MidnightBSD

Advisories for intellian

CVE-2014-0160 MEDIUM

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.5
broadcom symantec_messaging_gateway 10.6.1
openssl openssl *
intellian v60_firmware 1.15
opensuse opensuse 12.3
mitel mivoice 1.3.2.2
mitel micollab 7.0
opensuse opensuse 13.1
redhat enterprise_linux_server 6.0
debian debian_linux 7.0
intellian v100_firmware 1.20
fedoraproject fedora 19
redhat virtualization 6.0
siemens simatic_s7-1500_firmware 1.5
mitel micollab 7.3.0.104
canonical ubuntu_linux 13.10
siemens simatic_s7-1500t_firmware 1.5
debian debian_linux 6.0
siemens application_processing_engine_firmware 2.0
mitel micollab 7.2
mitel mivoice 1.2.0.11
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_workstation 6.0
siemens elan-8.2 *
siemens wincc_open_architecture 3.12
redhat gluster_storage 2.1
mitel micollab 7.1
mitel micollab 7.3
canonical ubuntu_linux 12.04
canonical ubuntu_linux 12.10
mitel mivoice 1.1.3.3
filezilla-project filezilla_server *
mitel micollab 6.0
fedoraproject fedora 20
redhat enterprise_linux_server_eus 6.5
mitel mivoice 1.4.0.102
intellian v60_firmware 1.25
redhat enterprise_linux_desktop 6.0
intellian v100_firmware 1.24
broadcom symantec_messaging_gateway 10.6.0
siemens cp_1543-1_firmware 1.1
mitel mivoice 1.1.2.5
splunk splunk *
intellian v100_firmware 1.21
ricon s9922l_firmware 16.10.3(3794)
debian debian_linux 8.0
redhat storage 2.1