ID CVE-2014-3566
Summary The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux 5
    cpe:2.3:o:redhat:enterprise_linux:5
  • Red Hat Enterprise Linux Desktop Supplementary 6.0 (v. 6)
    cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0
  • Red Hat Enterprise Linux Workstation Supplementary 6.0 (v. 6)
    cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0
  • Red Hat Enterprise Linux Server Supplementary 6.0 (v. 6)
    cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0
  • cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0
  • cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0
    cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0
  • cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:76.0
    cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:76.0
  • Red Hat Enterprise Linux Server Supplementary 5.0
    cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0
  • Red Hat Enterprise Linux Desktop Supplementary 5.0
    cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • Red Hat Enterprise Linux Workstation 6.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Server 6.0
    cpe:2.3:o:redhat:enterprise_linux_server:6.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • Red Hat Enterprise Linux Desktop 6.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  • IBM AIX 7.1
    cpe:2.3:o:ibm:aix:7.1
  • IBM AIX 6.1
    cpe:2.3:o:ibm:aix:6.1
  • IBM AIX 5.3
    cpe:2.3:o:ibm:aix:5.3
  • Apple Mac OS X 10.10.1
    cpe:2.3:o:apple:mac_os_x:10.10.1
  • cpe:2.3:o:mageia:mageia:4.0
    cpe:2.3:o:mageia:mageia:4.0
  • cpe:2.3:o:mageia:mageia:3.0
    cpe:2.3:o:mageia:mageia:3.0
  • Novell SUSE Linux Enterprise Desktop 12.0
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0
  • cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0
  • cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0
  • cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0
  • cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0
    cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0
  • Novell SUSE Linux Enterprise Server 12.0
    cpe:2.3:o:novell:suse_linux_enterprise_server:12.0
  • cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:11.0:sp3
    cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:11.0:sp3
  • cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:-:-:-:vmware
    cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:-:-:-:vmware
  • Novell SUSE Linux Enterprise Server 11.0 Service Pack 3
    cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3
  • Novell openSUSE 13.1
    cpe:2.3:o:novell:opensuse:13.1
  • Novell openSUSE 12.3
    cpe:2.3:o:novell:opensuse:12.3
  • Fedora 21
    cpe:2.3:o:fedoraproject:fedora:21
  • Fedora 20
    cpe:2.3:o:fedoraproject:fedora:20
  • Fedora 19
    cpe:2.3:o:fedoraproject:fedora:19
  • OpenSSL Project OpenSSL 0.9.8zb
    cpe:2.3:a:openssl:openssl:0.9.8zb
  • OpenSSL Project OpenSSL 0.9.8za
    cpe:2.3:a:openssl:openssl:0.9.8za
  • OpenSSL Project OpenSSL 0.9.8z
    cpe:2.3:a:openssl:openssl:0.9.8z
  • OpenSSL Project OpenSSL 0.9.8y
    cpe:2.3:a:openssl:openssl:0.9.8y
  • OpenSSL Project OpenSSL 0.9.8x
    cpe:2.3:a:openssl:openssl:0.9.8x
  • OpenSSL Project OpenSSL 0.9.8w
    cpe:2.3:a:openssl:openssl:0.9.8w
  • OpenSSL Project OpenSSL 0.9.8v
    cpe:2.3:a:openssl:openssl:0.9.8v
  • OpenSSL Project OpenSSL 0.9.8u
    cpe:2.3:a:openssl:openssl:0.9.8u
  • OpenSSL Project OpenSSL 0.9.8t
    cpe:2.3:a:openssl:openssl:0.9.8t
  • OpenSSL Project OpenSSL 0.9.8s
    cpe:2.3:a:openssl:openssl:0.9.8s
  • OpenSSL Project OpenSSL 0.9.8r
    cpe:2.3:a:openssl:openssl:0.9.8r
  • OpenSSL Project OpenSSL 0.9.8q
    cpe:2.3:a:openssl:openssl:0.9.8q
  • OpenSSL Project OpenSSL 0.9.8p
    cpe:2.3:a:openssl:openssl:0.9.8p
  • OpenSSL Project OpenSSL 0.9.8o
