ID CVE-2014-0160
Summary The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
References
Vulnerable Configurations
  • OpenSSL Project OpenSSL 1.0.1
    cpe:2.3:a:openssl:openssl:1.0.1
  • OpenSSL Project OpenSSL 1.0.1 Beta1
    cpe:2.3:a:openssl:openssl:1.0.1:beta1
  • OpenSSL Project OpenSSL 1.0.1 Beta2
    cpe:2.3:a:openssl:openssl:1.0.1:beta2
  • OpenSSL Project OpenSSL 1.0.1 Beta3
    cpe:2.3:a:openssl:openssl:1.0.1:beta3
  • OpenSSL Project OpenSSL 1.0.1a
    cpe:2.3:a:openssl:openssl:1.0.1a
  • OpenSSL Project OpenSSL 1.0.1b
    cpe:2.3:a:openssl:openssl:1.0.1b
  • OpenSSL Project OpenSSL 1.0.1c
    cpe:2.3:a:openssl:openssl:1.0.1c
  • OpenSSL Project OpenSSL 1.0.1d
    cpe:2.3:a:openssl:openssl:1.0.1d
  • OpenSSL Project OpenSSL 1.0.1e
    cpe:2.3:a:openssl:openssl:1.0.1e
  • OpenSSL Project OpenSSL 1.0.1f
    cpe:2.3:a:openssl:openssl:1.0.1f
  • OpenSSL Project OpenSSL 1.0.2-beta1
    cpe:2.3:a:openssl:openssl:1.0.2:beta1
CVSS
Base: 5.0 (as of 21-10-2015 - 10:03)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
exploit-db via4
  • description Heartbleed OpenSSL - Information Leak Exploit (1). CVE-2014-0160,CVE-2014-0346. Remote exploits for multiple platform
    id EDB-ID:32791
    last seen 2016-02-03
    modified 2014-04-10
    published 2014-04-10
    reporter prdelka
    source https://www.exploit-db.com/download/32791/
    title Heartbleed OpenSSL - Information Leak Exploit 1
  • description OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions). CVE-2014-0160,CVE-2014-0346. Remote exploits for multiple platform
    file exploits/multiple/remote/32764.py
    id EDB-ID:32764
    last seen 2016-02-03
    modified 2014-04-09
    platform multiple
    port 443
    published 2014-04-09
    reporter Fitzl Csaba
    source https://www.exploit-db.com/download/32764/
    title OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure Multiple SSL/TLS versions
    type remote
  • description OpenSSL TLS Heartbeat Extension - Memory Disclosure. CVE-2014-0160,CVE-2014-0346. Remote exploits for multiple platform
    file exploits/multiple/remote/32745.py
    id EDB-ID:32745
    last seen 2016-02-03
    modified 2014-04-08
    platform multiple
    port 443
    published 2014-04-08
    reporter Jared Stafford
    source https://www.exploit-db.com/download/32745/
    title OpenSSL TLS Heartbeat Extension - Memory Disclosure
    type remote
  • description Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support. CVE-2014-0160,CVE-2014-0346. Remote exploits for multiple platform
    id EDB-ID:32998
    last seen 2016-02-03
    modified 2014-04-24
    published 2014-04-24
    reporter Ayman Sagy
    source https://www.exploit-db.com/download/32998/
    title Heartbleed OpenSSL - Information Leak Exploit 2 - DTLS Support
metasploit via4
  • description This module provides a fake SSL service that is intended to leak memory from client systems as they connect. This module is hardcoded for using the AES-128-CBC-SHA1 cipher.
    id MSF:AUXILIARY/SERVER/OPENSSL_HEARTBEAT_CLIENT_MEMORY
    last seen 2018-09-18
    modified 2018-08-27
    published 2014-04-09
    reliability Normal
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/server/openssl_heartbeat_client_memory.rb
    title OpenSSL Heartbeat (Heartbleed) Client Memory Exposure
  • description This module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable. The module supports several actions, allowing for scanning, dumping of memory contents to loot, and private key recovery. The LEAK_COUNT option can be used to specify leaks per SCAN or DUMP. The repeat command can be used to make running the SCAN or DUMP many times more powerful. As in: repeat -t 60 run; sleep 2 To run every two seconds for one minute.
    id MSF:AUXILIARY/SCANNER/SSL/OPENSSL_HEARTBLEED
    last seen 2018-09-25
    modified 2018-09-21
    published 2014-04-18
    reliability Normal
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
    title OpenSSL Heartbeat (Heartbleed) Information Leak
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-398.NASL
    description - tor 0.2.4.22 [bnc#878486] Tor was updated to the recommended version of the 0.2.4.x series. - major features in 0.2.4.x : - improved client resilience - support better link encryption with forward secrecy - new NTor circuit handshake - change relay queue for circuit create requests from size-based limit to time-based limit - many bug fixes and minor features - changes contained in 0.2.4.22: Backports numerous high-priority fixes. These include blocking all authority signing keys that may have been affected by the OpenSSL 'heartbleed' bug, choosing a far more secure set of TLS ciphersuites by default, closing a couple of memory leaks that could be used to run a target relay out of RAM. - Major features (security) - Block authority signing keys that were used on authorities vulnerable to the 'heartbleed' bug in OpenSSL (CVE-2014-0160). - Major bugfixes (security, OOM) : - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. - Major bugfixes (TLS cipher selection) : - The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with acceptable strength and forward secrecy. - Relays now trust themselves to have a better view than clients of which TLS ciphersuites are better than others. - Clients now try to advertise the same list of ciphersuites as Firefox 28. - includes changes from 0.2.4.21: Further improves security against potential adversaries who find breaking 1024-bit crypto doable, and backports several stability and robustness patches from the 0.2.5 branch. - Major features (client security) : - When we choose a path for a 3-hop circuit, make sure it contains at least one relay that supports the NTor circuit extension handshake. Otherwise, there is a chance that we're building a circuit that's worth attacking by an adversary who finds breaking 1024-bit crypto doable, and that chance changes the game theory. - Major bugfixes : - Do not treat streams that fail with reason END_STREAM_REASON_INTERNAL as indicating a definite circuit failure, since it could also indicate an ENETUNREACH connection error - includes changes from 0.2.4.20 : - Do not allow OpenSSL engines to replace the PRNG, even when HardwareAccel is set. - Fix assertion failure when AutomapHostsOnResolve yields an IPv6 address. - Avoid launching spurious extra circuits when a stream is pending. - packaging changes : - remove init script shadowing systemd unit - general cleanup - Add tor-fw-helper for UPnP port forwarding; not used by default - fix logrotate on systemd-only setups without init scripts, work tor-0.2.2.37-logrotate.patch to tor-0.2.4.x-logrotate.patch - verify source tarball signature
    last seen 2018-09-01
    modified 2015-10-22
    plugin id 75376
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75376
    title openSUSE Security Update : tor (openSUSE-SU-2014:0719-1) (Heartbleed)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0376.NASL
    description Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73396
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73396
    title RHEL 6 : openssl (RHSA-2014:0376)
  • NASL family Windows
    NASL id STUNNEL_5_01.NASL
    description The version of stunnel installed on the remote host is prior to version 5.01. It is, therefore, affected by an information disclosure vulnerability in the bundled OpenSSL DLLs. A remote attacker can read the contents of up to 64KB of server memory, potentially exposing passwords, private keys, and other sensitive data. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2018-09-01
    modified 2018-07-30
    plugin id 73500
    published 2014-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73500
    title stunnel < 5.01 OpenSSL Heartbeat Information Disclosure (Heartbleed)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201404-07.NASL
    description The remote host is affected by the vulnerability described in GLSA-201404-07 (OpenSSL: Information Disclosure) Multiple vulnerabilities have been found in OpenSSL: OpenSSL incorrectly handles memory in the TLS heartbeat extension, leading to information disclosure of 64kb per request, possibly including private keys (“Heartbleed bug”, OpenSSL 1.0.1 only, CVE-2014-0160). The Montgomery ladder implementation of OpenSSL improperly handles swap operations (CVE-2014-0076). Impact : A remote attacker could exploit these issues to disclose information, including private keys or other sensitive information, or perform side-channel attacks to obtain ECDSA nonces. Workaround : Disabling the tls-heartbeat USE flag (enabled by default) provides a workaround for the CVE-2014-0160 issue.
