CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

CVSS v3.0 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://advisories.mageia.org/MGASA-2014-0165.html	Third Party Advisory
http://advisories.mageia.org/MGASA-2014-0165.html	Third Party Advisory
http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/	Issue Tracking Third Party Advisory
http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/	Issue Tracking Third Party Advisory
http://cogentdatahub.com/ReleaseNotes.html	Release Notes
http://cogentdatahub.com/ReleaseNotes.html	Release Notes
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01	Broken Link
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01	Broken Link
http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3	Broken Link
http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3	Broken Link
http://heartbleed.com/	Third Party Advisory
http://heartbleed.com/	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html	Broken Link Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html	Broken Link Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html	Broken Link Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html	Broken Link Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139722163017074&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139722163017074&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139757726426985&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139757726426985&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139757819327350&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139757819327350&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139757919027752&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139757919027752&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139758572430452&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139758572430452&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139765756720506&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139765756720506&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139774054614965&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139774054614965&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139774703817488&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139774703817488&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139808058921905&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139808058921905&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139817685517037&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139817685517037&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139817727317190&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139817727317190&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139817782017443&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139817782017443&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139824923705461&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139824923705461&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139824993005633&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139824993005633&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139833395230364&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139833395230364&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139835815211508&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139835815211508&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139835844111589&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139835844111589&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139836085512508&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139836085512508&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139842151128341&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139842151128341&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139843768401936&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139843768401936&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139869720529462&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139869720529462&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139869891830365&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139869891830365&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139889113431619&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139889113431619&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139889295732144&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139889295732144&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905202427693&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905202427693&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905243827825&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905243827825&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905295427946&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905295427946&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905351928096&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905351928096&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905405728262&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905405728262&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905458328378&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905458328378&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905653828999&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905653828999&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905868529690&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=139905868529690&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140015787404650&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140015787404650&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140075368411126&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140075368411126&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140724451518351&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140724451518351&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140752315422991&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140752315422991&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141287864628122&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141287864628122&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1	Third Party Advisory
http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1	Third Party Advisory
http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3	Permissions Required Third Party Advisory
http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3	Permissions Required Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0376.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0376.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0377.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0377.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0378.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0378.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0396.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0396.html	Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/109	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/109	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/173	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/173	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/190	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/190	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/90	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/90	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/91	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Apr/91	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List Third Party Advisory
http://secunia.com/advisories/57347	Broken Link Third Party Advisory
http://secunia.com/advisories/57347	Broken Link Third Party Advisory
http://secunia.com/advisories/57483	Broken Link Third Party Advisory
http://secunia.com/advisories/57483	Broken Link Third Party Advisory
http://secunia.com/advisories/57721	Broken Link Third Party Advisory
http://secunia.com/advisories/57721	Broken Link Third Party Advisory
http://secunia.com/advisories/57836	Broken Link Third Party Advisory
http://secunia.com/advisories/57836	Broken Link Third Party Advisory
http://secunia.com/advisories/57966	Broken Link Third Party Advisory
http://secunia.com/advisories/57966	Broken Link Third Party Advisory
http://secunia.com/advisories/57968	Broken Link Third Party Advisory
http://secunia.com/advisories/57968	Broken Link Third Party Advisory
http://secunia.com/advisories/59139	Broken Link Third Party Advisory
http://secunia.com/advisories/59139	Broken Link Third Party Advisory
http://secunia.com/advisories/59243	Broken Link Third Party Advisory
http://secunia.com/advisories/59243	Broken Link Third Party Advisory
http://secunia.com/advisories/59347	Broken Link Third Party Advisory
http://secunia.com/advisories/59347	Broken Link Third Party Advisory
http://support.citrix.com/article/CTX140605	Third Party Advisory
http://support.citrix.com/article/CTX140605	Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed	Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed	Third Party Advisory
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf	Broken Link Third Party Advisory
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf	Broken Link Third Party Advisory
http://www.blackberry.com/btsc/KB35882	Broken Link
http://www.blackberry.com/btsc/KB35882	Broken Link
http://www.debian.org/security/2014/dsa-2896	Mailing List Third Party Advisory
http://www.debian.org/security/2014/dsa-2896	Mailing List Third Party Advisory
http://www.exploit-db.com/exploits/32745	Exploit Third Party Advisory VDB Entry
http://www.exploit-db.com/exploits/32745	Exploit Third Party Advisory VDB Entry
http://www.exploit-db.com/exploits/32764	Exploit Third Party Advisory VDB Entry
http://www.exploit-db.com/exploits/32764	Exploit Third Party Advisory VDB Entry
http://www.f-secure.com/en/web/labs_global/fsc-2014-1	Broken Link Third Party Advisory
http://www.f-secure.com/en/web/labs_global/fsc-2014-1	Broken Link Third Party Advisory
http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/	Release Notes
http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/	Release Notes
http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/	Third Party Advisory
http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/	Third Party Advisory
http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/	Release Notes
http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/	Release Notes
http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/	Release Notes
http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/	Release Notes
http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf	Not Applicable
http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf	Not Applicable
http://www.kb.cert.org/vuls/id/720951	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/720951	Third Party Advisory US Government Resource
http://www.kerio.com/support/kerio-control/release-history	Broken Link Third Party Advisory
http://www.kerio.com/support/kerio-control/release-history	Broken Link Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	Broken Link Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	Broken Link Third Party Advisory
http://www.openssl.org/news/secadv_20140407.txt	Broken Link Vendor Advisory
http://www.openssl.org/news/secadv_20140407.txt	Broken Link Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Patch Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Patch Third Party Advisory
http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html	Patch Third Party Advisory
http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html	Patch Third Party Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded	Broken Link Not Applicable Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/534161/100/0/threaded	Broken Link Not Applicable Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/66690	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/66690	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030026	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030026	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030074	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030074	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030077	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030077	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030078	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030078	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030079	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030079	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030080	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030080	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030081	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030081	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030082	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030082	Broken Link Third Party Advisory VDB Entry
http://www.splunk.com/view/SP-CAAAMB3	Third Party Advisory
http://www.splunk.com/view/SP-CAAAMB3	Third Party Advisory
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00	Third Party Advisory
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00	Third Party Advisory
http://www.ubuntu.com/usn/USN-2165-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2165-1	Third Party Advisory
http://www.us-cert.gov/ncas/alerts/TA14-098A	Third Party Advisory US Government Resource
http://www.us-cert.gov/ncas/alerts/TA14-098A	Third Party Advisory US Government Resource
http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Broken Link
http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Broken Link
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Broken Link
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Broken Link
http://www-01.ibm.com/support/docview.wss?uid=isg400001841	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg400001841	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg400001843	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg400001843	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21670161	Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21670161	Broken Link
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160	Issue Tracking
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160	Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1084875	Issue Tracking Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1084875	Issue Tracking Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf	Third Party Advisory
https://code.google.com/p/mod-spdy/issues/detail?id=85	Issue Tracking
https://code.google.com/p/mod-spdy/issues/detail?id=85	Issue Tracking
https://filezilla-project.org/versions.php?type=server	Release Notes
https://filezilla-project.org/versions.php?type=server	Release Notes
https://gist.github.com/chapmajs/10473815	Exploit
https://gist.github.com/chapmajs/10473815	Exploit
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken	Broken Link
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken	Broken Link
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html	Mailing List Third Party Advisory
https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html	Mailing List Third Party Advisory
https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html	Exploit Permissions Required Third Party Advisory
https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html	Exploit Permissions Required Third Party Advisory
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html	Third Party Advisory
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html	Third Party Advisory
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217	Third Party Advisory
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217	Third Party Advisory
https://www.cert.fi/en/reports/2014/vulnerability788210.html	Not Applicable Third Party Advisory
https://www.cert.fi/en/reports/2014/vulnerability788210.html	Not Applicable Third Party Advisory
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008	Third Party Advisory
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008	Third Party Advisory
https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd	Broken Link Exploit Third Party Advisory
https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd	Broken Link Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:filezilla-project:filezilla_server:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:application_processing_engine_firmware:2.0:*:*:*:*:*:*:*

