Vulnerability Details : CVE-2014-0160
Public exploit exists!
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
Products affected by CVE-2014-0160
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:gluster_storage:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1500_firmware:1.5:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1500t_firmware:1.5:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:application_processing_engine_firmware:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:cp_1543-1_firmware:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:elan-8.2:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:wincc_open_architecture:3.12:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:7.3:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:7.3.0.104:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:mivoice:1.1.2.5:*:*:*:*:lync:*:*
- cpe:2.3:a:mitel:mivoice:1.1.3.3:*:*:*:*:skype_for_business:*:*
- cpe:2.3:a:mitel:mivoice:1.2.0.11:*:*:*:*:skype_for_business:*:*
- cpe:2.3:a:mitel:mivoice:1.3.2.2:*:*:*:*:skype_for_business:*:*
- cpe:2.3:a:mitel:mivoice:1.4.0.102:*:*:*:*:skype_for_business:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:filezilla-project:filezilla_server:*:*:*:*:*:*:*:*
- cpe:2.3:o:intellian:v100_firmware:1.20:*:*:*:*:*:*:*
- cpe:2.3:o:intellian:v100_firmware:1.21:*:*:*:*:*:*:*
- cpe:2.3:o:intellian:v100_firmware:1.24:*:*:*:*:*:*:*
- cpe:2.3:o:intellian:v60_firmware:1.15:*:*:*:*:*:*:*
- cpe:2.3:o:intellian:v60_firmware:1.25:*:*:*:*:*:*:*
- cpe:2.3:o:ricon:s9922l_firmware:16.10.3\(3794\):*:*:*:*:*:*:*
Threat overview for CVE-2014-0160
Top countries where our scanners detected CVE-2014-0160
Top open port discovered on systems with this issue
21
IPs affected by CVE-2014-0160 276
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-0160!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
CVE-2014-0160 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
OpenSSL Information Disclosure Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2014-0160
Added on
2022-05-04
Action due date
2022-05-25
Exploit prediction scoring system (EPSS) score for CVE-2014-0160
97.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-0160
-
OpenSSL Heartbeat (Heartbleed) Information Leak
Disclosure Date: 2014-04-07First seen: 2020-04-26auxiliary/scanner/ssl/openssl_heartbleedThis module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable. The module supports se -
OpenSSL Heartbeat (Heartbleed) Client Memory Exposure
Disclosure Date: 2014-04-07First seen: 2020-04-26auxiliary/server/openssl_heartbeat_client_memoryThis module provides a fake SSL service that is intended to leak memory from client systems as they connect. This module is hardcoded for using the AES-128-CBC-SHA1 cipher. Authors: - Neel Mehta - Riku - Antti - Matti - hdm <x@hdm.io>
CVSS scores for CVE-2014-0160
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2014-0160
-
The product reads data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0160
-
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01
Schneider ElectricBroken Link
-
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html
Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html
[SECURITY] Fedora 20 Update: openssl-1.0.1e-39.fc20Mailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=141287864628122&w=2
'[security bulletin] HPSBHF03136 rev.1 - HP TippingPoint NGFW running OpenSSL, Remote Disclosure of I' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139817782017443&w=2
'[security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure' - MARCMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html
[security-announce] openSUSE-SU-2014:0492-1: important: update for opensMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1030079
Cisco Security Manager OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21670161
IBM notice: The page you requested cannot be displayedBroken Link
-
http://marc.info/?l=bugtraq&m=139889295732144&w=2
'[security bulletin] HPSBPI03031 rev.1 - HP Officejet Pro X Printers, Certain Officejet Pro Printers,' - MARCMailing List;Third Party Advisory
-
http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/
Enterprise Chef 11.1.3 Release - Chef BlogRelease Notes
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html
[SECURITY] Fedora 20 Update: openssl-1.0.1e-37.fc20.1Broken Link;Third Party Advisory
-
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
HP Support for Technical Help and Troubleshooting | HP® Customer Service.Broken Link
-
http://marc.info/?l=bugtraq&m=139824923705461&w=2
'[security bulletin] HPSBST03015 rev.1 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139817727317190&w=2
'[security bulletin] HPSBMU03017 rev.1 - HP Software Connect-IT running OpenSSL, Remote Disclosure of' - MARCMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E
Pony Mail!Mailing List;Patch;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139835815211508&w=2
'[security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, ' - MARCMailing List;Third Party Advisory
-