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 73407
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73407
    title GLSA-201404-07 : OpenSSL: Information Disclosure
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_LIBREOFFICE_423.NASL
    description A version of LibreOffice 4.2.x prior to 4.2.3 is installed on the remote Mac OS X host. This version of LibreOffice is bundled with a version of OpenSSL affected by multiple vulnerabilities : - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298) - An error exists in the 'ssl3_take_mac' function in the file 'ssl/s3_both.c' related to handling TLS handshake traffic that could lead to denial of service attacks. (CVE-2013-4353) - An error exists in the 'ssl_get_algorithm2' function in the file 'ssl/s3_lib.c' related to handling TLS 1.2 traffic that could lead to denial of service attacks. (CVE-2013-6449) - An error exists related to the handling of DTLS retransmission processes that could lead to denial of service attacks. (CVE-2013-6450) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160) - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195) - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198) - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client. (CVE-2014-0221) - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224) - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470) Note that Nessus has not attempted to exploit these issues, but has instead relied only on the application's self-reported version number.
    last seen 2018-09-02
    modified 2018-07-14
    plugin id 76511
    published 2014-07-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76511
    title LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Mac OS X) (Heartbleed)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2165-1.NASL
    description Neel Mehta discovered that OpenSSL incorrectly handled memory in the TLS heartbeat extension. An attacker could use this issue to obtain up to 64k of memory contents from the client or server, possibly leading to the disclosure of private keys and other sensitive information. (CVE-2014-0160) Yuval Yarom and Naomi Benger discovered that OpenSSL incorrectly handled timing during swap operations in the Montgomery ladder implementation. An attacker could use this issue to perform side-channel attacks and possibly recover ECDSA nonces. (CVE-2014-0076).
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73402
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73402
    title Ubuntu 12.04 LTS / 12.10 / 13.10 : openssl vulnerabilities (USN-2165-1)
  • NASL family Misc.
    NASL id VMWARE_HORIZON_WORKSPACE_VMSA2014-0004.NASL
    description The version of VMware Horizon Workspace installed on the remote host is version 1.8.x prior to 1.8.1. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS hearbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 73896
    published 2014-05-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73896
    title VMware Horizon Workspace 1.8 < 1.8.1 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_5631AE98BE9E11E3B5E3C80AA9043978.NASL
    description OpenSSL Reports : A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS. The bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users. The code used to handle the Heartbeat Extension does not do sufficient boundary checks on record length, which allows reading beyond the actual payload.
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73389
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73389
    title FreeBSD : OpenSSL -- Remote Information Disclosure (5631ae98-be9e-11e3-b5e3-c80aa9043978)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-277.NASL
    description This openssl update fixes one security issue : - bnc#872299: Fixed missing bounds checks for heartbeat messages (CVE-2014-0160).
    last seen 2018-09-01
    modified 2016-07-08
    plugin id 75314
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75314
    title openSUSE Security Update : openssl (openSUSE-SU-2014:0492-1) (Heartbleed)
  • NASL family Windows
    NASL id IBM_GPFS_ISG3T1020683.NASL
    description A version of IBM General Parallel File System (GPFS) prior to 3.5.0.17 is installed on the remote host. It is, therefore, affected by multiple vulnerabilities related to OpenSSL: - An information disclosure vulnerability exists due to a flaw in the OpenSSL library, due to an implementation error in ECDSA (Elliptic Curve Digital Signature Algorithm). An attacker could potentially exploit this vulnerability to recover ECDSA nonces. (CVE-2014-0076) - An information disclosure vulnerability exists due to a flaw in the OpenSSL library, commonly known as the Heartbleed bug. An attacker could potentially exploit this vulnerability repeatedly to read up to 64KB of memory from the device. (CVE-2014-0160)
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 74104
    published 2014-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74104
    title IBM General Parallel File System 3.5 < 3.5.0.17 Multiple OpenSSL Vulnerabilities (Heartbleed)
  • NASL family General
    NASL id VMWARE_PLAYER_LINUX_6_0_2.NASL
    description The installed version of VMware Player 6.x running on Linux is prior to 6.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160)
    last seen 2018-09-02
    modified 2018-08-06
    plugin id 73671
    published 2014-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73671
    title VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-320.NASL
    description A missing bounds check was found in the way OpenSSL handled TLS heartbeat extension packets. This flaw could be used to reveal up to 64k of memory from a connected client or server.
