| 兩邊的前次修訂版前次修改
下次修改 | 前次修改
|
| cve:cve-2014-0160 [2014/04/11 06:57] – jal | cve:cve-2014-0160 [2014/04/17 11:18] (目前版本) – jal |
|---|
| | ====== CVE-2014-0160 OpenSSL Heartbleed Vulnerability====== |
| | |
| | ===== About Networking Vendors ===== |
| | ^ Vendor ^ Affected ^ Announcement ^ Announce Date ^ |
| | | A10 | None |[[https://www.a10networks.com/vadc/index.php/a10-products-not-vulnerable-to-openssl-cve-2014-0160-heartbleed/|External link at A10]] | 2014-04-09 | |
| | | Arbor Networks | None | [[https://arbor.custhelp.com/app/answers/detail/a_id/2320/kw/2320|Internal Field Notification Only (login required)]] | 2014-04-15 | |
| | | Aruba Networks | Few Version | [[http://www.arubanetworks.com/support/alerts/aid-040814.asc|External Document at Aruba Alert]] | 2014-04-08 | |
| | | BlueCoat | Few Version & Platform | [[https://kb.bluecoat.com/index?page=content&id=SA79&actp=LIST|External link at BlueCoat KB]] | 2014-04-09 | |
| | | Brocade | None | [[http://community.brocade.com/t5/Campus-Networks/Brocade-Products-and-Website-NOT-Affected-by-Heartbleed/ba-p/59450|External link at Brocade]] | 2014-04-16 | |
| | | CheckPoint | Verifing... | [[https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100173|External link at CheckPoint]] | 2014-04-08 | |
| | | Cisco | Verifing... | [[http://www.cisco.com/web/about/security/intelligence/ERP-Heartbleed.html|External link at Cisco]] | 2014-04-09 | |
| | | Dlink | Being Confirmed… | | | |
| | | Enterasys (Part of Extreme) | Being Confirmed… | | | |
| | | Extreme Networks | Few Products | [[https://community.extremenetworks.com/extreme/topics/response_to_heartbleed_cve_2014_0160_openssl_vulnerability_article_id_16130/|External link at Extreme]] | 2014-04-14 | |
| | | F5 | Few Version | [[http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html|External link at F5]] [[https://devcentral.f5.com/articles/ssl-heartbleed-irule-update#.U0btTle1Yeo|Detect Attack iRule]] | 2014-04-08 | |
| | | FireEye | Few Product | [[http://www.fireeye.com/support/support-notices.html|External link at FireEye]] | 2014-04-16 | |
| | | Fortinet | Few Version & Platform | [[http://www.fortiguard.com/advisory/FG-IR-14-011/|External link at FortiGuard]] | 2014-04-08 | |
| | | iMPERVA | Only v10.5 | [[https://www.imperva.com/sign_in.asp?retURL=/articles/Reference/CVE-2014-0160-OpenSSL-HeartBleed-Vulnerability| External link at iMPERVA (login required)]] | 2014-04-11 | |
| | | Juniper | Multi Platform :!: | [[http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10623&actp=SUBSCRIPTION|External link at Juniper KB]] | 2014-04-08 | |
| | | McAfee | Multi Products | [[https://kc.mcafee.com/corporate/index?page=content&id=SB10071|External link at McAfee]] | 2014-04-08 | |
| | | NetAxle | None | [[http://www.netaxle.com.tw/|External link at NetAxle]] | -- | |
| | | Palo Alto | None | [[http://researchcenter.paloaltonetworks.com/2014/04/palo-alto-networks-addresses-heartbleed-vulnerability-cve-2014-0160/|External link at Palo Alto]] | 2014-04-09 | |
| | | Ruckus Wireless | Only "Smart Cell Gateway" | [[http://www.ruckuswireless.com/security| External link at Ruckus Security]] | 2014-04-14 | |
| | | Sophers | Few Version | [[http://blogs.sophos.com/2014/04/08/important-note-openssl-vulnerability-cve-2014-0160-in-sophos-utm/|External link at Sophers]] | 2014-04-08 | |
| | | Sourcefire (Part of Cisco) | | Check Cisco | | |
| | | Splunk | Few Version | [[http://answers.splunk.com/answers/130943/openssl-security-bug| External link at Splunk Answers ]] | 2014-04-09 | |
| | | TippingPoint | None | [[https://tmc.tippingpoint.com/TMC/library/announcements/heartbleed_openssl_vulnerability.pdf|PDF at TMC]] | 2014-04-09 | |
| | | VMware | Multi Version :!: | [[http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2076225|External link at VMware KB]] | 2014-04-09 | |
| | | Websense | Few Version | [[http://www.websense.com/support/article/kbarticle/Heartbleed-OpenSSL-Vulnerability|External link at Websense ]] | 2014-04-09 | |
| | |
| | ===== Best Practices ===== |
| | * Upgrade if possible (if not, then disable heartbeats) |
| | * Revoke all current keys and replace them with new ones |
| | * Reissue certificate and revocation old certificate |
| | * Change any credentials that may have been loaded into memory by the vulnerable processes |
| | |
| | ===== Further Reading ===== |
| | * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160]] |
| | * [[http://devco.re/blog/2014/04/11/openssl-heartbleed-how-to-hack-how-to-protect/|OpenSSL Heartbleed 全球駭客的殺戮祭典,你參與了嗎? ]] |
| | * [[http://devco.re/blog/2014/04/09/openssl-heartbleed-CVE-2014-0160/|OpenSSL CVE-2014-0160 Heartbleed 嚴重漏洞]] |
| | * [[http://d.hatena.ne.jp/Kango/20140410/1397139257]] |
| | |
| | |
| | |
| | |
| |