http://secunia.com/advisories/57968
Sign inBroken Link;Third Party Advisory
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1Broken Link
-
http://rhn.redhat.com/errata/RHSA-2014-0377.html
RHSA-2014:0377 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-0376.html
RHSA-2014:0376 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ - Pony MailMailing List;Patch;Third Party Advisory
-
https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E
svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/-Apache Mail ArchivesMailing List;Patch;Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html
OpenSSL Heartbleed Vulnerability CVE-2014-0160Patch;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=140752315422991&w=2
'[security bulletin] HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows ru' - MARCMailing List;Third Party Advisory
-
http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3
Vulnerability Report - "Heartbleed" security vulnerability found in certain versions of SAN Datamover used in Unisys MCP PlatformsPermissions Required;Third Party Advisory
-
http://www.securitytracker.com/id/1030077
Splunk OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://www.exploit-db.com/exploits/32764
OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS Versions) - Multiple remote ExploitExploit;Third Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Patch;Third Party Advisory
-
http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/
Chef Server 11.0.12 Release - Chef BlogRelease Notes
-
http://marc.info/?l=bugtraq&m=139905351928096&w=2
'[security bulletin] HPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software running ' - MARCMailing List;Third Party Advisory
-
https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html
[syslog-ng-announce] syslog-ng Premium Edition 5 LTS (5.0.4a) has been releasedMailing List;Third Party Advisory
-
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
Broken Link;Third Party Advisory
-
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/ - Pony MailMailing List;Patch;Third Party Advisory
-
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco ProductsThird Party Advisory
-
http://marc.info/?l=bugtraq&m=140724451518351&w=2
'[security bulletin] HPSBMU03037 rev.2 - HP Multimedia Service Environment (MSE), (HP Network Interac' - MARCMailing List;Third Party Advisory
-
http://www.openssl.org/news/secadv_20140407.txt
Broken Link;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=139824993005633&w=2
'[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, R' - MARCMailing List;Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
IBM Tivoli Composite Application Manager for Transactions Internet Service Monitoring 7.4 Interim Fix 13 README Tivoli Composite Application Manager for Transactions 7.4.0.0 7.4.0.0-TIV-CAMIS-IF0013 RThird Party Advisory
-
http://www.securitytracker.com/id/1030078
Cisco Unified Communications Manager OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=139905653828999&w=2
'[security bulletin] HPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure of' - MARCMailing List;Third Party Advisory
-
http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1
Vulnerability Report - OpenSSL "Heartbleed" vulnerability on OS 2200 QProcessorThird Party Advisory
-
http://marc.info/?l=bugtraq&m=139843768401936&w=2
'[security bulletin] HPSBMU03023 rev.1 - HP BladeSystem c-Class Virtual Connect Support Utility (VCSU' - MARCMailing List;Third Party Advisory
-
http://www.blackberry.com/btsc/KB35882
Broken Link
-
http://seclists.org/fulldisclosure/2014/Apr/109
Full Disclosure: Re: heartbleed OpenSSL bug CVE-2014-0160Mailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=140015787404650&w=2
'[security bulletin] HPSBMU03040 rev.1 - HP LoadRunner & HP Performance Center, running OpenSSL, Remo' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139808058921905&w=2
'[security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running ' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139758572430452&w=2
'[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of' - MARCMailing List;Third Party Advisory
-
http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/
Chef Server Heartbleed (CVE-2014-0160) Releases - Chef BlogThird Party Advisory
-
http://www.securitytracker.com/id/1030082
Cisco IOS XE OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2014-0378.html
RHSA-2014:0378 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2165-1
USN-2165-1: OpenSSL vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.splunk.com/view/SP-CAAAMB3
Splunk 6.0.3 addresses two vulnerabilities - April 10, 2014 | SplunkThird Party Advisory
-
http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf
Not Applicable
-
http://advisories.mageia.org/MGASA-2014-0165.html
Mageia Advisory: MGASA-2014-0165 - Updated openssl package fix two security vulnerabilitiesThird Party Advisory
-
http://www.debian.org/security/2014/dsa-2896
Debian -- Security Information -- DSA-2896-1 opensslMailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2014/Apr/190
