Lucene search

OpenSSL -- Remote Information Disclosure

🗓️ 07 Apr 2014 00:00:00Reported by FreeBSDType

OpenSSL TLS Heartbleed vulnerability allows remote information disclosure. Affected users should upgrade to OpenSSL 1.0.1g or recompile with -DOPENSSL_NO_HEARTBEATS

Reporter	Title	Published	Views	Family All 199
Cisco	OpenSSL TLS/DTLS Heartbeat Information Disclosure Vulnerability	8 Apr 201414:39	–	cisco
Cisco	OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products	9 Apr 201403:00	–	cisco
Hacker One	Concrete CMS: https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)	8 Apr 201411:01	–	hackerone
Hacker One	Mail.ru: Heartbleed: my.com (185.30.178.33) port 1433	19 Jan 201513:54	–	hackerone
Hacker One	Mail.ru: scfbp.tng.mail.ru: Heartbleed	25 Feb 201507:49	–	hackerone
Hacker One	Internet Bug Bounty: TLS heartbeat read overrun	5 Apr 201423:51	–	hackerone
Hacker One	Mail.ru: OpenSSL HeartBleed (CVE-2014-0160)	23 Oct 201415:12	–	hackerone
seebug.org	McAfee Email Gateway OpenSSL TLS心跳信息泄漏漏洞	16 Apr 201400:00	–	seebug
seebug.org	HP多个产品OpenSSL TLS/DTLS心跳信息泄漏漏洞	16 Apr 201400:00	–	seebug
seebug.org	LibreOffice OpenSSL TLS心跳信息泄漏漏洞	16 Apr 201400:00	–	seebug

Source	Link
openssl	www.openssl.org/news/vulnerabilities.html
heartbleed	www.heartbleed.com/
openssl	www.openssl.org/news/secadv_20140407.txt

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	openssl	1.0.1	UNKNOWN
FreeBSD	any	noarch	openssl	1.0.1_10	UNKNOWN
FreeBSD	any	noarch	mingw32-openssl	1.0.1	UNKNOWN
FreeBSD	any	noarch	mingw32-openssl	1.0.1g	UNKNOWN
FreeBSD	10	noarch	freebsd	10.0	UNKNOWN
FreeBSD	10	noarch	freebsd	10.0_1	UNKNOWN

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 Apr 2014 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS25

CVSS37.5

EPSS0.97432