30 matches found
Mail.ru: scfbp.tng.mail.ru: Heartbleed
MacBook-Pro-Kirill:Pentest isox$ python heartbleed.py scfbp.tng.mail.ru defribulator v1.16 A tool to test and exploit the TLS heartbeat vulnerability aka heartbleed CVE-2014-0160 Connecting to: scfbp.tng.mail.ru:443, 1 times Sending Client Hello for TLSv1.0 Received Server Hello for TLSv1.0...
Oracle Linux 6 / 7 : openssl (ELSA-2014-1652)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1652 advisory. - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV t...
HP Version Control Repository Manager (VCRM) Heartbeat Information Disclosure (Heartbleed)
The HP Version Control Repository Manager VCRM install on the remote Windows host is version 7.2.0, 7.2.1, 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS...
HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)
The RPM installation of HP Version Control Agent VCA on the remote Linux host is version 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions...
HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)
The RPM installation of HP Version Control Agent VCA on the remote Linux host is version 7.2.2, 7.3.0, or 7.3.1. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions...
Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed)
According to its banner, the remote host is running a version of Kerio Connect formerly Kerio MailServer version 8.2.x prior to 8.2.4. It is, therefore, affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS...
Triangle MicroWorks SCADA Data Gateway < 3.3.729 Heartbeat Information Disclosure (Heartbleed)
Binary data scadatrianglegateway33729.nbin...
Attachmate Reflection X Heartbeat Information Disclosure (Heartbleed)
The Attachmate Reflection X install on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary...
Blue Coat ProxyAV 3.5.1.1 - 3.5.1.6 Heartbeat Information Disclosure (Heartbleed)
According to its self-reported version number, the firmware installed on the remote host is affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain...
Symantec Endpoint Protection Manager < 12.1 RU4 MP1a OpenSSL Heartbeat Information Disclosure (Heartbleed)
According to its self-reported version number, the version of Symantec Endpoint Protection Manager SEPM installed on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extension...
Digi International Gateways Vulnerable to Heartbleed
Wireless Web mesh gateways used everywhere from industrial control environments to home area networks are vulnerable to the Heartbleed OpenSSL vulnerability. The Industrial Control System Computer Emergency Response Team ICS-CERT issued an advisory Thursday warning SCADA and ICS managers with Dig...
APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3 AirPort Base Station Firmware Update 7.7.3 is now available and addresses the following: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An...
McAfee Firewall Enterprise OpenSSL Information Disclosure (SB10071) (Heartbleed)
The remote host has a version of McAfee Firewall Enterprise installed that is affected by an out-of-bounds read error, known as Heartbleed, in the TLS/DTLS implementation due to improper handling of TLS heartbeat extension packets. A remote attacker, using crafted packets, can trigger a buffer...
Fedora 20 : stunnel-5.01-1.fc20 (2014-5321)
New upstream release Supports OpenSSL DLLs 1.0.1g. Fixes to take care of OpenSSL,s TLS heartbeat read overrun CVE-2014-0160. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean an...
Fedora 19 : stunnel-5.01-1.fc19 (2014-5337)
New upstream release with following important changes : Supports OpenSSL DLLs 1.0.1g. Fixes to take care of OpenSSL's TLS heartbeat read overrun CVE-2014-0160. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
BlackBerry Enterprise Service Information Disclosure (KB35882) (Heartbleed)
The BlackBerry Enterprise Service BES install on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such ...
Heartbleed OpenSSL Information Leak Proof Of Concept
/ CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted...
VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)
The installed version of VMware Player 6.x running on Linux is prior to 6.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow...
AIX OpenSSL Advisory : openssl_advisory7.doc (Heartbleed)
The version of OpenSSL running on the remote host is affected by an information disclosure vulnerability. OpenSSL incorrectly handles memory in the TLS heartbeat extension, potentially allowing a remote attacker to read the contents of up to 64KB of server memory, potentially exposing passwords,...
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)
Exploit for multiple platform in category remote exploits Exploit Title: OpenSSL TLS Heartbeat Extension - Memory Disclosure - Multiple SSL/TLS versions Date: 2014-04-09 Exploit Author: Csaba Fitzl Vendor Homepage: http://www.openssl.org/ Software Link:...