cpe:2.3:h:siemens:application_processing_engine:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:cp_1543-1_firmware:1.1:*:*:*:*:*:*:*

cpe:2.3:h:siemens:cp_1543-1:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-1500_firmware:1.5:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-1500t_firmware:1.5:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*

Configuration 7 (hide)

OR	cpe:2.3:a:siemens:elan-8.2::::::::
	cpe:2.3:a:siemens:wincc_open_architecture:3.12:::::::*

Configuration 8 (hide)

AND

OR	cpe:2.3:o:intellian:v100_firmware:1.20:::::::*
	cpe:2.3:o:intellian:v100_firmware:1.21:::::::*
	cpe:2.3:o:intellian:v100_firmware:1.24:::::::*

cpe:2.3:h:intellian:v100:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

OR	cpe:2.3:o:intellian:v60_firmware:1.15:::::::*
	cpe:2.3:o:intellian:v60_firmware:1.25:::::::*

cpe:2.3:h:intellian:v60:-:*:*:*:*:*:*:*

Configuration 10 (hide)

OR	cpe:2.3:a:mitel:micollab:6.0:::::::*
	cpe:2.3:a:mitel:micollab:7.0:::::::*
	cpe:2.3:a:mitel:micollab:7.1:::::::*
	cpe:2.3:a:mitel:micollab:7.2:::::::*
	cpe:2.3:a:mitel:micollab:7.3.0.104:::::::*
	cpe:2.3:a:mitel:micollab:7.3:::::::*
	cpe:2.3:a:mitel:mivoice:1.1.3.3:::::skype_for_business::
	cpe:2.3:a:mitel:mivoice:1.2.0.11:::::skype_for_business::
	cpe:2.3:a:mitel:mivoice:1.3.2.2:::::skype_for_business::
	cpe:2.3:a:mitel:mivoice:1.4.0.102:::::skype_for_business::
	cpe:2.3:a:mitel:mivoice:1.1.2.5:::::lync::

Configuration 11 (hide)

OR	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*

Configuration 12 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

Configuration 13 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:20:::::::*
	cpe:2.3:o:fedoraproject:fedora:19:::::::*

Configuration 14 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:::::::*
	cpe:2.3:a:redhat:storage:2.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
	cpe:2.3:a:redhat:gluster_storage:2.1:::::::*
	cpe:2.3:a:redhat:virtualization:6.0:::::::*

Configuration 15 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:6.0:::::::*

Configuration 16 (hide)

AND

cpe:2.3:o:ricon:s9922l_firmware:16.10.3\(3794\):*:*:*:*:*:*:*

cpe:2.3:h:ricon:s9922l:1.0:*:*:*:*:*:*:*

Configuration 17 (hide)

OR	cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.0:::::::*
	cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.1:::::::*

Configuration 18 (hide)

cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*

History

06 Jan 2025, 19:36

02 Jul 2024, 16:52

Type	Values Removed	Values Added
References	~~(SECTRACK) http://www.securitytracker.com/id/1030082 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030082 - Broken Link, Third Party Advisory, VDB Entry
References	~~(CONFIRM) http://www.kerio.com/support/kerio-control/release-history - Third Party Advisory~~	(CONFIRM) http://www.kerio.com/support/kerio-control/release-history - Broken Link, Third Party Advisory
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html - Third Party Advisory~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html - Broken Link, Third Party Advisory
References	~~(CONFIRM) http://www.f-secure.com/en/web/labs_global/fsc-2014-1 - Third Party Advisory~~	(CONFIRM) http://www.f-secure.com/en/web/labs_global/fsc-2014-1 - Broken Link, Third Party Advisory
References	~~(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 - Third Party Advisory~~	(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 - Broken Link, Third Party Advisory
References	~~(MISC) https://www.cert.fi/en/reports/2014/vulnerability788210.html - Third Party Advisory~~	(MISC) https://www.cert.fi/en/reports/2014/vulnerability788210.html - Not Applicable, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139905458328378&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905458328378&w=2 - Mailing List, Third Party Advisory
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html - Third Party Advisory~~	(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html - Broken Link, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=140075368411126&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=140075368411126&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139817685517037&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139817685517037&w=2 - Mailing List, Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1030081 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030081 - Broken Link, Third Party Advisory, VDB Entry
References	~~() http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3 -~~	() http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3 - Broken Link
References	~~(HP) http://marc.info/?l=bugtraq&m=139824923705461&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139824923705461&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139889295732144&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139889295732144&w=2 - Mailing List, Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1030078 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030078 - Broken Link, Third Party Advisory, VDB Entry
References	~~(HP) http://marc.info/?l=bugtraq&m=139835844111589&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139835844111589&w=2 - Mailing List, Third Party Advisory
References	~~(CONFIRM) http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3 - Third Party Advisory~~	(CONFIRM) http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3 - Permissions Required, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139774703817488&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139774703817488&w=2 - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/59243 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/59243 - Broken Link, Third Party Advisory
References	~~() https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E -~~	() https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Third Party Advisory
References	~~(CONFIRM) http://www.openssl.org/news/secadv_20140407.txt - Vendor Advisory~~	(CONFIRM) http://www.openssl.org/news/secadv_20140407.txt - Broken Link, Vendor Advisory
References	~~(DEBIAN) http://www.debian.org/security/2014/dsa-2896 - Third Party Advisory~~	(DEBIAN) http://www.debian.org/security/2014/dsa-2896 - Mailing List, Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1030077 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030077 - Broken Link, Third Party Advisory, VDB Entry
References	~~(SECUNIA) http://secunia.com/advisories/57836 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/57836 - Broken Link, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139757919027752&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139757919027752&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=141287864628122&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=141287864628122&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=140724451518351&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=140724451518351&w=2 - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/57966 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/57966 - Broken Link, Third Party Advisory
References	~~(CONFIRM) https://code.google.com/p/mod-spdy/issues/detail?id=85 - Third Party Advisory~~	(CONFIRM) https://code.google.com/p/mod-spdy/issues/detail?id=85 - Issue Tracking
References	~~(CONFIRM) http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 - Not Applicable~~	(CONFIRM) http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 - Broken Link
References	~~(SECUNIA) http://secunia.com/advisories/59347 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/59347 - Broken Link, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139808058921905&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139808058921905&w=2 - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/57483 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/57483 - Broken Link, Third Party Advisory
References	~~(MISC) https://gist.github.com/chapmajs/10473815 - Third Party Advisory~~	(MISC) https://gist.github.com/chapmajs/10473815 - Exploit
References	~~(HP) http://marc.info/?l=bugtraq&m=139869891830365&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139869891830365&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139835815211508&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139835815211508&w=2 - Mailing List, Third Party Advisory
References	~~(BID) http://www.securityfocus.com/bid/66690 - Third Party Advisory, VDB Entry~~	(BID) http://www.securityfocus.com/bid/66690 - Broken Link, Third Party Advisory, VDB Entry
References	~~(HP) http://marc.info/?l=bugtraq&m=139833395230364&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139833395230364&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139905295427946&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905295427946&w=2 - Mailing List, Third Party Advisory
References	~~(BUGTRAQ) http://www.securityfocus.com/archive/1/534161/100/0/threaded - Not Applicable, Third Party Advisory, VDB Entry~~	(BUGTRAQ) http://www.securityfocus.com/archive/1/534161/100/0/threaded - Broken Link, Not Applicable, Third Party Advisory, VDB Entry
References	~~(HP) http://marc.info/?l=bugtraq&m=139842151128341&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139842151128341&w=2 - Mailing List, Third Party Advisory
References	~~() https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E -~~	() https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139905243827825&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905243827825&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139824993005633&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139824993005633&w=2 - Mailing List, Third Party Advisory
