what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 111 RSS Feed

CVE-2014-3566

Status Candidate

Overview

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Related Files

HP Security Bulletin HPSBGN03251 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03251 1 - A potential security vulnerability has been identified with HP Storage Essentials running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 10af1ed449f81c7e58c6aeb307faadea54c58656e074d67d774a15052f1b4da1
HP Security Bulletin HPSBGN03252 1
Posted Feb 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03252 1 - A potential security vulnerability has been identified with HP AppPulse Active running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 38b0dffb711e0c8c8f9f1aa7b945de86485ecfefe051984c12cfe06dc70da2a1
HP Security Bulletin HPSBGN03254 1
Posted Feb 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03254 1 - A potential security vulnerability has been identified with HP Service Health Analyzer running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 1a97f1ae112e6c9382a8b377252fbc93c3cade49087ca7c2d6a3ec73587df88a
HP Security Bulletin HPSBGN03253 1
Posted Feb 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03253 1 - A potential security vulnerability has been identified with HP Business Process Insight (BPI) running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 6d6df7b99c9e876ede2c843534de2d38344647a7b12f2919ec5fa1c818477a70
HP Security Bulletin HPSBGN03237 1
Posted Feb 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03237 1 - A potential security vulnerability has been identified with HP Insight Remote Support v7 Clients running SSLv3 which may affect WBEM, WS-MAN and WMI connections from monitored devices to an HP Insight Remote Support Hosting Device, such as an HP Insight Remote Support Central Management Server (CMS). This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. HP Insight Remote Support 7.2 allows the Hosting Device administrator to disable SSLv3 ciphers. Some monitored devices may require an update to support TLS encryption, while others may not support TLS encryption at all. Disabling SSLv3 on the hosting device can result in loss of communication with such monitored devices. HP has provided the ability to address POODLE in the Insight Remote Support 7.2 release, but disabling SSLv3 requires the Hosting Device administrator to take specific actions to address this vulnerability. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2014-3566
SHA-256 | 635b4eda7e6f2983a2007a9cf80363f0aca06739e35f7cce1e50e4a69b33592e
Debian Security Advisory 3144-1
Posted Jan 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3144-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 622b1ffb514cee356dcd2ec27f28c7e4b1b32a3f20afd883039207989ce539b0
Debian Security Advisory 3147-1
Posted Jan 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3147-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 8f72aaccb477a21c98ab72ae6ecbad94d77750711480b0a4c5c4c91781281f8c
Ubuntu Security Notice USN-2487-1
Posted Jan 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2487-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413
SHA-256 | 977618fcde6fb14bb9e08695cbf23c0db9631a6d42f7460996b7515dc431b25b
VMware Security Advisory 2015-0001
Posted Jan 28, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0001 - VMware vCenter Server, ESXi, Workstation, Player and Fusion address several security issues.

tags | advisory
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-3660, CVE-2014-8370, CVE-2015-1043, CVE-2015-1044
SHA-256 | 55fa1873d70654ee0597f3da9f1f88c2593c4ac47e45f3deaf0add63c4c2cd33
Apple Security Advisory 2015-01-27-4
Posted Jan 28, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-01-27-4 - OS X 10.10.2 and Security Update 2015-001 are now available and address information disclosure, arbitrary code execution, cache clearing, integer overflow, and various other vulnerabilities.