    last seen 2018-09-01
    modified 2015-09-01
    plugin id 73438
    published 2014-04-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73438
    title Amazon Linux AMI : openssl Information Disclosure Vulnerability (ALAS-2014-320)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-4982.NASL
    description Fixes CVE-2014-0160 (RHBZ #1085066) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2015-10-22
    plugin id 73509
    published 2014-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73509
    title Fedora 20 : mingw-openssl-1.0.1e-6.fc20 (2014-4982) (Heartbleed)
  • NASL family Windows
    NASL id VMWARE_PLAYER_MULTIPLE_VMSA_2014-0004.NASL
    description The installed version of VMware Player 6.x running on Windows is earlier than 6.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160)
    last seen 2018-09-02
    modified 2018-08-06
    plugin id 73672
    published 2014-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73672
    title VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)
  • NASL family Windows
    NASL id WINSCP_5_5_3.NASL
    description The WinSCP program installed on the remote host is version 4.x later than 4.3.7, 5.x later than 5.0.6 and prior to 5.5.3. It is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160) - An error exists related to X.509 certificates, FTP with TLS, and host validation that allows an attacker to spoof a server and obtain sensitive information. (CVE-2014-2735)
    last seen 2018-09-02
    modified 2018-08-06
    plugin id 73613
    published 2014-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73613
    title WinSCP Heartbeat Information Disclosure (Heartbleed)
  • NASL family General
    NASL id VMWARE_WORKSTATION_LINUX_10_0_2.NASL
    description The installed version of VMware Workstation 10.x is prior to 10.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 73673
    published 2014-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73673
    title VMware Workstation 10.x < 10.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)
  • NASL family CGI abuses
    NASL id BLUECOAT_PROXY_AV_3_5_1_9.NASL
    description According to its self-reported version number, the firmware installed on the remote host is affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2018-09-01
    modified 2018-06-13
    plugin id 74037
    published 2014-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74037
    title Blue Coat ProxyAV 3.5.1.1 - 3.5.1.6 Heartbeat Information Disclosure (Heartbleed)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0377.NASL
    description Updated openssl packages that fix one security issue are now available for Red Hat Storage 2.1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All users of Red Hat Storage are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen 2018-09-14
    modified 2018-09-12
    plugin id 79005
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79005
    title RHEL 6 : Storage Server (RHSA-2014:0377) (Heartbleed)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-11 (AMD64 x86 emulation base libraries: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen 2018-09-01
    modified 2016-11-11
    plugin id 79964
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79964
    title GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-123.NASL
    description Updated tor packages fix multiple vulnerabilities : Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for relay identity keys and hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors (CVE-2013-7295). Update to version 0.2.4.22 solves these major and security problems : - Block authority signing keys that were used on authorities vulnerable to the heartbleed bug in OpenSSL (CVE-2014-0160). - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. - The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with acceptable strength and forward secrecy. - Relays now trust themselves to have a better view than clients of which TLS ciphersuites are better than others. - Clients now try to advertise the same list of ciphersuites as Firefox 28. For other changes see the upstream change log
    last seen 2018-09-01
    modified 2018-07-19
    plugin id 74481
    published 2014-06-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74481
    title Mandriva Linux Security Advisory : tor (MDVSA-2014:123)
  • NASL family CGI abuses
    NASL id WD_ARKEIA_10_1_19_VER_CHECK.NASL
    description The self-reported version of the remote Western Digital Arkeia device is prior to 10.1.19 / 10.2.9. It is, therefore, potentially affected by the following vulnerabilities : - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160) - A local file inclusion vulnerability exists. A remote, unauthenticated attacker can exploit this issue to read or execute arbitrary files by crafting a request with directory traversal sequences in the 'lang' HTTP cookie. (CVE-2014-2846)
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 74262
    published 2014-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74262
    title Western Digital Arkeia 10.1.x < 10.1.19 / 10.2.x < 10.2.9 Multiple Vulnerabilities (Heartbleed)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0396.NASL
    description An updated rhev-hypervisor6 package that fixes one security issue is now available for Red Hat Enterprise Virtualization Hypervisor 3.2. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Important: This update is an emergency security fix being provided outside the scope of the published support policy for Red Hat Enterprise Virtualization listed in the References section. In accordance with the support policy for Red Hat Enterprise Virtualization, Red Hat Enterprise Virtualization Hypervisor 3.2 will not receive future security updates. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which corrects this issue.
    last seen 2018-09-14
    modified 2018-09-12
    plugin id 79008
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79008
    title RHEL 6 : rhev-hypervisor6 (RHSA-2014:0396) (Heartbleed)
  • NASL family Misc.
    NASL id JUNOS_PULSE_JSA10623.NASL
    description According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 73688
    published 2014-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73688
    title Junos Pulse Secure Access IVE / UAC OS OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed)
  • NASL family Windows
    NASL id ATTACHMATE_REFLECTION_HEARTBLEED.NASL
    description The Attachmate Reflection install on the remote host is affected by an out-of-bounds read error known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-02
    modified 2018-06-27
    plugin id 76309
    published 2014-06-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76309
    title Attachmate Reflection Heartbeat Information Disclosure (Heartbleed)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2014-098-01.NASL
    description New openssl packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73409
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73409
    title Slackware 14.0 / 14.1 / current : openssl (SSA:2014-098-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-4999.NASL
    description Fixes CVE-2014-0160 (RHBZ #1085066) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2015-10-22
    plugin id 73547
    published 2014-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73547
    title Fedora 19 : mingw-openssl-1.0.1e-6.fc19 (2014-4999) (Heartbleed)
  • NASL family Red Hat Local Security Checks
    NASL id HP_VCA_SSRT101531-RHEL.NASL
    description The RPM installation of HP Version Control Agent (VCA) on the remote Linux host is version 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 77022
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77022
    title HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)
  • NASL family Firewalls
    NASL id BLUECOAT_PROXY_SG_6_5_3_6.NASL
    description The remote Blue Coat ProxySG device's SGOS self-reported version is 6.5.3.x prior to 6.5.3.6. It is, therefore, potentially affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-02
    modified 2018-06-27
    plugin id 73515
    published 2014-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73515
    title Blue Coat ProxySG Heartbeat Information Disclosure (Heartbleed)
  • NASL family Web Servers
    NASL id OPENSSL_1_0_1G.NASL
    description According to its banner, the remote web server uses a version of OpenSSL 1.0.1 prior to 1.0.1g. The OpenSSL library is, therefore, reportedly affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2018-07-16
    plugin id 73404
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73404
    title OpenSSL 1.0.1 < 1.0.1g Multiple Vulnerabilities (Heartbleed)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0376.NASL
    description From Red Hat Security Advisory 2014:0376 : Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73395
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73395
    title Oracle Linux 6 : openssl (ELSA-2014-0376)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FUSION_6_0_3.NASL
    description The version of VMware Fusion 6.x installed on the remote Mac OS X host is prior to 6.0.3. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 73670
    published 2014-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73670
    title VMware Fusion 6.x < 6.0.3 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL15159.NASL
    description The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. (CVE-2014-0160) Impact A malicious user can exploit vulnerable systems and retrieve information from memory. This information may potentially include user credentials or the private keys used for Transport Layer Security (TLS) or Datagram Transport Layer Security (DTLS). For information about vulnerable components or features, refer to the following list : Virtual servers using aSecure Sockets Layer (SSL) profile configured with the default Native SSL ciphers are not vulnerable. Only virtual servers using an SSL profile configured to use ciphers from the COMPAT SSL stack are vulnerable in BIG-IP 11.5.0 and 11.5.1. Additionally, virtual servers that do not use SSL profiles and pass SSL traffic to the back-end web servers will not protect the back-end resource servers. The Configuration utility and other services, such as iControl, are vulnerable. The big3d process included with BIG-IP GTM 11.5.0 and 11.5.1 is vulnerable. Additionally, monitored BIG-IP systems whose big3d process was updated by an affected BIG-IP GTM system are also vulnerable. The big3d process included with Enterprise Manager 3.1.1 HF1 and HF2 is vulnerable. Additionally, monitored BIG-IP systems whose big3d process was updated by an affected Enterprise Manager system are also vulnerable. The BIG-IP Edge Client for Android is not vulnerable. However, the BIG-IP Edge Client for Windows, Mac OS, and Linux is vulnerable. An attacker can retrieve sensitive information by using the stated vulnerability in the following scenarios: User is tricked into connecting to any malicious SSL server. User connects to a compromised FirePass or BIG-IP APM system.
