accept no compromises
Showing 1 - 25 of 115 RSS Feed

CVE-2014-0160

Status Candidate

Overview

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

Related Files

Heartbleed Vulnerability Scanning Tool
Posted Sep 24, 2015
Authored by hybridus

This python script checks for the OpenSSL memory leak named Heartbleed and as noted in CVE-2014-0160. It can be used for different SSL TLS versions and multiple (HTTPS/SMTP/IMAP/POP3) protocols. It is optimized for mass scans.

tags | tool, web, scanner, imap, protocol, memory leak, python
systems | unix
advisories | CVE-2014-0160
MD5 | b1db07ac7b0e8d6d76ddabdff37f79c6
Mandriva Linux Security Advisory 2015-062
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-062 - Multiple vulnerabilities has been discovered and corrected in openssl. The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0160, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293
MD5 | 9412decee50df63b317420ad5180fc9f
HP Security Bulletin HPSBHF03293
Posted Mar 18, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03293 1 - Potential security vulnerabilities have been identified with HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash including heartbleed, padding oracle, and shellshock issues. Revision 1 of this advisory.

tags | advisory, vulnerability, bash
advisories | CVE-2009-3555, CVE-2014-0160, CVE-2014-0195, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-3566, CVE-2014-5139
MD5 | 2dc875ac3e85c020efbbad0374960f27
Gentoo Linux Security Advisory 201412-11
Posted Dec 12, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-11 - Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code. Versions prior to 20140406-r1 are affected.

tags | advisory, remote, arbitrary, x86, vulnerability
systems | linux, gentoo
advisories | CVE-2007-0720, CVE-2007-1536, CVE-2007-2026, CVE-2007-2445, CVE-2007-2741, CVE-2007-3108, CVE-2007-4995, CVE-2007-5116, CVE-2007-5135, CVE-2007-5266, CVE-2007-5268, CVE-2007-5269, CVE-2007-5849, CVE-2010-1205, CVE-2013-0338, CVE-2013-0339, CVE-2013-1664, CVE-2013-1969, CVE-2013-2877, CVE-2014-0160
MD5 | 79d42811d0d77f411edfda4a318d5bb6
HP Security Bulletin HPSBHF03136
Posted Oct 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03136 - A potential security vulnerability has been identified with HP TippingPoint NGFW running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 830e5a5fdbc46dcad2fbc649f0507ced
HP Security Bulletin HPSBMU03037 2
Posted Aug 5, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03037 2 - A potential security vulnerability has been identified with HP Multimedia Service Environment (MSE), formerly known as HP Network Interactive Voice Response (NIVR). This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | d47e3fe0774632debc74e6d198383237
HP Security Bulletin HPSBST03000 4
Posted Jun 30, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03000 4 - A potential security vulnerability has been identified with HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 4 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | e6542a96113ae0479b84ab7aa056ba62
HP Security Bulletin HPSBST03016 4
Posted Jun 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03016 4 - A potential security vulnerability has been identified in HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL.This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 4 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | fec86b5d13c5b9495398673bd15c840d
Mandriva Linux Security Advisory 2014-123
Posted Jun 12, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-123 - Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for relay identity keys and hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2013-7295, CVE-2014-0160
MD5 | 6fe7f133cb56a9958b9c86a2d7d60ff9
HP Security Bulletin HPSBMU03024 3
Posted Jun 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03024 3 - A potential security vulnerability has been identified with HP System Management Homepage (SMH) running on Linux and Windows and HP Systems Insight Manager (SIM), components of HP Insight Control server deployment. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Insight Control server deployment packages HP System Management Homepage (SMH) and HP Systems Insight Manager (SIM) and can deploy them through the below list of items. This bulletin will give you the information needed to update your HP Insight Control server deployment solution. Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Revision 3 of this advisory.

tags | advisory, x86
systems | linux, windows
advisories | CVE-2014-0160
MD5 | cdecaa885087593875325ed98ae6ddb2
HP Security Bulletin HPSBMU03029 2
Posted Jun 5, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03029 2 - A potential security vulnerability has been identified with HP Insight Control server migration running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 8d962b59a1dfbffbe521947f9da544ae
HP Security Bulletin HPSBMU03033 3
Posted Jun 5, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03033 3 - A potential security vulnerability has been identified with HP Insight Control software components running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 811f14301871011e7c03371c22a4bc02
HP Security Bulletin HPSBMU03028 2
Posted Jun 5, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03028 2 - A potential security vulnerability has been identified with HP Matrix Operating Environment and HP CloudSystem Matrix software components running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | b296346172026d2e9e7dd2f82236ec13
HP Security Bulletin HPSBMU03009 3
Posted May 24, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03009 3 - A potential security vulnerability has been identified with HP CloudSystem Foundation and HP CloudSystem Enterprise software running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | f3f1f716324965daf2b5f7ccfdd6421a
HP Security Bulletin HPSBMU03025 2
Posted May 23, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03025 2 - A potential security vulnerability has been identified in HP Diagnostics running OpenSSL. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. NOTE: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL cryptographic software library. This weakness potentially allows disclosure of information that is normally protected by the SSL/TLS protocol. The impacted products in the list below are vulnerable due to embedding OpenSSL standard release software. Revision 2 of this advisory.

