CVE-2014-3470

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

References

http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html

http://marc.info/?l=bugtraq&m=140266410314613&w=2

http://marc.info/?l=bugtraq&m=140317760000786&w=2

http://marc.info/?l=bugtraq&m=140389274407904&w=2

http://marc.info/?l=bugtraq&m=140389355508263&w=2

http://marc.info/?l=bugtraq&m=140431828824371&w=2

http://marc.info/?l=bugtraq&m=140448122410568&w=2

http://marc.info/?l=bugtraq&m=140482916501310&w=2

http://marc.info/?l=bugtraq&m=140491231331543&w=2

http://marc.info/?l=bugtraq&m=140499827729550&w=2

http://marc.info/?l=bugtraq&m=140621259019789&w=2

http://marc.info/?l=bugtraq&m=140752315422991&w=2

http://marc.info/?l=bugtraq&m=140904544427729&w=2

http://seclists.org/fulldisclosure/2014/Dec/23

http://secunia.com/advisories/58337

http://secunia.com/advisories/58579

http://secunia.com/advisories/58615

http://secunia.com/advisories/58667

http://secunia.com/advisories/58713

http://secunia.com/advisories/58714

http://secunia.com/advisories/58716

http://secunia.com/advisories/58742

http://secunia.com/advisories/58797

http://secunia.com/advisories/58939

http://secunia.com/advisories/58945

http://secunia.com/advisories/58977

http://secunia.com/advisories/59120

http://secunia.com/advisories/59126

http://secunia.com/advisories/59162

http://secunia.com/advisories/59167

http://secunia.com/advisories/59175

http://secunia.com/advisories/59189

http://secunia.com/advisories/59191

http://secunia.com/advisories/59192

http://secunia.com/advisories/59223

http://secunia.com/advisories/59264

http://secunia.com/advisories/59282

http://secunia.com/advisories/59284

http://secunia.com/advisories/59287

http://secunia.com/advisories/59300

http://secunia.com/advisories/59301

http://secunia.com/advisories/59306

http://secunia.com/advisories/59310

http://secunia.com/advisories/59340

http://secunia.com/advisories/59342

http://secunia.com/advisories/59362

http://secunia.com/advisories/59364

http://secunia.com/advisories/59365

http://secunia.com/advisories/59413

http://secunia.com/advisories/59431

http://secunia.com/advisories/59437

http://secunia.com/advisories/59438

http://secunia.com/advisories/59440

http://secunia.com/advisories/59441

http://secunia.com/advisories/59442

http://secunia.com/advisories/59445

http://secunia.com/advisories/59449

http://secunia.com/advisories/59450

http://secunia.com/advisories/59451

http://secunia.com/advisories/59459

http://secunia.com/advisories/59460

http://secunia.com/advisories/59483

http://secunia.com/advisories/59490

http://secunia.com/advisories/59491

http://secunia.com/advisories/59495

http://secunia.com/advisories/59514

http://secunia.com/advisories/59518

http://secunia.com/advisories/59525

http://secunia.com/advisories/59655

http://secunia.com/advisories/59659

http://secunia.com/advisories/59666

http://secunia.com/advisories/59669

http://secunia.com/advisories/59721

http://secunia.com/advisories/59784

http://secunia.com/advisories/59895

http://secunia.com/advisories/59916

http://secunia.com/advisories/59990

http://secunia.com/advisories/60571

http://secunia.com/advisories/61254

