HP Security Bulletin HPSBMU03078 - A potential security vulnerability has been identified with HP CloudSystem Foundation and HP CloudSystem Enterprise software running OpenSSL. This vulnerability could be exploited remotely resulting in unauthorized access or disclosure of information. Revision 1 of this advisory.
5d6e7f71334eb28a670d0f277f242ae20b0a2096b54f07c19dcf6c90772314f2
Gentoo Linux Security Advisory 201407-5 - Multiple vulnerabilities have been found in OpenSSL, possibly allowing remote attackers to execute arbitrary code. Versions less than 1.0.1h-r1 are affected.
058715fbe6887e5fa7531493f741e2281a8b6fbd10beffa54560903e427c61b1
HP Security Bulletin HPSBMU03076 - Potential security vulnerabilities have been identified with HP Systems Insight Manager running on Linux and Windows which could be exploited remotely resulting in multiple vulnerabilities. Revision 1 of this advisory.
9b97ca3342a8fe043d011e3fbc87f0bef6c8bf5869678631e38d1bc64e95c33b
HP Security Bulletin HPSBMU03074 - Potential security vulnerabilities have been identified with HP Insight Control server migration running on Linux and Windows which could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information. Revision 1 of this advisory.
1a4d710e9dd7291eeed8fb57906255564db16e374b955cf64cee067d9ffb017e
HP Security Bulletin HPSBMU03071 - A potential security vulnerability has been identified with HP Autonomy IDOL. The vulnerability could be exploited to allow remote unauthorized access and disclosure of information. This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by the OpenSSL vulnerabilities Note: OpenSSL vulnerabilities are vulnerabilities found in the OpenSSL product cryptographic software library product. This weakness potentially allows a Man in the Middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The impacted products appear in the list below are vulnerable due to embedding of OpenSSL standard release software. Revision 1 of this advisory.
86619643aa775eaaacbbc1c6a59da6f702723064b8ca9f8ae9e57ae203856bb1
HP Security Bulletin HPSBGN03068 - Potential security vulnerabilities have been identified with HP OneView running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or disclose information. Revision 1 of this advisory.
9f946d69e9ae40c2b4951e6887030d834e2b618227253bcf06f848fb7f7f8e75
HP Security Bulletin HPSBMU03070 - A potential security vulnerability has been identified with HP Cloud Service Automation. The vulnerability could be exploited to allow unauthorized access and disclosure of information This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by the OpenSSL vulnerability. Revision 1 of this advisory.
1fafbd8fecbed0cec79bbf1a7c32ac6975fed0069dc7592805beeacca7c6f792
HP Security Bulletin HPSBMU03065 - A potential security vulnerability has been identified with HP Operations Analytics. The vulnerability could be exploited to allow remote code execution, denial of service (DoS) and disclosure of information. This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by the OpenSSL vulnerabilities Note: OpenSSL vulnerabilities, are vulnerabilities found in the OpenSSL product cryptographic software library product. This weakness potentially allows Man in the Middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The impacted products appear in the list below are vulnerable due to embedding of OpenSSL standard release software. Revision 1 of this advisory.
61e271b9ce8005a1f9df6d96082ae4e049ecb5577e074803053664478dc03fa4
HP Security Bulletin HPSBGN03050 - Potential security vulnerabilities have been identified with HP IceWall SSO Dfw and HP IceWall MCRP running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
9842436300db478ec8d27f3b8423dc7d10b75ee1f6ad9db17647d95a1f9ff8a2
HP Security Bulletin HPSBMU03051 2 - Potential security vulnerabilities have been identified with HP System Management Homepage running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 2 of this advisory.
a8b4016c09a06b99a77961252874991fb1d5f4b7f94d12df1115b2d59481596b
HP Security Bulletin HPSBMU03055 - Potential security vulnerabilities have been identified with HP Smart Update Manager (HP SUM) running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
02b0a1928a87117f1fa493f08a54b1d05eabf305e668a1cba7e4dd009b30814a
HP Security Bulletin HPSBMU03056 - Potential security vulnerabilities have been identified with HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
b614877919ffd8acdaa97393db4294d3cac0f62dcd1d3c07cbb31e1f020b0139
HP Security Bulletin HPSBMU03057 - Potential security vulnerabilities have been identified with HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
d2900fe18279864e2d174ab252466414338a67aafa6110a5ff22a7ed7b064f41
HP Security Bulletin HPSBMU03058 - A potential security vulnerability has been identified with HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL. This vulnerability could be exploited remotely to allow the disclosure of information. Revision 1 of this advisory.
5a8ab459e9c0801f07c313e0141eb38d3964109dce9b296244e7e197b23ecbc0
HP Security Bulletin HPSBMU03053 - A potential security vulnerability has been identified with HP Software Database and Middleware Automation (DMA). This vulnerability could be exploited remotely to allow unauthorized access or disclosure of information. Revision 1 of this advisory.
1810640be47e84480c50a8e56837d65eeec140c4910ff22cb30526ada4f2e835
HP Security Bulletin HPSBMU03051 - Potential security vulnerabilities have been identified with HP System Management Homepage running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
385e5e6edf1d7ef7bbc8050d651def4d345aba8a057fa2b355d6c87431ead849
HP Security Bulletin HPSBHF03052 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC), HP Network Products including 3COM and H3C routers and switches running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information. Revision 1 of this advisory.
b47b3c7f4ac3559bddf86c59b1503433af2a0bfc437cd35375d3a4fc1b150437
Ubuntu Security Notice 2232-3 - USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem.
cc6733f4fffea0f3b6869064e684111e12bbecad4854424c42c0407cf80705b2
HP Security Bulletin HPSBOV03047 - Potential security vulnerabilities have been identified with HP OpenVMS running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
e545961d2486992ac5cd08c4a4d901c108cc777140b0a87c47be2e344c642f8a
HP Security Bulletin HPSBUX03046 SSRT101590 2 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, bypass security restrictions, disclose information, or allow unauthorized access. Revision 2 of this advisory.
82b711db58c11d9acdbe01d1244f27e7cce6fb0f760c5bd171d01059147203d5
Debian Linux Security Advisory 2950-2 - This update updates the upstream fix for CVE-2014-0224 to address problems with CCS which could result in problems with the Postgres database.
f151f5f5f15dae8af04e0f433f6ad6ef33c50c6d4e2928146538a0f0cb46b400
HP Security Bulletin HPSBUX03046 SSRT101590 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, bypass security restrictions, disclose information, or allow unauthorized access. Revision 1 of this advisory.
d75f304dc6572576f762b5741032d4dc9efdd2bc7c88b604e7c4c29467b6abe9
Ubuntu Security Notice 2232-2 - USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use tls_session_secret_cb, such as wpa_supplicant. This update fixes the problem.
d49b4026ed9759b0d6b4bb639439c57eca0db6792111a2adef6eb775ea9133f0
VMware Security Advisory 2014-0006 - VMware product updates address OpenSSL security vulnerabilities.
e32f3b5a005455ef9b833d1324278466b8f0efab24e79651b63fe8563d8dd79c
Red Hat Security Advisory 2014-0679-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL.
a8d4089140a1c66f2437687b323ab374e31f8637c84458203fd269e677d1bf6b