tags | advisory, protocol
advisories | CVE-2014-0160
MD5 | 3dbb6dfd9748a9e1e6cf513c9ef5780c
HP Security Bulletin HPSBMU02995 8
Posted May 23, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02995 8 - The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. Note: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL product cryptographic software library product. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. The impacted products appear in the list below are vulnerable due to embedding OpenSSL standard release software. Revision 8 of this advisory.

tags | advisory, protocol
advisories | CVE-2014-0160
MD5 | 139c4a04e7245c881651c01cc8f73940
HP Security Bulletin HPSBMU03044
Posted May 22, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03044 - A potential security vulnerability has been identified with HP Business Process Monitor running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 2c959391daec754059041f441e2b4434
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20140520
Posted May 21, 2014
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: This release updates tor to version 0.2.4.22, the kernel to 3.14.4 plus Gentoo's hardened-patches, and openssh to 6.6p1. The bump in tor adds an important block to authority signing keys that were used on authorities vulnerable to the "heartbleed" bug in OpenSSL, CVE-2014-0160. The bump in the kernel addresses the pty layer race condition memory corruption, CVE-2014-0196. Upgrading is strongly recommended.
tags | tool, kernel, peer2peer
systems | linux
advisories | CVE-2014-0160, CVE-2014-0196
MD5 | 530be58574231832910eb9aa19272f43
HP Security Bulletin HPSBMU03022 3
Posted May 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03022 3 - A potential security vulnerability has been identified with HP Systems Insight Management (SIM) bundled software running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. The HP SIM software itself is not vulnerable to CVE-2014-0160 ("Heartbleed"). However, the software components bundled with HP SIM are impacted and should be addressed if installed. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 948d62c4fc39496f442f36a2152d1d65
CA Technologies OpenSSL Heartbleed Issue
Posted May 19, 2014
Authored by Ken Williams | Site www3.ca.com

CA Technologies is investigating an OpenSSL vulnerability, referred to as the "Heartbleed bug" that was publicly disclosed on April 7, 2014. CA Technologies has confirmed that the majority of their product portfolio is unaffected. There are, however, several products that used vulnerable versions of OpenSSL 1.0.1 and consequently may be affected.

tags | advisory
advisories | CVE-2014-0160
MD5 | 5453ebf6434f2580ae667067a9affb2e
HP Security Bulletin HPSBMU02995 7
Posted May 16, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02995 7 - The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. Note: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL product cryptographic software library product. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. Revision 7 of this advisory.

tags | advisory, protocol
advisories | CVE-2014-0160
MD5 | f52eaa8fc4f9497852794236ac8a207f
HP Security Bulletin HPSBMU03040
Posted May 16, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03040 - A potential security vulnerability has been identified with HP LoadRunner and HP Performance Center running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | dc4c7549bab08ea1bd703bcc6910c92d
HP Security Bulletin HPSBMU03022 2
Posted May 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03022 2 - A potential security vulnerability has been identified with HP Systems Insight Management (SIM) bundled software running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. The HP SIM software itself is not vulnerable to CVE-2014-0160 ("Heartbleed"). However, the software components bundled with HP SIM are impacted and should be addressed if installed. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 01e3feb5a97d4621279b5f06eea117b4
HP Security Bulletin HPSBMU02998 4
Posted May 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02998 4 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Also included is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 4 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux, windows
advisories | CVE-2013-4353, CVE-2013-6449, CVE-2013-6450, CVE-2014-0160
MD5 | 676682c7b3444cd10fb1f2de91bdafe1
HP Security Bulletin HPSBPI03031 2
Posted May 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI03031 2 - A potential security vulnerability has been identified in HP Officejet Pro X printers and in certain Officejet Pro printers running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" (CVE-2014-0160) which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 7e695884761f6d5b52a7d5bf9b7b06b7
Page 1 of 5
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close