這是本文件的舊版!
目錄表
CVE-2014-0160 OpenSSL Heartbleed Vulnerability
About Networking Vendors
| Vendor | Affected | Announcement |
|---|---|---|
| A10 | None | External link at A10 |
| Arbor Networks | None (Confirmed from Vendor Support Engineer) | Internal Field Notification Only… |
| Aruba Networks | Few Version | External Document at Aruba Alert |
| BlueCoat | Few Version & Platform | External link at BlueCoat KB |
| CheckPoint | Verifing… | External link at CheckPoint Support Center |
| Cisco | Verifing… | External link at Cisco |
| Extreme Networks | Only XOS15.4.1 & 15.5.1 | External link at eSupport |
| F5 | Few Version | External link at F5 Detect Attack iRule |
| FireEye | Few Product | External link at FireEye |
| Fortinet | Few Version & Platform | External link at FortiGuard |
| iMPERVA | Only v10.5 | External link at iMPERVA (Need to login) |
| Juniper | Multi Platform  | External link at Juniper KB |
| Palo Alto | None | External link at Palo Alto |
| Ruckus Wireless | Only “Smart Cell Gateway” | External link at Ruckus Security |
| Sophers | Few Version | External link at Sophers |
| Splunk | Few Version | External link at Splunk Answers |
| TippingPoint | None | PDF at TMC |
| VMware | Multi Version | External link at VMware KB |
| Websense | Few Version | External link at Websense |
Best Practices
- Upgrade if possible (if not, then disable heartbeats)
- Revoke all current keys and replace them with new ones
- Reissue certificate and revocation old certificate
- Change any credentials that may have been loaded into memory by the vulnerable processes