    last seen 2018-09-02
    modified 2018-07-10
    plugin id 78164
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78164
    title F5 Networks BIG-IP : OpenSSL vulnerability (K15159) (Heartbleed)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0376.NASL
    description Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73387
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73387
    title CentOS 6 : openssl (CESA-2014:0376)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_JSA10623.NASL
    description According to its self-reported version number, the remote Junos device is affected by an information disclosure vulnerability. An out-of-bounds read error, known as Heartbleed, exists in the TLS/DTLS implementation due to improper handling of TLS heartbeat extension packets. A remote attacker, using crafted packets, can trigger a buffer over-read, resulting in the disclosure of up to 64KB of process memory, which contains sensitive information such as primary key material, secondary key material, and other protected content. Note that this issue only affects devices with J-Web or the SSL service for JUNOScript enabled.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 73687
    published 2014-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73687
    title Juniper Junos OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed)
  • NASL family Misc.
    NASL id IPSWITCH_IMAIL_12_4_1_15.NASL
    description The remote host appears to be running Ipswitch IMail Server 11.x or 12.x older than version 12.4.1.15 and is, therefore, potentially affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160) - Multiple input validation errors exist related to the 'WebClient' component that could allow cross-site scripting attacks. (CVE-2014-3878)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 76490
    published 2014-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76490
    title Ipswitch IMail Server 11.x / 12.x < 12.4.1.15 Multiple Vulnerabilities (Heartbleed)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2896.NASL
    description A vulnerability has been discovered in OpenSSL's support for the TLS/DTLS Heartbeat extension. Up to 64KB of memory from either client or server can be recovered by an attacker. This vulnerability might allow an attacker to compromise the private key and other sensitive data in memory. All users are urged to upgrade their openssl packages (especially libssl1.0.0) and restart applications as soon as possible. According to the currently available information, private keys should be considered as compromised and regenerated as soon as possible. More details will be communicated at a later time. The oldstable distribution (squeeze) is not affected by this vulnerability.
    last seen 2018-09-02
    modified 2014-06-14
    plugin id 73388
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73388
    title Debian DSA-2896-1 : openssl - security update
  • NASL family Web Servers
    NASL id SPLUNK_603.NASL
    description According to its version number, the Splunk Web hosted on the remote web server is 6.x prior to 6.0.3. It is, therefore, affected by multiple OpenSSL-related vulnerabilities : - A flaw exists with the OpenSSL version being used by Splunk with the 'ssl3_take_mac' in 'ssl/s3_both.c'. This allows a remote attacker to cause a denial of service with a specially crafted request. (CVE-2013-4353) - An out-of-bounds read error, known as Heartbleed, exists in the TLS/DTLS implementation due to improper handling of TLS heartbeat extension packets. A remote attacker, using crafted packets, can trigger a buffer over-read, resulting in the disclosure of up to 64KB of process memory, which contains sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2018-09-01
    modified 2018-07-30
    plugin id 73575
    published 2014-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73575
    title Splunk 6.x < 6.0.3 Multiple OpenSSL Vulnerabilities (Heartbleed)
  • NASL family Windows
    NASL id VMWARE_WORKSTATION_MULTIPLE_VMSA_2014_0004.NASL
    description The version of VMware Workstation installed on the remote host is version 10.x prior to 10.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material and other protected content. (CVE-2014-0160)
    last seen 2018-09-02
    modified 2018-08-06
    plugin id 73674
    published 2014-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73674
    title VMware Workstation 10.x < 10.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)
  • NASL family Misc.
    NASL id OPENSSL_HEARTBLEED.NASL
    description Based on its response to a TLS request with a specially crafted heartbeat message (RFC 6520), the remote service appears to be affected by an out-of-bounds read flaw. This flaw could allow a remote attacker to read the contents of up to 64KB of server memory, potentially exposing passwords, private keys, and other sensitive data.
    last seen 2018-09-02
    modified 2018-07-16
    plugin id 73412
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73412
    title OpenSSL Heartbeat Information Disclosure (Heartbleed)
  • NASL family Misc.