tags | advisory, overflow, arbitrary, vulnerability, code execution, info disclosure
systems | apple, osx
advisories | CVE-2011-2391, CVE-2014-1595, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-4371, CVE-2014-4389, CVE-2014-4419, CVE-2014-4420, CVE-2014-4421, CVE-2014-4426, CVE-2014-4460, CVE-2014-4461, CVE-2014-4481, CVE-2014-4483, CVE-2014-4484, CVE-2014-4485, CVE-2014-4486, CVE-2014-4487, CVE-2014-4488, CVE-2014-4489, CVE-2014-4491, CVE-2014-4492, CVE-2014-4495, CVE-2014-4497, CVE-2014-4498, CVE-2014-4499, CVE-2014-6277
SHA-256 | 434e3bbf065d6ff22de4e7b85d71ce11a7811880de29f04e6a58af05a3e46a97
Ubuntu Security Notice USN-2486-1
Posted Jan 28, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2486-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 0a3efc41f8c988a1d04f15b23eb0e08c026c2987dda7ba586d9c7cc4ee33cb55
Red Hat Security Advisory 2015-0086-01
Posted Jan 26, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0086-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | dead1b3b1fba918b83ecc1af4234404aa37f612523329e03a7a2b4e54d56bf20
Red Hat Security Advisory 2015-0085-01
Posted Jan 26, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0085-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 9cfcff776e85830e9ada144d025c8cde0c197d9b737030ca9a57adf44c214b74
Red Hat Security Advisory 2015-0079-01
Posted Jan 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0079-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413
SHA-256 | 1e4eb67838f3d02b116ae14de77f7b06c75e052a30e2411763c237dc29b21ad6
Red Hat Security Advisory 2015-0080-01
Posted Jan 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0080-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2014-3566, CVE-2014-6549, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413, CVE-2015-0421, CVE-2015-0437
SHA-256 | 15087d6179c42125f49eacdd2d3db0d4acdfa841b070da99a6f33bd8dbd2c82f
Red Hat Security Advisory 2015-0067-01
Posted Jan 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0067-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 9bed3faf7e1e42e67e8121e6d47f976e763603a39292c4940797b9d5e8a48fc2
Red Hat Security Advisory 2015-0069-01
Posted Jan 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0069-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2014-3566, CVE-2014-6549, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0437
SHA-256 | 5ff8d2615b49aa68191f67efff8d0b990e75eb442be30e9d8571a4531c27797e
Red Hat Security Advisory 2015-0068-01
Posted Jan 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0068-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | e25b209100a8178e4b52abff2325cd38a3a19ddfbe4661f42428af0ff4a622ec
HP Security Bulletin HPSBGN03233 1
Posted Jan 14, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03233 1 - Potential security vulnerabilities have been identified with HP OneView running OpenSSL and Bash Shell. These vulnerabilities (POODLE and Shellshock) could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, shell, vulnerability, bash
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 4b877dbe7e357236881b287abc3a3f36c78913bccdc7212120a575f1c5a5650e
HP Security Bulletin HPSBOV03227
Posted Jan 12, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03227 - Potential security vulnerabilities have been identified with HP SSL for OpenVMS. These vulnerabilities could be remotely exploited to create a remote disclosure of information, Denial of Service, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2014-3556, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568
SHA-256 | 388383b2c3d37ee3b91f78f91d186afc077b8a7f693178ebf43e1ddcc4d0db88
HP Security Bulletin HPSBMU03221 1
Posted Dec 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03221 1 - A potential security vulnerability has been identified with HP Connect-IT running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | a5a316af30fef5696f01590dd214abf39ac31a70bef1f5857658e50c91583c8e
HP Security Bulletin HPSBUX03162 SSRT101767 3
Posted Dec 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03162 SSRT101767 3 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or a man-in-the-middle (MitM) attack. This is the SSLv3 vulnerability known as "Padding Oracle On Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely to allow disclosure of information. Revision 3 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-3566, CVE-2014-3567, CVE-2014-3568
SHA-256 | ac73ab793d3e143cbf0d6f6b0e608c4518b82d95afb0fd03bef55139f7c4359f
HP Security Bulletin HPSBGN03208 1
Posted Dec 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03208 1 - A potential security vulnerability has been identified with HP Cloud Service Automation running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 27f37afb1036f5c5d4bb6b486468b8c08347f3df32c493091b0e0391eaab9061
HP Security Bulletin HPSBGN03222 1
Posted Dec 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03222 1 - A potential security vulnerability has been identified with HP Enterprise Maps running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | f18daf6c0c99a853a512a72f0ccc9a7ec88c30820920cee167b136d92412be40
HP Security Bulletin HPSBGN03205 1
Posted Dec 5, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03205 1 - A potential security vulnerability has been identified with HP Insight Remote Support Clients running SSLv3 which may impact WBEM, WS-MAN and WMI connections from monitored devices to a HP Insight Remote Support Central Management Server (CMS). This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. SSLv3 is enabled by default in all version 5 HP Insight Remote Support Clients. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2014-3566
SHA-256 | 759b4cf70cdf55e2f6b5d1c8a665cb2c28dace386b3fec0c198ca6114f44878b
Page 3 of 5
Back12345Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close