    cpe:2.3:a:openssl:openssl:0.9.8o
  • OpenSSL Project OpenSSL 0.9.8n
    cpe:2.3:a:openssl:openssl:0.9.8n
  • OpenSSL Project OpenSSL 0.9.8m Beta1
    cpe:2.3:a:openssl:openssl:0.9.8m:beta1
  • OpenSSL Project OpenSSL 0.9.8m
    cpe:2.3:a:openssl:openssl:0.9.8m
  • OpenSSL Project OpenSSL 0.9.8l
    cpe:2.3:a:openssl:openssl:0.9.8l
  • OpenSSL Project OpenSSL 0.9.8k
    cpe:2.3:a:openssl:openssl:0.9.8k
  • OpenSSL Project OpenSSL 0.9.8j
    cpe:2.3:a:openssl:openssl:0.9.8j
  • OpenSSL Project OpenSSL 0.9.8i
    cpe:2.3:a:openssl:openssl:0.9.8i
  • OpenSSL Project OpenSSL 0.9.8h
    cpe:2.3:a:openssl:openssl:0.9.8h
  • OpenSSL Project OpenSSL 0.9.8g
    cpe:2.3:a:openssl:openssl:0.9.8g
  • OpenSSL Project OpenSSL 0.9.8f
    cpe:2.3:a:openssl:openssl:0.9.8f
  • OpenSSL Project OpenSSL 0.9.8e
    cpe:2.3:a:openssl:openssl:0.9.8e
  • OpenSSL Project OpenSSL 0.9.8d
    cpe:2.3:a:openssl:openssl:0.9.8d
  • OpenSSL Project OpenSSL 0.9.8c
    cpe:2.3:a:openssl:openssl:0.9.8c
  • OpenSSL Project OpenSSL 0.9.8b
    cpe:2.3:a:openssl:openssl:0.9.8b
  • OpenSSL Project OpenSSL 0.9.8a
    cpe:2.3:a:openssl:openssl:0.9.8a
  • OpenSSL Project OpenSSL 0.9.8
    cpe:2.3:a:openssl:openssl:0.9.8
  • OpenSSL Project OpenSSL 1.0.0n
    cpe:2.3:a:openssl:openssl:1.0.0n
  • OpenSSL Project OpenSSL 1.0.0m
    cpe:2.3:a:openssl:openssl:1.0.0m
  • OpenSSL Project OpenSSL 1.0.0l
    cpe:2.3:a:openssl:openssl:1.0.0l
  • OpenSSL Project OpenSSL 1.0.0k
    cpe:2.3:a:openssl:openssl:1.0.0k
  • OpenSSL Project OpenSSL 1.0.0j
    cpe:2.3:a:openssl:openssl:1.0.0j
  • OpenSSL Project OpenSSL 1.0.0i
    cpe:2.3:a:openssl:openssl:1.0.0i
  • OpenSSL Project OpenSSL 1.0.0h
    cpe:2.3:a:openssl:openssl:1.0.0h
  • OpenSSL Project OpenSSL 1.0.0g
    cpe:2.3:a:openssl:openssl:1.0.0g
  • OpenSSL Project OpenSSL 1.0.0f
    cpe:2.3:a:openssl:openssl:1.0.0f
  • OpenSSL Project OpenSSL 1.0.0e
    cpe:2.3:a:openssl:openssl:1.0.0e
  • OpenSSL Project OpenSSL 1.0.0d
    cpe:2.3:a:openssl:openssl:1.0.0d
  • OpenSSL Project OpenSSL 1.0.0c
    cpe:2.3:a:openssl:openssl:1.0.0c
  • OpenSSL Project OpenSSL 1.0.0b
    cpe:2.3:a:openssl:openssl:1.0.0b
  • OpenSSL Project OpenSSL 1.0.0a
    cpe:2.3:a:openssl:openssl:1.0.0a
  • OpenSSL Project OpenSSL 1.0.0 Beta5
    cpe:2.3:a:openssl:openssl:1.0.0:beta5
  • OpenSSL Project OpenSSL 1.0.0 Beta4
    cpe:2.3:a:openssl:openssl:1.0.0:beta4
  • OpenSSL Project OpenSSL 1.0.0 Beta3
    cpe:2.3:a:openssl:openssl:1.0.0:beta3
  • OpenSSL Project OpenSSL 1.0.0 Beta2
    cpe:2.3:a:openssl:openssl:1.0.0:beta2
  • OpenSSL Project OpenSSL 1.0.0 Beta1
    cpe:2.3:a:openssl:openssl:1.0.0:beta1
  • OpenSSL Project OpenSSL 1.0.0
    cpe:2.3:a:openssl:openssl:1.0.0
  • OpenSSL Project OpenSSL 1.0.1h
    cpe:2.3:a:openssl:openssl:1.0.1h
  • OpenSSL Project OpenSSL 1.0.1g
    cpe:2.3:a:openssl:openssl:1.0.1g
  • OpenSSL Project OpenSSL 1.0.1f
    cpe:2.3:a:openssl:openssl:1.0.1f
  • OpenSSL Project OpenSSL 1.0.1e
    cpe:2.3:a:openssl:openssl:1.0.1e
  • OpenSSL Project OpenSSL 1.0.1d
    cpe:2.3:a:openssl:openssl:1.0.1d
  • OpenSSL Project OpenSSL 1.0.1c
    cpe:2.3:a:openssl:openssl:1.0.1c
  • OpenSSL Project OpenSSL 1.0.1b
    cpe:2.3:a:openssl:openssl:1.0.1b
  • OpenSSL Project OpenSSL 1.0.1a
    cpe:2.3:a:openssl:openssl:1.0.1a
  • OpenSSL Project OpenSSL 1.0.1 Beta3
    cpe:2.3:a:openssl:openssl:1.0.1:beta3
  • OpenSSL Project OpenSSL 1.0.1 Beta2
    cpe:2.3:a:openssl:openssl:1.0.1:beta2
  • OpenSSL Project OpenSSL 1.0.1 Beta1
    cpe:2.3:a:openssl:openssl:1.0.1:beta1
  • OpenSSL Project OpenSSL 1.0.1
    cpe:2.3:a:openssl:openssl:1.0.1
  • OpenSSL Project OpenSSL 1.0.1i
    cpe:2.3:a:openssl:openssl:1.0.1i
  • IBM Virtual I/O Server (VIOS) 2.2.3.4
    cpe:2.3:o:ibm:vios:2.2.3.4
  • IBM VIOS 2.2.3.3
    cpe:2.3:o:ibm:vios:2.2.3.3
  • IBM VIOS 2.2.3.2
    cpe:2.3:o:ibm:vios:2.2.3.2