    NASL id FORTINET_FG-IR-14-011.NASL
    description The firmware of the remote Fortinet host is running a version of OpenSSL that is affected by a remote information disclosure, commonly known as the 'Heartbleed' bug. A remote, unauthenticated, attacker could potentially exploit this vulnerability to extract up to 64 kilobytes of memory per request from the device.
    last seen 2018-09-01
    modified 2018-07-11
    plugin id 73669
    published 2014-04-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73669
    title Fortinet OpenSSL Information Disclosure (Heartbleed)
  • NASL family Web Servers
    NASL id HPSMH_7_3_2.NASL
    description According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote web server has an implementation of the OpenSSL library affected by the following issues : - An error exists in the 'ssl3_take_mac' function in the file 'ssl/s3_both.c' related to handling TLS handshake traffic that could lead to denial of service attacks. (CVE-2013-4353) - An error exists in the 'ssl_get_algorithm2' function in the file 'ssl/s3_lib.c' related to handling TLS 1.2 traffic that could lead to denial of service attacks. (CVE-2013-6449) - An error exists related to the handling of DTLS retransmission processes that could lead to denial of service attacks. (CVE-2013-6450) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 73639
    published 2014-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73639
    title HP System Management Homepage OpenSSL Multiple Vulnerabilities (Heartbleed)
  • NASL family Windows
    NASL id KASPERSKY_INTERNET_SECURITY_HEARTBLEED.NASL
    description The remote host has a version of Kaspersky Internet Security (KIS) installed that is missing a vendor patch. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 77437
    published 2014-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77437
    title Kaspersky Internet Security Heartbeat Information Disclosure (Heartbleed)
  • NASL family Web Servers
    NASL id HP_OFFICEJET_PRO_HEARTBLEED.NASL
    description According to its self-reported build information, the firmware running on the remote HP OfficeJet printer is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note this affects both client and server modes of operation.
    last seen 2018-09-02
    modified 2018-07-13
    plugin id 74270
    published 2014-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74270
    title HP OfficeJet Printer Heartbeat Information Disclosure (Heartbleed)
  • NASL family CISCO
    NASL id CISCO-VCS-CSCUO16472.NASL
    description According to its self-reported version number, the version of Cisco TelePresence Video Communication Server installed on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note this affects both client and server modes of operation.
    last seen 2018-09-02
    modified 2018-07-06
    plugin id 74010
    published 2014-05-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74010
    title Cisco TelePresence Video Communication Server Heartbeat Information Disclosure (Heartbleed)
  • NASL family Misc.
    NASL id MCAFEE_VSEL_SB10071.NASL
    description The remote host has a version of McAfee VirusScan Enterprise for Linux (VSEL) that is affected by an information disclosure due to a flaw in the OpenSSL library, commonly known as the Heartbleed bug. An attacker could potentially exploit this vulnerability repeatedly to read up to 64KB of memory from the device.
    last seen 2018-09-02
    modified 2018-07-14
    plugin id 73854
    published 2014-05-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73854
    title McAfee VirusScan Enterprise for Linux OpenSSL Information Disclosure (SB10071) (Heartbleed)
  • NASL family Misc.
    NASL id MCAFEE_WEB_GATEWAY_SB10071.NASL
    description The remote host is running a version of McAfee Web Gateway (MWG) that is affected by an information disclosure vulnerability due to a flaw in the OpenSSL library, commonly known as the Heartbleed bug. An attacker could potentially exploit this vulnerability repeatedly to read up to 64KB of memory from the device.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 73836
    published 2014-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73836
    title McAfee Web Gateway OpenSSL Information Disclosure (SB10071) (Heartbleed)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_OPENSSL_20140731.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (CVE-2013-4353) - The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. (CVE-2013-6449) - The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/ t1_enc.c. (CVE-2013-6450) - The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. (CVE-2014-0076) - The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2016-07-08
    plugin id 80721
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80721
    title Oracle Solaris Third-Party Patch Update : openssl (multiple_vulnerabilities_in_openssl4) (Heartbleed)
  • NASL family Windows
    NASL id WEBSENSE_EMAIL_SECURITY_HEARTBLEED.NASL
    description The version of Websense Email Security installed on the remote Windows host contains a bundled version of an OpenSSL DLL file. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 73758
    published 2014-04-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73758
    title Websense Email Security Heartbeat Information Disclosure (Heartbleed)
  • NASL family Misc.
    NASL id VMWARE_ESXI_5_5_BUILD_1746974_REMOTE.NASL
    description The remote VMware ESXi host is 5.5 prior to build 1746974 or 5.5 Update 1 prior to build 1746018. It is, therefore, potentially affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160
    last seen 2018-09-02
    modified 2018-08-06
    plugin id 73917
    published 2014-05-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73917
    title ESXi 5.5 < Build 1746974 / 5.5 Update 1 < Build 1746018 OpenSSL Library Multiple Vulnerabilities (remote check) (Heartbleed)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0416.NASL
    description Updated rhevm-spice-client packages that fix multiple security issues are now available for Red Hat Enterprise Virtualization Manager 3. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. The rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE client. OpenSSL, a general purpose cryptography library with a TLS implementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer package has been updated to correct the following issues : An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the way OpenSSL handled TLS/SSL protocol handshake packets. A specially crafted handshake packet could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Red Hat would like to thank the OpenSSL project for reporting CVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the original reporter. The updated mingw-virt-viewer Windows SPICE client further includes OpenSSL security fixes that have no security impact on mingw-virt-viewer itself. The security fixes included in this update address the following CVE numbers : CVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166 All Red Hat Enterprise Virtualization Manager users are advised to upgrade to these updated packages, which address these issues.
    last seen 2018-09-02
    modified 2018-07-26
    plugin id 79013
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79013
    title RHEL 6 : rhevm-spice-client (RHSA-2014:0416)
  • NASL family Firewalls
    NASL id MCAFEE_FIREWALL_ENTERPRISE_SB10071.NASL
    description The remote host has a version of McAfee Firewall Enterprise installed that is affected by an out-of-bounds read error, known as Heartbleed, in the TLS/DTLS implementation due to improper handling of TLS heartbeat extension packets. A remote attacker, using crafted packets, can trigger a buffer over-read, resulting in the disclosure of up to 64KB of process memory, which contains sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 73834
    published 2014-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73834
    title McAfee Firewall Enterprise OpenSSL Information Disclosure (SB10071) (Heartbleed)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-4879.NASL
    description pull in upstream patch for CVE-2014-0160
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73429
    published 2014-04-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73429
    title Fedora 20 : openssl-1.0.1e-37.fc20.1 (2014-4879)
  • NASL family Windows
    NASL id HP_VCA_SSRT101531.NASL
    description The installation of HP Version Control Agent (VCA) on the remote Windows host is version 7.2.0, 7.2.1, 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 77024
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77024
    title HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-062.NASL
    description Multiple vulnerabilities has been discovered and corrected in openssl : Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment (CVE-2010-5298). The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160). The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment (CVE-2014-0195). The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition (CVE-2014-0198). The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake (CVE-2014-0221). OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224). The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value (CVE-2014-3470). Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message (CVE-2014-3513). The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566). Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure (CVE-2014-3567). The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix (CVE-2014-3569). The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570). OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c (CVE-2014-3571). The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572). OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275). The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204). The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205). Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection (CVE-2015-0206). Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (CVE-2015-0209). The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature (CVE-2015-0286). The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse (CVE-2015-0287). The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key (CVE-2015-0288). The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message (CVE-2015-0293). The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
    last seen 2018-09-02
    modified 2018-07-19
    plugin id 82315
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82315
    title Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140408_OPENSSL_ON_SL6_X.NASL
    description An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73408
    published 2014-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73408
    title Scientific Linux Security Update : openssl on SL6.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-4910.NASL
    description pull in upstream patch for CVE-2014-0160
    last seen 2018-09-01
    modified 2014-06-14
    plugin id 73430
    published 2014-04-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73430
    title Fedora 19 : openssl-1.0.1e-37.fc19.1 (2014-4910)
  • NASL family Misc.