Full Disclosure: Re: heartbleed OpenSSL bug CVE-2014-0160Mailing List;Third Party Advisory
-
http://heartbleed.com/
Heartbleed BugThird Party Advisory
-
http://marc.info/?l=bugtraq&m=139757726426985&w=2
'[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running Op' - MARCMailing List;Third Party Advisory
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00
Symantec Messaging Gateway 10.6.x ACE Library Static Link to Vulnerable SSL VersionThird Party Advisory
-
http://marc.info/?l=bugtraq&m=139757819327350&w=2
'[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux' - MARCMailing List;Third Party Advisory
-
https://gist.github.com/chapmajs/10473815
Check your system rubies for vulnerable OpenSSL (CVE-2014-0160 "Heartbleed") · GitHubExploit
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilitiesMailing List;Third Party Advisory
-
http://www.kerio.com/support/kerio-control/release-history
Kerio Control small business firewallBroken Link;Third Party Advisory
-
http://www.securitytracker.com/id/1030081
Cisco Mobility Services Engine OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661
IBM Security Bulletin: IBM DS8870 Release 7.2 is affected by an additional vulnerability in OpenSSL (CVE-2014-0160)Third Party Advisory
-
http://secunia.com/advisories/59139
Sign inBroken Link;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139869720529462&w=2
'[security bulletin] HPSBMU03025 rev.1 - HP Diagnostics running OpenSSL, Remote Disclosure of Informa' - MARCMailing List;Third Party Advisory
-
http://secunia.com/advisories/59347
Sign inBroken Link;Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html
[SECURITY] Fedora 19 Update: openssl-1.0.1e-37.fc19.1Broken Link;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139836085512508&w=2
'[security bulletin] HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repositor' - MARCMailing List;Third Party Advisory
-
http://www.f-secure.com/en/web/labs_global/fsc-2014-1
FSC-2014-1 | F-SecureBroken Link;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139869891830365&w=2
'[security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running Op' - MARCMailing List;Third Party Advisory
-
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
KB Article | Forcepoint SupportBroken Link
-
http://secunia.com/advisories/57347
Sign inBroken Link;Third Party Advisory
-
http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/
OpenSSL ‘heartbleed’ bug live blog – Fox-IT International blogIssue Tracking;Third Party Advisory
-
http://secunia.com/advisories/57483
Sign inBroken Link;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=140075368411126&w=2
'[security bulletin] HPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote Disclos' - MARCMailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2014/Apr/91
Full Disclosure: Re: heartbleed OpenSSL bug CVE-2014-0160Mailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1084875
1084875 – (CVE-2014-0160, Heartbleed) CVE-2014-0160 openssl: information disclosure in handling of TLS heartbeat extension packetsIssue Tracking;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-0396.html
RHSA-2014:0396 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3
404 Not FoundBroken Link
-
https://www.cert.fi/en/reports/2014/vulnerability788210.html
Etusivu | KyberturvallisuuskeskusNot Applicable;Third Party Advisory
-
http://secunia.com/advisories/57836
Sign inBroken Link;Third Party Advisory
-
http://seclists.org/fulldisclosure/2014/Apr/90
Full Disclosure: heartbleed OpenSSL bug CVE-2014-0160Mailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/ - Pony MailMailing List;Patch;Third Party Advisory
-
https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf
Third Party Advisory
-
https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html
#Heartbleed; The hearts continue to bleed... ~ Skull ArmyExploit;Permissions Required;Third Party Advisory
-
http://support.citrix.com/article/CTX140605
CVE-2014-0160 - Citrix Security Advisory for the Heartbleed vulnerabilityThird Party Advisory
-
https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E
Apache Mail ArchivesMailing List;Patch;Third Party Advisory
-
http://cogentdatahub.com/ReleaseNotes.html
Release Notes | Cogent DataHubRelease Notes
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocusBroken Link;Not Applicable;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html
openSUSE-SU-2014:0560-1: moderate: update for opensslMailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2014/Apr/173
Full Disclosure: MRI Rubies may contain statically linked, vulnerable OpenSSLMailing List;Third Party Advisory
-
https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd
RICON Industrial Cellular Router Heartbleed Attack - Yunus Şahin - MediumBroken Link;Exploit;Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
IBM Tivoli Composite Application Manager for Transactions Internet Service Monitoring 7.3.0.1 Interim Fix 29 README Tivoli Composite Application Manager for Transactions 7.3.0.1 7.3.0.1-TIV-CAMIS-IF00Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139905243827825&w=2
