cpe:/a:openssl:openssl:1.0.1 cpe:/a:openssl:openssl:1.0.1:beta1 cpe:/a:openssl:openssl:1.0.1:beta2 cpe:/a:openssl:openssl:1.0.1:beta3 cpe:/a:openssl:openssl:1.0.1a cpe:/a:openssl:openssl:1.0.1b cpe:/a:openssl:openssl:1.0.1c cpe:/a:openssl:openssl:1.0.1d cpe:/a:openssl:openssl:1.0.1e cpe:/a:openssl:openssl:1.0.1f cpe:/a:openssl:openssl:1.0.2:beta1 CVE-2014-0160 2014-04-07T18:55:03.893-04:00 2019-10-09T19:09:21.837-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SECTRACK 1030026 SECTRACK 1030074 SECTRACK 1030077 SECTRACK 1030078 SECTRACK 1030079 SECTRACK 1030080 SECTRACK 1030081 SECTRACK 1030082 FULLDISC 20140408 Re: heartbleed OpenSSL bug CVE-2014-0160 FULLDISC 20140408 heartbleed OpenSSL bug CVE-2014-0160 CISCO 20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products FULLDISC 20140409 Re: heartbleed OpenSSL bug CVE-2014-0160 FULLDISC 20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL FULLDISC 20140412 Re: heartbleed OpenSSL bug CVE-2014-0160 BUGTRAQ 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities EXPLOIT-DB 32745 EXPLOIT-DB 32764 SECUNIA 57347 SECUNIA 57483 SECUNIA 57721 SECUNIA 57836 SECUNIA 57966 SECUNIA 57968 SECUNIA 59139 SECUNIA 59243 SECUNIA 59347 BID 66690 DEBIAN DSA-2896 FEDORA FEDORA-2014-4879 FEDORA FEDORA-2014-4910 FEDORA FEDORA-2014-9308 HP HPSBGN03008 HP HPSBGN03010 HP HPSBGN03011 HP HPSBHF03021 HP HPSBHF03136 HP HPSBMU02994 HP HPSBMU02995 HP HPSBMU02997 HP HPSBMU02998 HP HPSBMU02999 HP HPSBMU03009 HP HPSBMU03012 HP HPSBMU03013 HP HPSBMU03017 HP HPSBMU03018 HP HPSBMU03019 HP HPSBMU03020 HP HPSBMU03022 HP HPSBMU03023 HP HPSBMU03024 HP HPSBMU03025 HP HPSBMU03028 HP HPSBMU03029 HP HPSBMU03030 HP HPSBMU03032 HP HPSBMU03033 HP HPSBMU03037 HP HPSBMU03040 HP HPSBMU03044 HP HPSBMU03062 HP HPSBPI03014 HP HPSBPI03031 HP HPSBST03000 HP HPSBST03001 HP HPSBST03004 HP HPSBST03015 HP HPSBST03016 HP HPSBST03027 IAVM IAVM:2012-A-0104 IAVM IAVM:2013-A-0222 IAVM IAVM:2014-A-0017 IAVM IAVM:2014-A-0019 IAVM IAVM:2014-A-0051 IAVM IAVM:2014-A-0053 IAVM IAVM:2014-A-0054 IAVM IAVM:2014-A-0055 IAVM IAVM:2014-A-0056 IAVM IAVM:2014-A-0057 IAVM IAVM:2014-A-0058 IAVM IAVM:2014-A-0062 IAVM IAVM:2014-A-0063 IAVM IAVM:2014-B-0041 IAVM IAVM:2014-B-0042 IAVM IAVM:2014-B-0046 IAVM IAVM:2014-B-0050 MANDRIVA MDVSA-2015:062 REDHAT RHSA-2014:0376 REDHAT RHSA-2014:0377 REDHAT RHSA-2014:0378 REDHAT RHSA-2014:0396 HP SSRT101846 SUSE SUSE-SA:2014:002 CERT TA14-098A UBUNTU USN-2165-1 CERT-VN VU#720951 MLIST [syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released MLIST [tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ MLIST [tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CONFIRM http://advisories.mageia.org/MGASA-2014-0165.html MISC http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ CONFIRM http://cogentdatahub.com/ReleaseNotes.html CONFIRM http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01 CONFIRM http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3 MISC http://heartbleed.com/ CONFIRM http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1 CONFIRM http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3 CONFIRM http://support.citrix.com/article/CTX140605 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=isg400001841 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=isg400001843 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21670161 CONFIRM http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf CONFIRM http://www.blackberry.com/btsc/KB35882 CONFIRM http://www.f-secure.com/en/web/labs_global/fsc-2014-1 CONFIRM http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/ CONFIRM http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/ CONFIRM http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/ CONFIRM http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/ CONFIRM http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf CONFIRM http://www.kerio.com/support/kerio-control/release-history CONFIRM http://www.openssl.org/news/secadv_20140407.txt CONFIRM http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html CONFIRM http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html CONFIRM http://www.splunk.com/view/SP-CAAAMB3 CONFIRM http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00 CONFIRM http://www.vmware.com/security/advisories/VMSA-2014-0012.html CONFIRM http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 MISC https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1084875 CONFIRM https://code.google.com/p/mod-spdy/issues/detail?id=85 CONFIRM https://filezilla-project.org/versions.php?type=server MISC https://gist.github.com/chapmajs/10473815 CONFIRM https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html CONFIRM https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217 MISC https://www.cert.fi/en/reports/2014/vulnerability788210.html CONFIRM https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008 SUSE openSUSE-SU-2014:0492 SUSE openSUSE-SU-2014:0560 The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.