這是本文件的舊版!
目錄表
CVE-2014-0160 OpenSSL Heartbleed Vulnerability
About Networking Vendors
| Vendor | Affected | Announcement |
|---|---|---|
| A10 | None | External links at A10 |
| Arbor Networks | None (Confirmed from Vendor Support Engineer) | Internal Field Notification Only… |
| Aruba Networks | Few Version | External Document at Aruba Alert |
| BlueCoat | Few Version & Platform | External links at BlueCoat KB |
| CheckPoint | Verifing… | External links at CheckPoint Support Center |
| Cisco | Verifing… | External links at Cisco |
| Extreme Networks | Only XOS15.4.1 & 15.5.1 | External links at eSupport |
| F5 | Few Version | External links at F5 Detect Attack iRule |
| FireEye | Being Confirmed… | |
| Fortinet | Few Version & Platform | External links at FortiGuard |
| iMPERVA | Only v10.5 | External links at iMPERVA (Need to login) |
| Juniper | Multi Platform  | External links at Juniper KB |
| Palo Alto | None | External links at Palo Alto |
| Ruckus Wireless | None (Confirmed from Tech Support) | Waiting… |
| Sophers | Few Version | External links at Sophers |
| Splunk | Few Version | External links at Splunk Answers |
| TippingPoint | None | PDF at TMC |
| VMware | Multi Version | External links at VMware KB |
| Websense | Few Version | External links at Websense |
Best Practices
- Upgrade if possible (if not, then disable heartbeats)
- Revoke all current keys and replace them with new ones
- Reissue certificate and revocation old certificate
- Change any credentials that may have been loaded into memory by the vulnerable processes