http://security.gentoo.org/glsa/glsa-201407-05.xml

http://support.apple.com/kb/HT6443

http://support.citrix.com/article/CTX140876

http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

http://www.blackberry.com/btsc/KB36051

http://www.f-secure.com/en/web/labs_global/fsc-2014-6

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

http://www.ibm.com/support/docview.wss?uid=swg21676356

http://www.ibm.com/support/docview.wss?uid=swg21676793

http://www.ibm.com/support/docview.wss?uid=swg24037783

http://www.mandriva.com/security/advisories?name=MDVSA-2014:105

http://www.mandriva.com/security/advisories?name=MDVSA-2014:106

http://www.mandriva.com/security/advisories?name=MDVSA-2015:062

http://www.novell.com/support/kb/doc.php?id=7015264

http://www.novell.com/support/kb/doc.php?id=7015300

http://www.openssl.org/news/secadv_20140605.txt

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/67898

http://www.splunk.com/view/SP-CAAAM2D

http://www.vmware.com/security/advisories/VMSA-2014-0006.html

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

http://www-01.ibm.com/support/docview.wss?uid=isg400001841

http://www-01.ibm.com/support/docview.wss?uid=isg400001843

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163

http://www-01.ibm.com/support/docview.wss?uid=swg21673137

http://www-01.ibm.com/support/docview.wss?uid=swg21675626

http://www-01.ibm.com/support/docview.wss?uid=swg21675821

http://www-01.ibm.com/support/docview.wss?uid=swg21676035

http://www-01.ibm.com/support/docview.wss?uid=swg21676062

http://www-01.ibm.com/support/docview.wss?uid=swg21676071

http://www-01.ibm.com/support/docview.wss?uid=swg21676419

http://www-01.ibm.com/support/docview.wss?uid=swg21676496

http://www-01.ibm.com/support/docview.wss?uid=swg21676501

http://www-01.ibm.com/support/docview.wss?uid=swg21676529

http://www-01.ibm.com/support/docview.wss?uid=swg21676615

http://www-01.ibm.com/support/docview.wss?uid=swg21676655

http://www-01.ibm.com/support/docview.wss?uid=swg21676879

http://www-01.ibm.com/support/docview.wss?uid=swg21676889

http://www-01.ibm.com/support/docview.wss?uid=swg21677527

http://www-01.ibm.com/support/docview.wss?uid=swg21677695

http://www-01.ibm.com/support/docview.wss?uid=swg21677828

http://www-01.ibm.com/support/docview.wss?uid=swg21677836

http://www-01.ibm.com/support/docview.wss?uid=swg21678167

http://www-01.ibm.com/support/docview.wss?uid=swg21678289

http://www-01.ibm.com/support/docview.wss?uid=swg21683332

http://www-01.ibm.com/support/docview.wss?uid=swg24037761

http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E

http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

https://bugzilla.redhat.com/show_bug.cgi?id=1103600

https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

https://kb.bluecoat.com/index?page=content&id=SA80

https://kc.mcafee.com/corporate/index?page=content&id=SB10075

https://www.novell.com/support/kb/doc.php?id=7015271

Details

Source: MITRE

Published: 2014-06-05

Updated: 2019-04-22

Type: CWE-310

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to 0.9.8y (inclusive)

Configuration 4

OR

cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Tenable Plugins

View all (103 total)

