Miembros de
Boletines de Vulnerabilidades |
OpenSSL Heartbleed (CVE-2014-0160) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
As reported by the OpenSSL Project, OpenSSL is vulnerable to TLS heartbeat read overrun (CVE-2014-0160). OpenSSL versions 1.0.1 through 1.0.1f contain a flaw in its implementation of the TLS/DTLS (transport layer security protocols) heartbeat functionality. Please see the Heartbleed website for more details. IBM is analyzing its products to determine which ones are affected by this vulnerability. Affected IBM products will be issuing fixes as soon as possible. Please actively monitor both your More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/openssl_heartbleed_cve_2014_0160?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-0160 ,CVE-2014-0076 ,CVE-2013-5590 ,CVE-2013-5595 ,CVE-2013-5597 ,CVE-2013-5599 ,CVE-2013-5600 ,CVE-2013-5601 ,CVE-2013-5602 ,CVE-2013-5604 ,CVE-2012-5081 ,CVE-2013-0440 ,CVE-2013-0443 ,CVE-2013-0169 ,CVE-2014-0411 ,CVE-2014-0892 ,CVE-2014-0033 and CVE-2013-4322. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-04-25 |