這是本文件的舊版!
目錄表
CVE-2014-0160 OpenSSL Heartbleed Vulnerability
About Networking Vendors
Vendor | Affected | Announcement |
---|---|---|
A10 | None | External link at A10 |
Arbor Networks | None (Confirmed from Vendor Support Engineer) | Internal Field Notification Only… |
Aruba Networks | Few Version | External Document at Aruba Alert |
BlueCoat | Few Version & Platform | External link at BlueCoat KB |
CheckPoint | Verifing… | External link at CheckPoint Support Center |
Cisco | Verifing… | External link at Cisco |
Extreme Networks | Only XOS15.4.1 & 15.5.1 | External link at eSupport |
F5 | Few Version | External link at F5 Detect Attack iRule |
FireEye | Few Product | External link at FireEye |
Fortinet | Few Version & Platform | External link at FortiGuard |
iMPERVA | Only v10.5 | External link at iMPERVA (Need to login) |
Juniper | Multi Platform | External link at Juniper KB |
Palo Alto | None | External link at Palo Alto |
Ruckus Wireless | Only “Smart Cell Gateway” | External link at Ruckus Security |
Sophers | Few Version | External link at Sophers |
Splunk | Few Version | External link at Splunk Answers |
TippingPoint | None | PDF at TMC |
VMware | Multi Version | External link at VMware KB |
Websense | Few Version | External link at Websense |
Best Practices
- Upgrade if possible (if not, then disable heartbeats)
- Revoke all current keys and replace them with new ones
- Reissue certificate and revocation old certificate
- Change any credentials that may have been loaded into memory by the vulnerable processes