.8.1.el7_1
fixed
java-1.6.0-openjdk-src
RHEL 6
1:1.6.0.36-1.13.8.1.el6_7
fixed
RHEL 7
1:1.6.0.36-1.13.8.1.el7_1
fixed
java-1.7.0-openjdk
RHEL 6
1:1.7.0.85-2.6.1.3.el6_6
fixed
RHEL 7
1:1.7.0.85-2.6.1.2.el7_1
fixed
java-1.7.0-openjdk-accessibility
RHEL 7
1:1.7.0.85-2.6.1.2.el7_1
fixed
java-1.7.0-openjdk-demo
RHEL 6
1:1.7.0.85-2.6.1.3.el6_6
fixed
RHEL 7
1:1.7.0.85-2.6.1.2.el7_1
fixed
java-1.7.0-openjdk-devel
RHEL 6
1:1.7.0.85-2.6.1.3.el6_6
fixed
RHEL 7
1:1.7.0.85-2.6.1.2.el7_1
fixed
java-1.7.0-openjdk-headless
RHEL 7
1:1.7.0.85-2.6.1.2.el7_1
fixed
java-1.7.0-openjdk-javadoc
RHEL 6
1:1.7.0.85-2.6.1.3.el6_6
fixed
RHEL 7
1:1.7.0.85-2.6.1.2.el7_1
fixed
java-1.7.0-openjdk-src
RHEL 6
1:1.7.0.85-2.6.1.3.el6_6
fixed
RHEL 7
1:1.7.0.85-2.6.1.2.el7_1
fixed
java-1.7.1-ibm
RHEL 6
1:1.7.1.3.0-1jpp.2.el6_6
fixed
RHEL 7
1:1.7.1.3.0-1jpp.2.el7_1
fixed
java-1.7.1-ibm-demo
RHEL 6
1:1.7.1.3.0-1jpp.2.el6_6
fixed
RHEL 7
1:1.7.1.3.0-1jpp.2.el7_1
fixed
java-1.7.1-ibm-devel
RHEL 6
1:1.7.1.3.0-1jpp.2.el6_6
fixed
RHEL 7
1:1.7.1.3.0-1jpp.2.el7_1
fixed
java-1.7.1-ibm-jdbc
RHEL 6
1:1.7.1.3.0-1jpp.2.el6_6
fixed
RHEL 7
1:1.7.1.3.0-1jpp.2.el7_1
fixed
java-1.7.1-ibm-plugin
RHEL 6
1:1.7.1.3.0-1jpp.2.el6_6
fixed
RHEL 7
1:1.7.1.3.0-1jpp.2.el7_1
fixed
java-1.7.1-ibm-src
RHEL 6
1:1.7.1.3.0-1jpp.2.el6_6
fixed
RHEL 7
1:1.7.1.3.0-1jpp.2.el7_1
fixed
java-1.8.0-openjdk
RHEL 6
1:1.8.0.51-0.b16.el6_6
fixed
RHEL 7
1:1.8.0.51-1.b16.el7_1
fixed
java-1.8.0-openjdk-accessibility
RHEL 7
1:1.8.0.51-1.b16.el7_1
fixed
java-1.8.0-openjdk-demo
RHEL 6
1:1.8.0.51-0.b16.el6_6
fixed
RHEL 7
1:1.8.0.51-1.b16.el7_1
fixed
java-1.8.0-openjdk-devel
RHEL 6
1:1.8.0.51-0.b16.el6_6
fixed
RHEL 7
1:1.8.0.51-1.b16.el7_1
fixed
java-1.8.0-openjdk-headless
RHEL 6
1:1.8.0.51-0.b16.el6_6
fixed
RHEL 7
1:1.8.0.51-1.b16.el7_1
fixed
java-1.8.0-openjdk-javadoc
RHEL 6
1:1.8.0.51-0.b16.el6_6
fixed
RHEL 7
1:1.8.0.51-1.b16.el7_1
fixed
java-1.8.0-openjdk-src
RHEL 6
1:1.8.0.51-0.b16.el6_6
fixed
RHEL 7
1:1.8.0.51-1.b16.el7_1
fixed
Common Weakness Enumeration
References
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
http://marc.info/?l=bugtraq&m=143456209711959&w=2
http://marc.info/?l=bugtraq&m=143629696317098&w=2
http://marc.info/?l=bugtraq&m=143741441012338&w=2
http://marc.info/?l=bugtraq&m=143817021313142&w=2
http://marc.info/?l=bugtraq&m=143817899717054&w=2
http://marc.info/?l=bugtraq&m=143818140118771&w=2
http://marc.info/?l=bugtraq&m=144043644216842&w=2
http://marc.info/?l=bugtraq&m=144059660127919&w=2
http://marc.info/?l=bugtraq&m=144059703728085&w=2
http://marc.info/?l=bugtraq&m=144060576831314&w=2
http://marc.info/?l=bugtraq&m=144060606031437&w=2
http://marc.info/?l=bugtraq&m=144069189622016&w=2
http://marc.info/?l=bugtraq&m=144102017024820&w=2
http://marc.info/?l=bugtraq&m=144104533800819&w=2
http://marc.info/?l=bugtraq&m=144104565600964&w=2
http://marc.info/?l=bugtraq&m=144493176821532&w=2
http://rhn.redhat.com/errata/RHSA-2015-1006.html
http://rhn.redhat.com/errata/RHSA-2015-1007.html
http://rhn.redhat.com/errata/RHSA-2015-1020.html
http://rhn.redhat.com/errata/RHSA-2015-1021.html
http://rhn.redhat.com/errata/RHSA-2015-1091.html
http://rhn.redhat.com/errata/RHSA-2015-1228.html
http://rhn.redhat.com/errata/RHSA-2015-1229.html
http://rhn.redhat.com/errata/RHSA-2015-1230.html
http://rhn.redhat.com/errata/RHSA-2015-1241.html
http://rhn.redhat.com/errata/RHSA-2015-1242.html
http://rhn.redhat.com/errata/RHSA-2015-1243.html
http://rhn.redhat.com/errata/RHSA-2015-1526.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892
http://www-01.ibm.com/support/docview.wss?uid=swg21883640
http://www-304.ibm.com/support/docview.wss?uid=swg21903565
http://www-304.ibm.com/support/docview.wss?uid=swg21960015
http://www-304.ibm.com/support/docview.wss?uid=swg21960769
http://www.debian.org/security/2015/dsa-3316
http://www.debian.org/security/2015/dsa-3339
http://www.huawei.com/en/psirt/security-advisories/hw-454055
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.securityfocus.com/bid/73684
http://www.securityfocus.com/bid/91787
http://www.securitytracker.com/id/1032599
http://www.securitytracker.com/id/1032600
http://www.securitytracker.com/id/1032707
http://www.securitytracker.com/id/1032708
http://www.securitytracker.com/id/1032734