IDNameProductFamilySeverity
137479EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2020-1637)NessusHuawei Local Security Checks
high
129359MariaDB 10.0.0 < 10.0.13 Multiple VulnerabilitiesNessusDatabases
critical
124999EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1546)NessusHuawei Local Security Checks
high
108515pfSense < 2.1.4 Multiple Vulnerabilities ( SA-14_07 )NessusFirewalls
high
89651openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)NessusSuSE Local Security Checks
critical
88991Cisco NX-OS OpenSSL Multiple VulnerabilitiesNessusCISCO
high
87678VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
86710Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA)NessusMisc.
medium
83716SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:0743-1)NessusSuSE Local Security Checks
high
82315Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)NessusMandriva Local Security Checks
high
81649Apache Tomcat 6.0.x < 6.0.43 Multiple Vulnerabilities (POODLE)NessusWeb Servers
high
80915Oracle VM VirtualBox < 3.2.26 / 4.0.28 / 4.1.36 / 4.2.28 / 4.3.20 Multiple Vulnerabilities (January 2015 CPU)NessusWindows
medium
80720Oracle Solaris Third-Party Patch Update : openssl (cve_2010_5298_race_conditions)NessusSolaris Local Security Checks
high
80322Fedora 20 : mingw-openssl-1.0.1j-1.fc20 (2014-17587) (POODLE)NessusFedora Local Security Checks
medium
80319Fedora 21 : mingw-openssl-1.0.1j-1.fc21 (2014-17576) (POODLE)NessusFedora Local Security Checks
medium
79738SuSE 11.3 Security Update : compat-openssl097g (SAT Patch Number 10033)NessusSuSE Local Security Checks
medium
79547OracleVM 3.3 : openssl (OVMSA-2014-0032) (Heartbleed) (POODLE)NessusOracleVM Local Security Checks
high
79026RHEL 6 : Storage Server (RHSA-2014:0628)NessusRed Hat Local Security Checks
high
78292Amazon Linux AMI : openssl (ALAS-2014-349)NessusAmazon Linux Local Security Checks
high
78024VMware vSphere Replication Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
8394Mac OS X < 10.9.5 Multiple Vulnerabilities (Security Update 2014-004)Nessus Network MonitorWeb Clients
critical
77749Mac OS X Multiple Vulnerabilities (Security Update 2014-004)NessusMacOS X Local Security Checks
critical
77748Mac OS X 10.9.x < 10.9.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
77635EMC Documentum Content Server Multiple Vulnerabilities (ESA-2014-079)NessusWindows
high
77476Apache Tomcat 8.0.x < 8.0.11 Multiple OpenSSL VulnerabilitiesNessusWeb Servers
critical
77475Apache Tomcat 7.0.x < 7.0.55 Multiple VulnerabilitiesNessusWeb Servers
critical
77389Pivotal Web Server 5.x < 5.4.1 Multiple OpenSSL VulnerabilitiesNessusWeb Servers
medium
77332VMware OVF Tool 3.x < 3.5.2 Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
77331VMware OVF Tool 3.x < 3.5.2 Multiple OpenSSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)NessusMacOS X Local Security Checks
medium
77245Ubuntu 10.04 LTS : openssl vulnerabilities (USN-2232-4)NessusUbuntu Local Security Checks
high
77200OpenSSL 'ChangeCipherSpec' MiTM VulnerabilityNessusMisc.
medium
77152HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusSuSE Local Security Checks
high
77151HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusRed Hat Local Security Checks
high
77150HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusWindows
medium
77108Fedora 20 : openssl-1.0.1e-39.fc20 (2014-9308) (Heartbleed)NessusFedora Local Security Checks
high
77107Fedora 19 : openssl-1.0.1e-39.fc19 (2014-9301)NessusFedora Local Security Checks
high
77057FireEye Operating System Multiple Vulnerabilities (SB001)NessusFirewalls
medium
77020HP Systems Insight Manager 7.2.x < 7.2 Hotfix 37 / 7.3.x < 7.3 Hotfix 34 OpenSSL Multiple VulnerabilitiesNessusWindows
medium
77004Cerberus FTP Server 6.x < 6.0.10.0 / 7.x < 7.0.0.3 Multiple OpenSSL VulnerabilitiesNessusFTP
medium
77000Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10629)NessusJunos Local Security Checks
medium
76994VMware vCenter Support Assistant Multiple Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
76966VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76965VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)NessusMacOS X Local Security Checks
medium
76947VMware vCenter Converter Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76945VMware Horizon View Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76891RHEL 7 : openssl (RHSA-2014:0679)NessusRed Hat Local Security Checks
high
76864GLSA-201407-05 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
76769HP Smart Update Manager 6.x < 6.4.1 Multiple VulnerabilitiesNessusCGI abuses
medium
76729Oracle Linux 7 : openssl (ELSA-2014-0679)NessusOracle Linux Local Security Checks
high
76580McAfee VirusScan Enterprise for Linux Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76579McAfee Email Gateway OpenSSL Multiple Vulnerabilities (SB10075)NessusMisc.
medium