    NASL id OPENVPN_HEARTBLEED.NASL
    description Based on its response to a TLS request with a specially crafted heartbeat message (RFC 6520), the remote OpenVPN service appears to be affected by an out-of-bounds read flaw. Because the remote OpenVPN service does not employ the 'HMAC Firewall' feature, this vulnerability can be exploited without authentication. This vulnerability could allow an attacker to obtain secret keys, cleartext VPN traffic, and other sensitive data.
    last seen 2018-09-02
    modified 2018-07-16
    plugin id 73491
    published 2014-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73491
    title OpenVPN Heartbeat Information Disclosure (Heartbleed)
  • NASL family Windows
    NASL id HP_VCRM_SSRT101531.NASL
    description The HP Version Control Repository Manager (VCRM) install on the remote Windows host is version 7.2.0, 7.2.1, 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 77025
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77025
    title HP Version Control Repository Manager (VCRM) Heartbeat Information Disclosure (Heartbleed)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-318.NASL
    description This is an openssl version update to 1.0.1g. - The main reason for this upgrade was to be clear about the TLS heartbeat problem know as 'Heartbleed' (CVE-2014-0160). That problem was already fixed in our previous openssl update.
    last seen 2018-09-01
    modified 2016-07-08
    plugin id 75331
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75331
    title openSUSE Security Update : openssl (openSUSE-SU-2014:0560-1) (Heartbleed)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0378.NASL
    description An updated rhev-hypervisor6 package that fixes one security issue is now available. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which corrects this issue.
    last seen 2018-09-14
    modified 2018-09-12
    plugin id 79006
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79006
    title RHEL 6 : rhev-hypervisor6 (RHSA-2014:0378) (Heartbleed)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2014-0032.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate (CVE-2014-3566) (padding attack on SSL3) - add ECC TLS extensions to DTLS (#1119800) - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-0224 fix that broke EAP-FAST session resumption support - drop EXPORT, RC2, and DES from the default cipher list (#1057520) - print ephemeral key size negotiated in TLS handshake (#1057715) - do not include ECC ciphersuites in SSLv2 client hello (#1090952) - properly detect encryption failure in BIO (#1100819) - fail on hmac integrity check if the .hmac file is empty (#1105567) - FIPS mode: make the limitations on DSA, DH, and RSA keygen length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment variable is set - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - add back support for secp521r1 EC curve - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension - use 2048 bit RSA key in FIPS selftests - add DH_compute_key_padded needed for FIPS CAVS testing - make 3des strength to be 128 bits instead of 168 (#1056616) - FIPS mode: do not generate DSA keys and DH parameters < 2048 bits - FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys) - FIPS mode: add DH selftest - FIPS mode: reseed DRBG properly on RAND_add - FIPS mode: add RSA encrypt/decrypt selftest - FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key - use the key length from configuration file if req -newkey rsa is invoked - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - fix CVE-2013-6449 - crash when version in SSL structure is incorrect - add back some no-op symbols that were inadvertently dropped
    last seen 2018-09-06
    modified 2018-09-05
    plugin id 79547
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79547
    title OracleVM 3.3 : openssl (OVMSA-2014-0032) (Heartbleed) (POODLE)
  • NASL family Windows
    NASL id FILEZILLA_SERVER_0944.NASL
    description According to its banner, the version of FileZilla Server running on the remote host is prior to 0.9.44. It is, therefore, affected by an information disclosure vulnerability. An information disclosure flaw exists with the OpenSSL included with FileZilla Server. A remote attacker could read the contents of up to 64KB of server memory, potentially exposing passwords, private keys, and other sensitive data. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2018-09-01
    modified 2018-07-11
    plugin id 73640
    published 2014-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73640
    title FileZilla Server < 0.9.44 OpenSSL Heartbeat Information Disclosure (Heartbleed)
  • NASL family Windows
    NASL id ATTACHMATE_REFLECTION_X_HEARTBLEED.NASL
    description The Attachmate Reflection X install on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-06-27
    plugin id 74186
    published 2014-05-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74186
    title Attachmate Reflection X Heartbeat Information Disclosure (Heartbleed)
  • NASL family SuSE Local Security Checks
    NASL id HP_VCA_SSRT101531-SLES.NASL
    description The RPM installation of HP Version Control Agent (VCA) on the remote Linux host is version 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 77023
    published 2014-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77023
    title HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)
  • NASL family Misc.
    NASL id MCAFEE_NGFW_SB10071.NASL
    description The remote host is running a version of McAfee Next Generation Firewall (NGFW) that is affected by an information disclosure vulnerability due to a flaw in the OpenSSL library, commonly known as the Heartbleed bug. An attacker could potentially exploit this vulnerability repeatedly to read up to 64KB of memory from the device.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 73835
    published 2014-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73835
    title McAfee Next Generation Firewall OpenSSL Information Disclosure (SB10071) (Heartbleed)
  • NASL family Misc.
    NASL id MCAFEE_EMAIL_GATEWAY_SB10071.NASL
    description The remote host is running a version of McAfee Email Gateway (MEG) that is affected by an information disclosure due to a flaw in the OpenSSL library, commonly known as the Heartbleed bug. An attacker could potentially exploit this vulnerability repeatedly to read up to 64KB of memory from the device.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 73832
    published 2014-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73832
    title McAfee Email Gateway OpenSSL Information Disclosure (SB10071) (Heartbleed)
  • NASL family AIX Local Security Checks
    NASL id AIX_OPENSSL_ADVISORY7.NASL
    description The version of OpenSSL running on the remote host is affected by an information disclosure vulnerability. OpenSSL incorrectly handles memory in the TLS heartbeat extension, potentially allowing a remote attacker to read the contents of up to 64KB of server memory, potentially exposing passwords, private keys, and other sensitive data.
    last seen 2018-09-02
    modified 2018-07-17
    plugin id 73472
    published 2014-04-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73472
    title AIX OpenSSL Advisory : openssl_advisory7.doc (Heartbleed)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9308.NASL
    description Multiple moderate issues fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2017-01-10
    plugin id 77108
    published 2014-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77108
    title Fedora 20 : openssl-1.0.1e-39.fc20 (2014-9308) (Heartbleed)
  • NASL family Misc.
