MidnightBSD

Advisories for ricon

CVE-2014-0160 MEDIUM

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
siemens cp_1543-1_firmware 1.1
redhat virtualization 6.0
mitel mivoice 1.2.0.11
mitel micollab 7.1
splunk splunk *
mitel micollab 6.0
debian debian_linux 7.0
siemens wincc_open_architecture 3.12
mitel micollab 7.3
fedoraproject fedora 19
debian debian_linux 8.0
siemens simatic_s7-1500t_firmware 1.5
intellian v100_firmware 1.20
redhat enterprise_linux_server_aus 6.5
filezilla-project filezilla_server *
fedoraproject fedora 20
siemens elan-8.2 *
opensuse opensuse 12.3
redhat enterprise_linux_workstation 6.0
ricon s9922l_firmware 16.10.3(3794)
broadcom symantec_messaging_gateway 10.6.1
redhat gluster_storage 2.1
canonical ubuntu_linux 12.10
intellian v100_firmware 1.24
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
intellian v60_firmware 1.25
siemens simatic_s7-1500_firmware 1.5
mitel micollab 7.3.0.104
mitel mivoice 1.1.3.3
opensuse opensuse 13.1
mitel mivoice 1.3.2.2
redhat storage 2.1
debian debian_linux 6.0
siemens application_processing_engine_firmware 2.0
mitel mivoice 1.4.0.102
intellian v60_firmware 1.15
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_server_eus 6.5
openssl openssl *
mitel micollab 7.0
broadcom symantec_messaging_gateway 10.6.0
intellian v100_firmware 1.21
mitel mivoice 1.1.2.5
mitel micollab 7.2