76528Splunk Enterprise 4.3.x / 5.0.x < 5.0.9 / 6.0.x < 6.0.5 / 6.1.x < 6.1.2 Multiple OpenSSL VulnerabilitiesNessusWeb Servers
medium
76511LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Mac OS X) (Heartbleed)NessusMacOS X Local Security Checks
medium
76510LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Heartbleed)NessusWindows
medium
76495VMware vCenter Server Appliance Multiple Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
76493Fortinet OpenSSL Multiple VulnerabilitiesNessusMisc.
medium
76457VMware Security Updates for vCenter Server (VMSA-2014-0006)NessusMisc.
medium
76456VMware Workstation < 9.0.4 / 10.0.3 OpenSSL Library Multiple Vulnerabilities (Windows)NessusWindows
medium
76455VMware Workstation < 9.0.4 / 10.0.3 OpenSSL Library Multiple Vulnerabilities (Linux)NessusGeneral
medium
76454VMware Player < 5.0.4 / 6.0.3 OpenSSL Library Multiple Vulnerabilities (Windows)NessusWindows
medium
76453VMware Player < 5.0.4 / 6.0.3 OpenSSL Library Multiple Vulnerabilities (Linux)NessusGeneral
medium
76452VMware Fusion < 5.0.5 / 6.0.4 OpenSSL Library Multiple VulnerabilitiesNessusMacOS X Local Security Checks
medium
76426VMware vCenter Chargeback Manager Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76390HP Version Control Repository Manager Multiple Vulnerabilities (HPSBMU03056)NessusWindows
medium
76368ESXi 5.0 < Build 1918656 OpenSSL Library Multiple Vulnerabilities (remote check)NessusMisc.
medium
76360VMware vCenter Operations Manager Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
76356VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76355VMware vSphere Client Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76345HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple VulnerabilitiesNessusWeb Servers
medium
76203ESXi 5.1 < Build 1900470 OpenSSL Library Multiple Vulnerabilities (remote check)NessusMisc.
medium
76199Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : openssl regression (USN-2232-3)NessusUbuntu Local Security Checks
high
76167WinSCP 5.x < 5.5.4 Multiple VulnerabilitiesNessusWindows
medium
76146McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76145McAfee ePolicy Orchestrator Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76132Cisco TelePresence Supervisor MSE 8050 Multiple Vulnerabilities in OpenSSLNessusCISCO
medium
76131Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSLNessusCISCO
medium
76130Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSLNessusCISCO
low
76129Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)NessusWindows
high
76124Junos Pulse Secure Access IVE / UAC OS Multiple OpenSSL Vulnerabilities (JSA10629)NessusMisc.
medium
75383openSUSE Security Update : openssl (openSUSE-SU-2014:0764-1)NessusSuSE Local Security Checks
high
74512AIX OpenSSL Advisory : openssl_advisory9.docNessusAIX Local Security Checks
medium
74508Ubuntu 12.04 LTS / 13.10 / 14.04 LTS : openssl regression (USN-2232-2)NessusUbuntu Local Security Checks
high
74470ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check)NessusMisc.
medium
74465VMSA-2014-0006 : VMware product updates address OpenSSL security vulnerabilitiesNessusVMware ESX Local Security Checks
high
74421stunnel < 5.02 OpenSSL Multiple VulnerabilitiesNessusWindows
medium
74415Mandriva Linux Security Advisory : openssl (MDVSA-2014:106)NessusMandriva Local Security Checks
high
801619OpenSSL < 0.9.8za / < 1.0.0m / < 1.0.1h Multiple VulnerabilitiesLog Correlation EngineWeb Servers
medium
74364OpenSSL 1.0.1 < 1.0.1h Multiple VulnerabilitiesNessusWeb Servers
high
74363OpenSSL 0.9.8 < 0.9.8za Multiple VulnerabilitiesNessusWeb Servers
medium
74353Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : openssl vulnerabilities (USN-2232-1)NessusUbuntu Local Security Checks
high
74352SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 9326)NessusSuSE Local Security Checks
medium
74350Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20140605)NessusScientific Linux Local Security Checks
high
74347RHEL 6 : openssl (RHSA-2014:0625)NessusRed Hat Local Security Checks
high
74344Oracle Linux 6 : openssl (ELSA-2014-0625)NessusOracle Linux Local Security Checks
high
74342FreeBSD : OpenSSL -- multiple vulnerabilities (5ac53801-ec2e-11e3-9cf3-3c970e169bc2)NessusFreeBSD Local Security Checks
high
74341Fedora 20 : openssl-1.0.1e-38.fc20 (2014-7102)NessusFedora Local Security Checks
high
74340Fedora 19 : openssl-1.0.1e-38.fc19 (2014-7101)NessusFedora Local Security Checks
high
74337Debian DSA-2950-1 : openssl - security updateNessusDebian Local Security Checks
high
74334CentOS 6 : openssl (CESA-2014:0625)NessusCentOS Local Security Checks
high
74331Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2014-156-03)NessusSlackware Local Security Checks
high
8253OpenSSL < 0.9.8za / < 1.0.0m / < 1.0.1h Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
74326OpenSSL 'ChangeCipherSpec' MiTM Potential VulnerabilityNessusMisc.
medium
73403OpenSSL 1.0.0 < 1.0.0m Multiple VulnerabilitiesNessusWeb Servers
high