這是本文件的舊版!
目錄表
CVE-2014-0160 OpenSSL Heartbleed Vulnerability
About Networking Vendors
| Vendor | Affected | Announcement | Announce Date |
|---|---|---|---|
| A10 | None | External link at A10 | 2014-04-09 |
| Arbor Networks | None | Internal Field Notification Only (login required) | 2014-04-15 |
| Aruba Networks | Few Version | External Document at Aruba Alert | 2014-04-08 |
| BlueCoat | Few Version & Platform | External link at BlueCoat KB | 2014-04-09 |
| CheckPoint | Verifing… | External link at CheckPoint | 2014-04-08 |
| Cisco | Verifing… | External link at Cisco | 2014-04-09 |
| Extreme Networks | Only XOS15.4.1 & 15.5.1 | External link at eSupport | 2014-04-14 |
| F5 | Few Version | External link at F5 Detect Attack iRule | 2014-04-08 |
| FireEye | Few Product | External link at FireEye | 2014-04-16 |
| Fortinet | Few Version & Platform | External link at FortiGuard | 2014-04-08 |
| iMPERVA | Only v10.5 | External link at iMPERVA (login required) | 2014-04-11 |
| Juniper | Multi Platform  | External link at Juniper KB | 2014-04-08 |
| Palo Alto | None | External link at Palo Alto | 2014-04-09 |
| Ruckus Wireless | Only “Smart Cell Gateway” | External link at Ruckus Security | 2014-04-14 |
| Sophers | Few Version | External link at Sophers | 2014-04-08 |
| Splunk | Few Version | External link at Splunk Answers | 2014-04-09 |
| TippingPoint | None | PDF at TMC | 2014-04-09 |
| VMware | Multi Version | External link at VMware KB | 2014-04-09 |
| Websense | Few Version | External link at Websense | 2014-04-09 |
Best Practices
- Upgrade if possible (if not, then disable heartbeats)
- Revoke all current keys and replace them with new ones
- Reissue certificate and revocation old certificate
- Change any credentials that may have been loaded into memory by the vulnerable processes