    NASL id MCAFEE_EPO_SB10071.NASL
    description The remote host is running a version of McAfee ePolicy Orchestrator that is affected by an information disclosure due to a flaw in the OpenSSL library, commonly known as the Heartbleed bug. An attacker could potentially exploit this vulnerability repeatedly to read up to 64KB of memory from the device.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 73833
    published 2014-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73833
    title McAfee ePolicy Orchestrator OpenSSL Information Disclosure (SB10071) (Heartbleed)
  • NASL family Windows
    NASL id ATTACHMATE_REFLECTION_SECURE_IT_FOR_WIN_CLIENT_HEARTBLEED.NASL
    description The Attachmate Reflection Secure IT Windows Client install on the remote host contains a component, Reflection FTP Client, which is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-06-27
    plugin id 73965
    published 2014-05-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73965
    title Attachmate Reflection Secure IT Windows Client Information Disclosure (Heartbleed)
  • NASL family Windows
    NASL id OPENVPN_2_3_3_0.NASL
    description According to its self-reported version number, the version of OpenVPN installed on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note this affects both client and server modes of operation.
    last seen 2018-09-02
    modified 2018-07-16
    plugin id 73668
    published 2014-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73668
    title OpenVPN 2.3.x Heartbeat Information Disclosure (Heartbleed)
  • NASL family Misc.
    NASL id KERIO_CONNECT_824.NASL
    description According to its banner, the remote host is running a version of Kerio Connect (formerly Kerio MailServer) version 8.2.x prior to 8.2.4. It is, therefore, affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note this affects both client and server modes of operation. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 76402
    published 2014-07-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76402
    title Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed)
  • NASL family Windows
    NASL id SMB_KB2962393.NASL
    description The remote host is missing KB2962393, which resolves an OpenSSL information disclosure vulnerability (Heartbleed) in the Juniper VPN client software shipped with Windows 8.1.
    last seen 2018-09-01
    modified 2018-07-30
    plugin id 73865
    published 2014-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73865
    title MS KB2962393: Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse Client (Heartbleed)
  • NASL family Windows
    NASL id WEBSENSE_WEB_SECURITY_HEARTBLEED.NASL
    description The version of Websense Web Security installed on the remote Windows host contains a bundled version of an OpenSSL DLL file. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 73759
    published 2014-04-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73759
    title Websense Web Security Heartbeat Information Disclosure (Heartbleed)
  • NASL family Windows
    NASL id HP_LOADRUNNER_12_00_1.NASL
    description The version of HP LoadRunner installed on the remote host is 11.52.x prior to 11.52 Patch 2 or 12.00.x prior to 12.00 Patch 1. It is, therefore, affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 77054
    published 2014-08-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77054
    title HP LoadRunner 11.52.x < 11.52 Patch 2 / 12.00.x < 12.00 Patch 1 Heartbeat Information Disclosure (Heartbleed)
  • NASL family Misc.
    NASL id HP_ONBOARD_ADMIN_HEARTBLEED_VERSIONS.NASL
    description The remote host has version 4.11 or 4.20 of HP BladeSystem c-Class Onboard Administrator. It is, therefore, affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note this affects both client and server modes of operation.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 76509
    published 2014-07-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76509
    title HP BladeSystem c-Class Onboard Administrator 4.11 / 4.20 Heartbeat Information Disclosure (Heartbleed)
  • NASL family Windows
    NASL id HP_INSIGHT_CONTROL_SERVER_MIGRATION_7_3_2.NASL
    description According to its version, the HP Insight Control Server Migration install on the remote Windows host includes a bundled copy of OpenSSL that is affected by an information disclosure vulnerability. A remote attacker could read the contents of up to 64KB of server memory, potentially exposing passwords, private keys, and other sensitive data.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 76463
    published 2014-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76463
    title HP Insight Control Server Migration 7.3.0 and 7.3.1 OpenSSL Heartbeat Information Disclosure (Heartbleed)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2014-0004.NASL
    description a. Information Disclosure vulnerability in OpenSSL third-party library The OpenSSL library is updated to version openssl-1.0.1g to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0076 and CVE-2014-0160 to these issues. CVE-2014-0160 is known as the Heartbleed issue. More information on this issue may be found in the reference section. To remediate the issue for products that have updated versions or patches available, perform these steps: * Deploy the VMware product update or product patches * Replace certificates per the product-specific documentation * Reset passwords per the product-specific documentation Section 4 lists product-specific references to installation instructions and certificate management documentation.
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 73851
    published 2014-05-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73851
    title VMSA-2014-0004 : VMware product updates address OpenSSL security vulnerabilities
  • NASL family Windows
    NASL id SYMANTEC_ENDPOINT_PROT_MGR_12_1_RU4_MP1A.NASL
    description According to its self-reported version number, the version of Symantec Endpoint Protection Manager (SEPM) installed on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note this affects both client and server modes of operation.
    last seen 2018-09-01
    modified 2018-08-01
    plugin id 73964
    published 2014-05-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73964
    title Symantec Endpoint Protection Manager < 12.1 RU4 MP1a OpenSSL Heartbeat Information Disclosure (Heartbleed)
  • NASL family Windows
    NASL id LIBREOFFICE_423.NASL
    description A version of LibreOffice 4.2.x prior to 4.2.3 is installed on the remote Windows host. This version of LibreOffice is bundled with a version of OpenSSL affected by multiple vulnerabilities : - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298) - An error exists in the 'ssl3_take_mac' function in the file 'ssl/s3_both.c' related to handling TLS handshake traffic that could lead to denial of service attacks. (CVE-2013-4353) - An error exists in the 'ssl_get_algorithm2' function in the file 'ssl/s3_lib.c' related to handling TLS 1.2 traffic that could lead to denial of service attacks. (CVE-2013-6449) - An error exists related to the handling of DTLS retransmission processes that could lead to denial of service attacks. (CVE-2013-6450) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160) - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195) - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198) - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client. (CVE-2014-0221) - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224) - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470) Note that Nessus has not attempted to exploit these issues, but has instead relied only on the application's self-reported version number.