'[security bulletin] HPSBMU03028 rev.1 - HP Matrix Operating Environment and CloudSystem Matrix Softw' - MARCMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html
[security-announce] SUSE Security Announcement: openssl "HeartBleed" attMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139905405728262&w=2
'[security bulletin] HPSBMU03032 rev.1 - HP Virtual Connect Firmware Smart Components Installer Softw' - MARCMailing List;Third Party Advisory
-
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217
Third Party Advisory
-
https://filezilla-project.org/versions.php?type=server
FileZilla - Version historyRelease Notes
-
http://marc.info/?l=bugtraq&m=139757919027752&w=2
'[security bulletin] HPSBMU02997 rev.1 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclo' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139765756720506&w=2
'[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software),' - MARCMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/66690
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure VulnerabilitiesBroken Link;Third Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=139722163017074&w=2
'[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139889113431619&w=2
'[security bulletin] HPSBMU03024 rev.1 - HP Insight Control Server Deployment on Linux and Windows ru' - MARCMailing List;Third Party Advisory
-
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008
Mitel Product Security Advisory 17-0008Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139835844111589&w=2
'[security bulletin] HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Prin' - MARCMailing List;Third Party Advisory
-
http://www.exploit-db.com/exploits/32745
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure - Multiple remote ExploitExploit;Third Party Advisory;VDB Entry
-
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160
OpenSSL bug CVE-2014-0160 | Tor BlogIssue Tracking
-
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
Apache Mail ArchivesMailing List;Patch;Third Party Advisory
-
http://secunia.com/advisories/59243
Sign inBroken Link;Third Party Advisory
-
http://www.kb.cert.org/vuls/id/720951
VU#720951 - OpenSSL TLS heartbeat extension read overflow discloses sensitive informationThird Party Advisory;US Government Resource
-
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3
git.openssl.org Git - openssl.git/commitPatch;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=139774054614965&w=2
'[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerabil' - MARCMailing List;Third Party Advisory
-
http://secunia.com/advisories/57966
Sign inBroken Link;Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
mandriva.comBroken Link;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139905295427946&w=2
'[security bulletin] HPSBMU03033 rev.1 - HP Insight Control Software Components running OpenSSL, Remo' - MARCMailing List;Third Party Advisory
-
https://code.google.com/p/mod-spdy/issues/detail?id=85
Google Code Archive - Long-term storage for Google Code Project Hosting.Issue Tracking
-
http://marc.info/?l=bugtraq&m=139774703817488&w=2
'[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerab' - MARCMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1030026
OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=139905868529690&w=2
'[security bulletin] HPSBST03027 rev.1 - HP StoreVirtual 4000 Storage and HP P4000 G2 Storage using H' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139842151128341&w=2
'[security bulletin] HPSBST03016 rev.1 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP M' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=142660345230545&w=2
'[security bulletin] HPSBHF03293 rev.1 - HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139833395230364&w=2
'[security bulletin] HPSBGN03011 rev.1 - HP IceWall MCRP running OpenSSL on Red Hat Enterprise Linux ' - MARCMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1030080
WebEx Meetings Server OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
Apache Mail ArchivesMailing List;Patch;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139905202427693&w=2
'[security bulletin] HPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL, Remote ' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139905458328378&w=2
'[security bulletin] HPSBMU03009 rev.2 - HP CloudSystem Foundation and Enterprise Software v8.0 runni' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=139817685517037&w=2
'[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running ' - MARCMailing List;Third Party Advisory
-
http://secunia.com/advisories/57721
Sign inBroken Link;Third Party Advisory
-
http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/
Enterprise Chef 1.4.9 Release - Chef BlogRelease Notes
-
http://www.securitytracker.com/id/1030074
BlackBerry Link OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://www.us-cert.gov/ncas/alerts/TA14-098A
OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160) | CISAThird Party Advisory;US Government Resource
Jump to