這是本文件的舊版!
目錄表
CVE-2014-0160 OpenSSL Heartbleed Vulnerability
About Networking Vendors
Vendor | Affected | Announcement |
---|---|---|
A10 | None | External links at A10 |
Arbor Networks | None (Confirmed from Vendor Support Engineer) | Internal Field Notification Only… |
Aruba Networks | Few Version | External Document at Aruba Alert |
BlueCoat | Few Version & Platform | External links at BlueCoat KB |
CheckPoint | Verifing… | External links at CheckPoint Support Center |
Cisco | Verifing… | External links at Cisco |
Extreme Networks | Only XOS15.4.1 & 15.5.1 | External links at eSupport |
F5 | Few Version | External links at F5 Detect Attack iRule |
FireEye | Being Confirmed… | |
Fortinet | Few Version & Platform | External links at FortiGuard |
iMPERVA | Only v10.5 | External links at iMPERVA (Need to login) |
Juniper | Multi Platform | External links at Juniper KB |
Palo Alto | None | External links at Palo Alto |
Ruckus Wireless | None (Confirmed from Tech Support) | External Link at Ruckus Security |
Sophers | Few Version | External links at Sophers |
Splunk | Few Version | External links at Splunk Answers |
TippingPoint | None | PDF at TMC |
VMware | Multi Version | External links at VMware KB |
Websense | Few Version | External links at Websense |
Best Practices
- Upgrade if possible (if not, then disable heartbeats)
- Revoke all current keys and replace them with new ones
- Reissue certificate and revocation old certificate
- Change any credentials that may have been loaded into memory by the vulnerable processes