Lucene search

CVE-2014-0160

🗓️ 07 Apr 2014 22:03:55Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 31 Media mentions👁 3826 Views🌐 WEB

OpenSSL 1.0.1 before 1.0.1g Heartbleed bug allows remote attackers to obtain sensitive information

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 200
Tenable Nessus	Attachmate Reflection Heartbeat Information Disclosure (Heartbleed)	30 Jun 201400:00	–	nessus
Tenable Nessus	Websense Web Security Heartbeat Information Disclosure (Heartbleed)	29 Apr 201400:00	–	nessus
Tenable Nessus	CentOS 6 : openssl (CESA-2014:0376)	8 Apr 201400:00	–	nessus
Tenable Nessus	openSUSE Security Update : openssl (openSUSE-SU-2014:0560-1) (Heartbleed)	13 Jun 201400:00	–	nessus
Tenable Nessus	OpenVPN Heartbeat Information Disclosure (Heartbleed)	14 Apr 201400:00	–	nessus
Tenable Nessus	openSUSE Security Update : openssl (openSUSE-SU-2014:0492-1) (Heartbleed)	13 Jun 201400:00	–	nessus
Tenable Nessus	Siemens Simatic Improper Restriction of Operations within the Bounds of a Memory Buffer	10 Aug 202100:00	–	nessus
Tenable Nessus	Amazon Linux AMI : openssl Information Disclosure Vulnerability (ALAS-2014-320)	9 Apr 201400:00	–	nessus
Tenable Nessus	McAfee Firewall Enterprise OpenSSL Information Disclosure (SB10071) (Heartbleed)	2 May 201400:00	–	nessus
Tenable Nessus	Blue Coat ProxySG Heartbeat Information Disclosure (Heartbleed)	15 Apr 201400:00	–	nessus

Nvd

Node

openssl opensslRange1.0.1–1.0.1g

Node

filezilla-project filezilla_serverRange<0.9.44

Node

siemens application_processing_engine_firmwareMatch2.0

AND

siemens application_processing_engineMatch-

Node

siemens cp_1543-1_firmwareMatch1.1

AND

siemens cp_1543-1Match-

Node

siemens simatic_s7-1500_firmwareMatch1.5

AND

siemens simatic_s7-1500Match-

Node

siemens simatic_s7-1500t_firmwareMatch1.5

AND

siemens simatic_s7-1500tMatch-

Node

siemens elan-8.2Range<8.3.3

siemens wincc_open_architectureMatch3.12

Node

intellian v100_firmwareMatch1.20

intellian v100_firmwareMatch1.21

intellian v100_firmwareMatch1.24

AND

intellian v100Match-

Node

intellian v60_firmwareMatch1.15

intellian v60_firmwareMatch1.25

AND

intellian v60Match-

Node

mitel micollabMatch6.0

mitel micollabMatch7.0

mitel micollabMatch7.1

mitel micollabMatch7.2

mitel micollabMatch7.3

mitel micollabMatch7.3.0.104

mitel mivoiceMatch1.1.2.5lync

mitel mivoiceMatch1.1.3.3skype_for_business

mitel mivoiceMatch1.2.0.11skype_for_business

mitel mivoiceMatch1.3.2.2skype_for_business

mitel mivoiceMatch1.4.0.102skype_for_business

Node

opensuse opensuseMatch12.3

opensuse opensuseMatch13.1

Node

canonical ubuntu_linuxMatch12.04esm

canonical ubuntu_linuxMatch12.10

canonical ubuntu_linuxMatch13.10

Node

fedoraproject fedoraMatch19

fedoraproject fedoraMatch20

Node

redhat gluster_storageMatch2.1

redhat storageMatch2.1

redhat virtualizationMatch6.0

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_server_ausMatch6.5

redhat enterprise_linux_server_eusMatch6.5

redhat enterprise_linux_server_tusMatch6.5

redhat enterprise_linux_workstationMatch6.0

Node

debian debian_linuxMatch6.0

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

Node

ricon s9922l_firmwareMatch16.10.3(3794)

AND

ricon s9922lMatch1.0

Node

broadcom symantec_messaging_gatewayMatch10.6.0

broadcom symantec_messaging_gatewayMatch10.6.1

Node

splunk splunkRange6.0.0–6.0.3enterprise

Source	Link
lists	www.lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
git	www.git.openssl.org/gitweb/
getchef	www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/
vmware	www.vmware.com/security/advisories/VMSA-2014-0012.html
marc	www.marc.info/
filezilla-project	www.filezilla-project.org/versions.php
innominate	www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf
secunia	www.secunia.com/advisories/57483
marc	www.marc.info/
marc	www.marc.info/

Parameter	Position	Path	Description	CWE
heartbeat_read_size	request body	/heartbeat	The Heartbleed vulnerability allows attackers to exploit a flaw in the TLS/DTLS protocols to read memory on the server side.	CWE-125

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 Apr 2014 22:55Current

7.5High risk

Vulners AI Score7.5

CVSS25

CVSS37.5

EPSS0.94477