References	~~(MISC) https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd - Exploit, Third Party Advisory~~	(MISC) https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd - Broken Link, Exploit, Third Party Advisory
References	~~(MLIST) https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html - Third Party Advisory~~	(MLIST) https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/57347 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/57347 - Broken Link, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/57968 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/57968 - Broken Link, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=140015787404650&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=140015787404650&w=2 - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/57721 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/57721 - Broken Link, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139905351928096&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905351928096&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=140752315422991&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=140752315422991&w=2 - Mailing List, Third Party Advisory
References	~~(CONFIRM) http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html - Third Party Advisory~~	(CONFIRM) http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html - Patch, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/59139 - Third Party Advisory~~	(SECUNIA) http://secunia.com/advisories/59139 - Broken Link, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139905868529690&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905868529690&w=2 - Mailing List, Third Party Advisory
References	~~(MISC) https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 - Third Party Advisory~~	(MISC) https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 - Issue Tracking
References	~~(SECTRACK) http://www.securitytracker.com/id/1030079 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030079 - Broken Link, Third Party Advisory, VDB Entry
References	~~(CONFIRM) http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/ - Third Party Advisory~~	(CONFIRM) http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/ - Release Notes
References	~~(HP) http://marc.info/?l=bugtraq&m=139765756720506&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139765756720506&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139758572430452&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139758572430452&w=2 - Mailing List, Third Party Advisory
References	~~(MISC) http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ - Third Party Advisory~~	(MISC) http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ - Issue Tracking, Third Party Advisory
References	~~(CONFIRM) http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/ - Third Party Advisory~~	(CONFIRM) http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/ - Release Notes
References	~~(HP) http://marc.info/?l=bugtraq&m=139843768401936&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139843768401936&w=2 - Mailing List, Third Party Advisory
References	~~(CONFIRM) http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/ - Third Party Advisory~~	(CONFIRM) http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/ - Release Notes
References	~~(HP) http://marc.info/?l=bugtraq&m=139757819327350&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139757819327350&w=2 - Mailing List, Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1030074 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030074 - Broken Link, Third Party Advisory, VDB Entry
References	~~(CONFIRM) http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html - Third Party Advisory~~	(CONFIRM) http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html - Patch, Third Party Advisory
References	~~() https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E -~~	() https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139905653828999&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905653828999&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139757726426985&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139757726426985&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139905202427693&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905202427693&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139889113431619&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139889113431619&w=2 - Mailing List, Third Party Advisory
References	~~(MISC) https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html - Exploit, Third Party Advisory~~	(MISC) https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html - Exploit, Permissions Required, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139869720529462&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139869720529462&w=2 - Mailing List, Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1030080 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030080 - Broken Link, Third Party Advisory, VDB Entry
References	~~() https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E -~~	() https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139817727317190&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139817727317190&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139836085512508&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139836085512508&w=2 - Mailing List, Third Party Advisory
References	~~(CONFIRM) http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf - Third Party Advisory~~	(CONFIRM) http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf - Broken Link, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139817782017443&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139817782017443&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139774054614965&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139774054614965&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=142660345230545&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=142660345230545&w=2 - Mailing List, Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1030026 - Third Party Advisory, VDB Entry~~	(SECTRACK) http://www.securitytracker.com/id/1030026 - Broken Link, Third Party Advisory, VDB Entry
References	~~(HP) http://marc.info/?l=bugtraq&m=139905405728262&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139905405728262&w=2 - Mailing List, Third Party Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=139722163017074&w=2 - Third Party Advisory~~	(HP) http://marc.info/?l=bugtraq&m=139722163017074&w=2 - Mailing List, Third Party Advisory
References	~~(CONFIRM) http://www.vmware.com/security/advisories/VMSA-2014-0012.html - Not Applicable~~	(CONFIRM) http://www.vmware.com/security/advisories/VMSA-2014-0012.html - Broken Link
First Time		Broadcom Splunk Broadcom symantec Messaging Gateway Splunk splunk
CPE		cpe:2.3:a:splunk:splunk:::::enterprise:::* cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.0:::::::* cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.1:::::::*