  • IBM Virtual I/O Server (VIOS) 2.2.3.1
    cpe:2.3:o:ibm:vios:2.2.3.1
  • IBM VIOS 2.2.3.0
    cpe:2.3:o:ibm:vios:2.2.3.0
  • IBM VIOS 2.2.2.5
    cpe:2.3:o:ibm:vios:2.2.2.5
  • IBM VIOS 2.2.2.4
    cpe:2.3:o:ibm:vios:2.2.2.4
  • IBM Virtual I/O Server (VIOS) 2.2.2.3
    cpe:2.3:o:ibm:vios:2.2.2.3
  • IBM Virtual I/O Server (VIOS) 2.2.2.2
    cpe:2.3:o:ibm:vios:2.2.2.2
  • IBM Virtual I/O Server (VIOS) 2.2.2.1
    cpe:2.3:o:ibm:vios:2.2.2.1
  • IBM VIOS 2.2.2.0
    cpe:2.3:o:ibm:vios:2.2.2.0
  • IBM VIOS 2.2.1.9
    cpe:2.3:o:ibm:vios:2.2.1.9
  • IBM VIOS 2.2.1.8
    cpe:2.3:o:ibm:vios:2.2.1.8
  • IBM Virtual I/O Server (VIOS) 2.2.1.7
    cpe:2.3:o:ibm:vios:2.2.1.7
  • IBM Virtual I/O Server (VIOS) 2.2.1.6
    cpe:2.3:o:ibm:vios:2.2.1.6
  • IBM Virtual I/O Server (VIOS) 2.2.1.5
    cpe:2.3:o:ibm:vios:2.2.1.5
  • IBM VIOS 2.2.1.4
    cpe:2.3:o:ibm:vios:2.2.1.4
  • IBM VIOS 2.2.1.3
    cpe:2.3:o:ibm:vios:2.2.1.3
  • IBM VIOS 2.2.1.1
    cpe:2.3:o:ibm:vios:2.2.1.1
  • IBM VIOS 2.2.1.0
    cpe:2.3:o:ibm:vios:2.2.1.0
  • IBM VIOS 2.2.0.13
    cpe:2.3:o:ibm:vios:2.2.0.13
  • IBM VIOS 2.2.0.12
    cpe:2.3:o:ibm:vios:2.2.0.12
  • IBM VIOS 2.2.0.11
    cpe:2.3:o:ibm:vios:2.2.0.11
  • IBM VIOS 2.2.0.10
    cpe:2.3:o:ibm:vios:2.2.0.10
  • NetBSD 6.1.5
    cpe:2.3:o:netbsd:netbsd:6.1.5
  • NetBSD 6.1.4
    cpe:2.3:o:netbsd:netbsd:6.1.4
  • NetBSD 6.1.3
    cpe:2.3:o:netbsd:netbsd:6.1.3
  • NetBSD 6.1.2
    cpe:2.3:o:netbsd:netbsd:6.1.2
  • NetBSD 6.1.1
    cpe:2.3:o:netbsd:netbsd:6.1.1
  • NetBSD 6.1
    cpe:2.3:o:netbsd:netbsd:6.1
  • NetBSD 6.0.6
    cpe:2.3:o:netbsd:netbsd:6.0.6
  • NetBSD 6.0.5
    cpe:2.3:o:netbsd:netbsd:6.0.5
  • NetBSD 6.0.4
    cpe:2.3:o:netbsd:netbsd:6.0.4
  • NetBSD 6.0.3
    cpe:2.3:o:netbsd:netbsd:6.0.3
  • NetBSD 6.0.2
    cpe:2.3:o:netbsd:netbsd:6.0.2
  • NetBSD 6.0.1
    cpe:2.3:o:netbsd:netbsd:6.0.1
  • NetBSD 6.0 Beta
    cpe:2.3:o:netbsd:netbsd:6.0:beta
  • NetBSD 6.0
    cpe:2.3:o:netbsd:netbsd:6.0
  • NetBSD 5.1.4
    cpe:2.3:o:netbsd:netbsd:5.1.4
  • NetBSD 5.1.3
    cpe:2.3:o:netbsd:netbsd:5.1.3
  • NetBSD 5.1.2
    cpe:2.3:o:netbsd:netbsd:5.1.2
  • NetBSD 5.1.1
    cpe:2.3:o:netbsd:netbsd:5.1.1
  • NetBSD 5.1
    cpe:2.3:o:netbsd:netbsd:5.1
  • NetBSD 5.2.2
    cpe:2.3:o:netbsd:netbsd:5.2.2
  • NetBSD 5.2.1
    cpe:2.3:o:netbsd:netbsd:5.2.1
  • NetBSD 5.2
    cpe:2.3:o:netbsd:netbsd:5.2
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
CVSS
Base: 4.3 (as of 01-11-2016 - 14:44)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
redhat via4
advisories
  • rhsa
    id RHSA-2014:1652
  • rhsa
    id RHSA-2014:1653
  • rhsa
    id RHSA-2014:1692
  • rhsa
    id RHSA-2014:1876
  • rhsa
    id RHSA-2014:1877
  • rhsa
    id RHSA-2014:1880
  • rhsa
    id RHSA-2014:1881
  • rhsa
    id RHSA-2014:1882
  • rhsa
    id RHSA-2014:1920
  • rhsa
    id RHSA-2014:1948
  • rhsa
    id RHSA-2015:0068
  • rhsa
    id RHSA-2015:0079
  • rhsa
    id RHSA-2015:0080
  • rhsa
    id RHSA-2015:0085
  • rhsa
    id RHSA-2015:0086
  • rhsa
    id RHSA-2015:0264
  • rhsa
    id RHSA-2015:0698
  • rhsa
    id RHSA-2015:1545
  • rhsa
    id RHSA-2015:1546
rpms
  • java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-demo-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-devel-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-jdbc-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-plugin-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-src-1:1.7.0.8.0-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-accessibility-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-demo-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-devel-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-javacomm-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-jdbc-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-plugin-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-src-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-demo-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-devel-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-javacomm-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-jdbc-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-plugin-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-src-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-demo-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-devel-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-jdbc-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-plugin-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-src-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-accessibility-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-demo-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-devel-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-plugin-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-src-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-demo-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-devel-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-plugin-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-src-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-demo-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-devel-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-jdbc-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-plugin-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-src-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-accessibility-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-demo-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-devel-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-headless-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-javadoc-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-src-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-demo-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-devel-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-javadoc-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-src-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-demo-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-devel-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-javadoc-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-src-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-demo-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-devel-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-headless-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-javadoc-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-src-1:1.8.0.31-1.b13.el6_6
  • java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-devel-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-javafx-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-jdbc-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-plugin-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-src-1:1.7.0.75-1jpp.1.el6
  • java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-devel-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-javafx-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-jdbc-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-plugin-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-src-1:1.8.0.31-1jpp.1.el6
  • java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-demo-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-devel-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-javadoc-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-src-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-demo-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-devel-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-javadoc-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-src-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-demo-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-devel-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-javadoc-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-src-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-demo-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-devel-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-jdbc-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-plugin-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-src-1:1.6.0.91-1jpp.1.el6
refmap via4
apple
  • APPLE-SA-2014-10-16-1
  • APPLE-SA-2014-10-16-3
  • APPLE-SA-2014-10-16-4
  • APPLE-SA-2014-10-20-1
  • APPLE-SA-2014-10-20-2
  • APPLE-SA-2015-01-27-4
  • APPLE-SA-2015-09-16-2
bid 70574
cert TA14-290A
cert-vn VU#577193
cisco 20141014 SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
confirm
debian
  • DSA-3053
  • DSA-3144
  • DSA-3147
  • DSA-3253
  • DSA-3489
fedora
  • FEDORA-2014-12951
  • FEDORA-2014-13012
  • FEDORA-2014-13069
  • FEDORA-2015-9090
  • FEDORA-2015-9110
gentoo
  • GLSA-201507-14
  • GLSA-201606-11
hp
  • HPSBGN03164
  • HPSBGN03191
  • HPSBGN03192
  • HPSBGN03201
  • HPSBGN03202
  • HPSBGN03203
  • HPSBGN03205
  • HPSBGN03208
  • HPSBGN03209
  • HPSBGN03222
  • HPSBGN03233
  • HPSBGN03237
  • HPSBGN03251
  • HPSBGN03252
  • HPSBGN03253
  • HPSBGN03254
  • HPSBGN03255
  • HPSBGN03305
  • HPSBGN03332
  • HPSBGN03391
  • HPSBGN03569
  • HPSBHF03156
  • HPSBHF03275
  • HPSBHF03293
  • HPSBHF03300
  • HPSBMU03152
  • HPSBMU03183
  • HPSBMU03184
  • HPSBMU03214
  • HPSBMU03221
  • HPSBMU03223
  • HPSBMU03234
  • HPSBMU03241
  • HPSBMU03259
  • HPSBMU03260
  • HPSBMU03261
  • HPSBMU03262
  • HPSBMU03263
  • HPSBMU03267
  • HPSBMU03283
  • HPSBMU03294
  • HPSBMU03301
  • HPSBMU03304
  • HPSBMU03416
  • HPSBOV03227
  • HPSBPI03107
  • HPSBPI03360
  • HPSBST03195
  • HPSBST03265
  • HPSBST03418
  • HPSBUX03162
  • HPSBUX03194
  • HPSBUX03273
  • HPSBUX03281
  • SSRT101739
  • SSRT101767
  • SSRT101779
  • SSRT101790
  • SSRT101795
  • SSRT101834
  • SSRT101838
  • SSRT101846
  • SSRT101849
  • SSRT101854
  • SSRT101868
  • SSRT101892
  • SSRT101894
  • SSRT101896
  • SSRT101897
  • SSRT101898
  • SSRT101899
  • SSRT101916
  • SSRT101921
  • SSRT101922
  • SSRT101928
  • SSRT101951
  • SSRT101968
  • SSRT101998
mandriva
  • MDVSA-2014:203
  • MDVSA-2015:062
misc
mlist [openssl-dev] 20141014 Patch to mitigate CVE-2014-3566 ("POODLE")
netbsd NetBSD-SA2014-015
sectrack
  • 1031029
  • 1031039
  • 1031085
  • 1031086
  • 1031087
  • 1031088
  • 1031089
  • 1031090
  • 1031091
  • 1031092
  • 1031093
  • 1031094
  • 1031095
  • 1031096
  • 1031105
  • 1031106
  • 1031107
  • 1031120
  • 1031123
  • 1031124
  • 1031130
  • 1031131
  • 1031132
secunia
  • 59627
  • 60056
  • 60206
  • 60792
  • 60859
  • 61019
  • 61130
  • 61303
  • 61316
  • 61345
  • 61359
  • 61782
  • 61810
  • 61819
  • 61825
  • 61827
  • 61926
  • 61995
suse
  • SUSE-SU-2014:1357
  • SUSE-SU-2014:1361
  • SUSE-SU-2014:1526
  • SUSE-SU-2014:1549
  • SUSE-SU-2015:0336
  • SUSE-SU-2015:0344
  • SUSE-SU-2015:0345
  • SUSE-SU-2015:0376
  • SUSE-SU-2015:0392
  • SUSE-SU-2015:0503
  • SUSE-SU-2015:0578
  • SUSE-SU-2016:1457
  • SUSE-SU-2016:1459
  • openSUSE-SU-2014:1331
  • openSUSE-SU-2015:0190
  • openSUSE-SU-2016:0640
ubuntu
  • USN-2486-1
  • USN-2487-1
vmware via4
description The OpenSSL library is updated to version 1.0.1j or 0.9.8zc to resolve multiple security issues.
id VMSA-2015-0001
last_updated 2015-01-27T00:00:00
published 2015-01-27T00:00:00
title Update to VMware vCenter Server and ESXi for OpenSSL 1.0.1 and 0.9.8 package
workaround None
Last major update 23-03-2017 - 21:59
Published 14-10-2014 - 20:55
Back to Top