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 76510
    published 2014-07-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76510
    title LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Heartbleed)
  • NASL family Windows
    NASL id IBM_RATIONAL_CLEARQUEST_8_0_1_3_01.NASL
    description The remote host has a version of IBM Rational ClearQuest 7.1.1.x / 7.1.2.x prior to 7.1.2.13.01 / 8.0.0.x prior to 8.0.0.10.01 / 8.0.1.x prior to 8.0.1.3.01 installed. It is, therefore, potentially affected by multiple vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that allows nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that allows an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note that this error only affects versions of ClearQuest later than 7.1.2. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 81782
    published 2015-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81782
    title IBM Rational ClearQuest 7.1.1.x / 7.1.2.x < 7.1.2.13.01 / 8.0.0.x < 8.0.0.10.01 / 8.0.1.x < 8.0.1.3.01 OpenSSL Library Multiple Vulnerabilities (credentialed check) (Heartbleed)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2014-0004_REMOTE.NASL
    description The remote VMware ESXi host is affected by multiple vulnerabilities in the OpenSSL third-party library : - A flaw exist in the Elliptic Curve Digital Signature Algorithm (ECDSA) implementation due to a failure to insure that certain swap operations have a constant-time behavior. An attacker can exploit this to obtain the ECDSA nonces by using a FLUSH+RELOAD cache side-channel attack. (CVE-2014-0076) - An out-of-bounds read error, known as Heartbleed, exists in the TLS/DTLS implementation due to improper handling of TLS heartbeat extension packets. A remote attacker, using crafted packets, can trigger a buffer over-read, resulting in the disclosure of up to 64KB of process memory, which contains sensitive information such as primary key material, secondary key material, and other protected content. (CVE-2014-0160)
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 87676
    published 2015-12-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87676
    title VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0004) (Heartbleed)
  • NASL family Windows
    NASL id BLACKBERRY_ES_UDS_KB35882.NASL
    description The BlackBerry Enterprise Service (BES) install on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content. Note this affects both client and server modes of operation.
    last seen 2018-09-01
    modified 2018-06-27
    plugin id 73762
    published 2014-04-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73762
    title BlackBerry Enterprise Service Information Disclosure (KB35882) (Heartbleed)
packetstorm via4
redhat via4
advisories
  • bugzilla
    id 1084875
    title CVE-2014-0160 openssl: information disclosure in handling of TLS heartbeat extension packets
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment openssl-devel is earlier than 0:1.0.1e-16.el6_5.7
          oval oval:com.redhat.rhsa:tst:20140376007
        • comment openssl-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100888012
      • AND
        • comment openssl is earlier than 0:1.0.1e-16.el6_5.7
          oval oval:com.redhat.rhsa:tst:20140376005
        • comment openssl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100888006
      • AND
        • comment openssl-static is earlier than 0:1.0.1e-16.el6_5.7
          oval oval:com.redhat.rhsa:tst:20140376011
        • comment openssl-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100888010
      • AND
        • comment openssl-perl is earlier than 0:1.0.1e-16.el6_5.7
          oval oval:com.redhat.rhsa:tst:20140376009
        • comment openssl-perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100888008
    rhsa
    id RHSA-2014:0376
    released 2014-04-08
    severity Important
    title RHSA-2014:0376: openssl security update (Important)
  • rhsa
    id RHSA-2014:0377
  • rhsa
    id RHSA-2014:0378
  • rhsa
    id RHSA-2014:0396
rpms
  • openssl-devel-0:1.0.1e-16.el6_5.7
  • openssl-0:1.0.1e-16.el6_5.7
  • openssl-static-0:1.0.1e-16.el6_5.7
  • openssl-perl-0:1.0.1e-16.el6_5.7
refmap via4
bid 66690
bugtraq 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
cert TA14-098A
cert-vn VU#720951
cisco 20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
confirm
debian DSA-2896
fedora
  • FEDORA-2014-4879
  • FEDORA-2014-4910
  • FEDORA-2014-9308
fulldisc
  • 20140408 Re: heartbleed OpenSSL bug CVE-2014-0160
  • 20140408 heartbleed OpenSSL bug CVE-2014-0160
  • 20140409 Re: heartbleed OpenSSL bug CVE-2014-0160
  • 20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL
  • 20140412 Re: heartbleed OpenSSL bug CVE-2014-0160
  • 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
hp
  • HPSBGN03008
  • HPSBGN03010
  • HPSBGN03011
  • HPSBHF03021
  • HPSBHF03136
  • HPSBHF03293
  • HPSBMU02994
  • HPSBMU02995
  • HPSBMU02997
  • HPSBMU02998
  • HPSBMU02999
  • HPSBMU03009
  • HPSBMU03012
  • HPSBMU03013
  • HPSBMU03017
  • HPSBMU03018
  • HPSBMU03019
  • HPSBMU03020
  • HPSBMU03022
  • HPSBMU03023
  • HPSBMU03024
  • HPSBMU03025
  • HPSBMU03028
  • HPSBMU03029
  • HPSBMU03030
  • HPSBMU03032
  • HPSBMU03033
  • HPSBMU03037
  • HPSBMU03040
  • HPSBMU03044
  • HPSBMU03062
  • HPSBPI03014
  • HPSBPI03031
  • HPSBST03000
  • HPSBST03001
  • HPSBST03004
  • HPSBST03015
  • HPSBST03016
  • HPSBST03027
  • SSRT101846
mandriva MDVSA-2015:062
misc
mlist [syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released
sectrack
  • 1030026
  • 1030074
  • 1030077
  • 1030078
  • 1030079
  • 1030080
  • 1030081
  • 1030082
secunia
  • 57347
  • 57483
  • 57721
  • 57836
  • 57966
  • 57968
  • 59139
  • 59243
  • 59347
suse
  • SUSE-SA:2014:002
  • openSUSE-SU-2014:0492
  • openSUSE-SU-2014:0560
ubuntu USN-2165-1
the hacker news via4
vmware via4
description The OpenSSL library is updated to version openssl-1.0.1g to resolve multiple security issues. * Deploy the VMware product update or product patches * Replace certificates per the product-specific documentation * Reset passwords per the product-specific documentation
id VMSA-2014-0004
last_updated 2014-04-22T00:00:00
published 2014-04-14T00:00:00
title Information Disclosure vulnerability in OpenSSL third party library
workaround None
vulner lab via4
id VULNERLAB:1254
last seen 2018-08-31
modified 2014-04-09
published 2014-04-09
reporter Vulnerability Laboratory [Research Team]
source http://www.vulnerability-lab.com/get_content.php?id=1254
title HeartBleed SSL CVE 20140160 - 10 Steps to Fix in Ubuntu
Last major update 06-01-2017 - 21:59
Published 07-04-2014 - 18:55
Last modified 09-10-2018 - 15:36
Back to Top