07 Nov 2023, 02:18

Type	Values Removed	Values Added
References	{'url': 'https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3', 'name': 'http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3', 'tags': ['Patch', 'Vendor Advisory'], 'refsource': 'CONFIRM'} {'url': 'https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MLIST'}	() https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E - () http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3 - () https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E -

Information

Published : 2014-04-07 22:55

Updated : 2025-04-03 18:02

NVD link : CVE-2014-0160

Mitre link : CVE-2014-0160

JSON object : View

Products Affected

siemens

simatic_s7-1500
application_processing_engine_firmware
simatic_s7-1500t_firmware
simatic_s7-1500_firmware
cp_1543-1
wincc_open_architecture
cp_1543-1_firmware
application_processing_engine
elan-8.2
simatic_s7-1500t

canonical

ubuntu_linux

redhat

storage
enterprise_linux_desktop
enterprise_linux_server_eus
enterprise_linux_server_aus
enterprise_linux_server_tus
gluster_storage
enterprise_linux_server
virtualization
enterprise_linux_workstation

broadcom

symantec_messaging_gateway

intellian

v60_firmware
v60
v100_firmware
v100

debian

debian_linux

fedoraproject

fedora

splunk

splunk

mitel

micollab
mivoice

filezilla-project

filezilla_server

ricon

s9922l
s9922l_firmware

openssl

openssl

opensuse

opensuse

CWE

CWE-125

Out-of-bounds Read

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2014-0160

7.5^/10

5.0^/10

Attach tags to `CVE-2014-0160`