目錄表
CVE-2014-0224 OpenSSL MITM ChangeCipherSpec (CCS) Injection flaw
In additon, OpenSSL also regarding following seven vulnerabilities. Some of vendor had max tham to a “Security Advisories”
CVE Number | CVSS base score | Description |
---|---|---|
CVE-2014-0224 | 6.8 | SSL/TLS MITM vulnerability |
CVE-2014-0221 | 4.3 | DTLS recursion flaw |
CVE-2014-0195 | 6.8 | DTLS invalid fragment vulnerability |
CVE-2014-0198 | 4.3 | SSL_MODE_RELEASE_BUFFERS NULL pointer dereference |
CVE-2010-5298 | 4.0 | SSL_MODE_RELEASE_BUFFERS session injection or denial of service |
CVE-2014-3470 | 4.3 | Anonymous ECDH denial of service |
CVE-2014-0076 | 4.3 | ECDSA nonce disclosure using side-channel attack |
About Networking Vendors
Vendor | Affected | Announcement | Announce Date |
---|---|---|---|
A10 | Yes | Link at A10(login required) | 2014-06-05 |
Arbor Networks | – | https://arbor.custhelp.com/app/answers/detail/a_id/2379 | 2014-06-05 |
Aruba Networks | Yes | External Document at Aruba Alert | 2014-06-06 |
BlueCoat | Yes | External link at BlueCoat KB | 2014-06-06 |
Brocade | – | ||
CheckPoint | No | External link at CheckPoint | 2014-06-06 |
Cisco | Yes | External link at Cisco | 2014-06-05 |
Dlink | – | ||
Enterasys (Part of Extreme) | – | ||
Extreme Networks | – | ||
F5 | Yes | External link at F5 | 2014-06-05 |
FireEye | Yes | External link at FireEye | 2014-06-09 |
Fortinet | Yes | External link at FortiGuard | 2014-06-06 |
iMPERVA | Yes Only 10.5 | External link at iMPERVA (login required) | 2014-06-07 |
Juniper | Yes | External link at Juniper KB | 2014-06-?? |
McAfee | Yes | External link at McAfee | 2014-06-?? |
NetAxle | – | External link at NetAxle | – |
Palo Alto | Yes | External link at Palo Alto | 2014-06-09 |
Ruckus Wireless | – | External link at Ruckus Security | |
Sophers | – | ||
Sourcefire (Part of Cisco) | – | Check Cisco | |
Splunk | Yes | External link at Splunk Answers | 2014-06-09 |
TippingPoint | – | ||
VMware | Yes | External link at VMware KB | 2014-06-10 |
Websense | Yes | External link at Websense | 2014-06-12 |