cpe:/a:openssl:openssl:0.9.8zb cpe:/a:openssl:openssl:1.0.0 cpe:/a:openssl:openssl:1.0.0:beta1 cpe:/a:openssl:openssl:1.0.0:beta2 cpe:/a:openssl:openssl:1.0.0:beta3 cpe:/a:openssl:openssl:1.0.0:beta4 cpe:/a:openssl:openssl:1.0.0:beta5 cpe:/a:openssl:openssl:1.0.0a cpe:/a:openssl:openssl:1.0.0b cpe:/a:openssl:openssl:1.0.0c cpe:/a:openssl:openssl:1.0.0d cpe:/a:openssl:openssl:1.0.0e cpe:/a:openssl:openssl:1.0.0f cpe:/a:openssl:openssl:1.0.0g cpe:/a:openssl:openssl:1.0.0h cpe:/a:openssl:openssl:1.0.0i cpe:/a:openssl:openssl:1.0.0j cpe:/a:openssl:openssl:1.0.0k cpe:/a:openssl:openssl:1.0.0l cpe:/a:openssl:openssl:1.0.0m cpe:/a:openssl:openssl:1.0.0n cpe:/a:openssl:openssl:1.0.1 cpe:/a:openssl:openssl:1.0.1:beta1 cpe:/a:openssl:openssl:1.0.1:beta2 cpe:/a:openssl:openssl:1.0.1:beta3 cpe:/a:openssl:openssl:1.0.1a cpe:/a:openssl:openssl:1.0.1b cpe:/a:openssl:openssl:1.0.1c cpe:/a:openssl:openssl:1.0.1d cpe:/a:openssl:openssl:1.0.1e cpe:/a:openssl:openssl:1.0.1f cpe:/a:openssl:openssl:1.0.1g cpe:/a:openssl:openssl:1.0.1h cpe:/a:openssl:openssl:1.0.1i CVE-2014-3568 2014-10-18T21:55:13.980-04:00 2017-11-14T21:29:04.987-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2016-07-08T12:16:06.613-04:00 SECTRACK 1031053 SECUNIA 59627 SECUNIA 61058 SECUNIA 61073 SECUNIA 61130 SECUNIA 61207 SECUNIA 61819 SECUNIA 61959 SECUNIA 62030 SECUNIA 62070 SECUNIA 62124 BID 70585 APPLE APPLE-SA-2015-01-27-4 APPLE APPLE-SA-2015-09-16-2 DEBIAN DSA-3053 GENTOO GLSA-201412-39 HP HPSBHF03300 HP HPSBMU03261 HP HPSBMU03263 HP HPSBMU03267 HP HPSBMU03304 HP HPSBUX03162 NETBSD NetBSD-SA2014-015 HP SSRT101767 HP SSRT101779 HP SSRT101894 SUSE SUSE-SU-2014:1357 SUSE SUSE-SU-2014:1361 SUSE SUSE-SU-2015:0578 CONFIRM http://support.apple.com/HT204244 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21686997 CONFIRM https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6 CONFIRM https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=26a59d9b46574e457870197dffa802871b4c8fc7 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10091 CONFIRM https://support.apple.com/HT205217 CONFIRM https://support.citrix.com/article/CTX216642 CONFIRM https://www.openssl.org/news/secadv_20141015.txt SUSE openSUSE-SU-2014:1331 SUSE openSUSE-SU-2016:0640 XF openssl-cve20143568-sec-bypass(97037) OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.