http://www.securitytracker.com/id/1032788
http://www.securitytracker.com/id/1032858
http://www.securitytracker.com/id/1032868
http://www.securitytracker.com/id/1032910
http://www.securitytracker.com/id/1032990
http://www.securitytracker.com/id/1033071
http://www.securitytracker.com/id/1033072
http://www.securitytracker.com/id/1033386
http://www.securitytracker.com/id/1033415
http://www.securitytracker.com/id/1033431
http://www.securitytracker.com/id/1033432
http://www.securitytracker.com/id/1033737
http://www.securitytracker.com/id/1033769
http://www.securitytracker.com/id/1036222
http://www.ubuntu.com/usn/USN-2696-1
http://www.ubuntu.com/usn/USN-2706-1
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888
https://kb.juniper.net/JSA10783
https://kc.mcafee.com/corporate/index?page=content&id=SB10163
https://security.gentoo.org/glsa/201512-10
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709
https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf
https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
http://marc.info/?l=bugtraq&m=143456209711959&w=2
http://marc.info/?l=bugtraq&m=143629696317098&w=2
http://marc.info/?l=bugtraq&m=143741441012338&w=2
http://marc.info/?l=bugtraq&m=143817021313142&w=2
http://marc.info/?l=bugtraq&m=143817899717054&w=2
http://marc.info/?l=bugtraq&m=143818140118771&w=2
http://marc.info/?l=bugtraq&m=144043644216842&w=2
http://marc.info/?l=bugtraq&m=144059660127919&w=2
http://marc.info/?l=bugtraq&m=144059703728085&w=2
http://marc.info/?l=bugtraq&m=144060576831314&w=2
http://marc.info/?l=bugtraq&m=144060606031437&w=2
http://marc.info/?l=bugtraq&m=144069189622016&w=2
http://marc.info/?l=bugtraq&m=144102017024820&w=2
http://marc.info/?l=bugtraq&m=144104533800819&w=2
http://marc.info/?l=bugtraq&m=144104565600964&w=2
http://marc.info/?l=bugtraq&m=144493176821532&w=2
http://rhn.redhat.com/errata/RHSA-2015-1006.html
http://rhn.redhat.com/errata/RHSA-2015-1007.html
http://rhn.redhat.com/errata/RHSA-2015-1020.html
http://rhn.redhat.com/errata/RHSA-2015-1021.html
http://rhn.redhat.com/errata/RHSA-2015-1091.html
http://rhn.redhat.com/errata/RHSA-2015-1228.html
http://rhn.redhat.com/errata/RHSA-2015-1229.html
http://rhn.redhat.com/errata/RHSA-2015-1230.html
http://rhn.redhat.com/errata/RHSA-2015-1241.html
http://rhn.redhat.com/errata/RHSA-2015-1242.html
http://rhn.redhat.com/errata/RHSA-2015-1243.html
http://rhn.redhat.com/errata/RHSA-2015-1526.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892
http://www-01.ibm.com/support/docview.wss?uid=swg21883640
http://www-304.ibm.com/support/docview.wss?uid=swg21903565
http://www-304.ibm.com/support/docview.wss?uid=swg21960015
http://www-304.ibm.com/support/docview.wss?uid=swg21960769
http://www.debian.org/security/2015/dsa-3316
http://www.debian.org/security/2015/dsa-3339
http://www.huawei.com/en/psirt/security-advisories/hw-454055
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.securityfocus.com/bid/73684
http://www.securityfocus.com/bid/91787
http://www.securitytracker.com/id/1032599
http://www.securitytracker.com/id/1032600
http://www.securitytracker.com/id/1032707
http://www.securitytracker.com/id/1032708
http://www.securitytracker.com/id/1032734
http://www.securitytracker.com/id/1032788
http://www.securitytracker.com/id/1032858
http://www.securitytracker.com/id/1032868
http://www.securitytracker.com/id/1032910
http://www.securitytracker.com/id/1032990
http://www.securitytracker.com/id/1033071
http://www.securitytracker.com/id/1033072
http://www.securitytracker.com/id/1033386
http://www.securitytracker.com/id/1033415
http://www.securitytracker.com/id/1033431
http://www.securitytracker.com/id/1033432
http://www.securitytracker.com/id/1033737
http://www.securitytracker.com/id/1033769
http://www.securitytracker.com/id/1036222
http://www.ubuntu.com/usn/USN-2696-1
http://www.ubuntu.com/usn/USN-2706-1
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888
https://kb.juniper.net/JSA10783
https://kc.mcafee.com/corporate/index?page=content&id=SB10163
https://security.gentoo.org/glsa/201512-10
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709
https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf
https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/