This Metasploit module provides a fake SSL service that is intended to leak memory from client systems as they connect. This Metasploit module is hardcoded for using the AES-128-CBC-SHA1 cipher.
67d783fbcd4cde982f17f891681bce4e4ca4da2877dd80a91e898f0fdbf606eeThis document is intended to provide a detailed study on the Heartbleed attack. It covers the required topics for understanding the exploit. The proof of concept will help visualize and perform the attack in a virtual scenario to understand the attack vector of the process of exploitation.
cf6fbc4d936699857b6524b54211eae3ce2b2ca1a865a3ff3877d5fc4fc945b6Streamworks Job Scheduler Release 7 has all agents using the same X.509 certificates and keys issued by the vendor for authentication. The processing server component does not check received messages properly for authenticity. Agents installed on servers do not check received messages properly for authenticity. Agents and processing servers are vulnerable to the TLS Heartbleed attack.
8d3ab2a2e1407bcba852d7925fccb15e6610ced1db687ba89dc4e1333028ea6dThis python script checks for the OpenSSL memory leak named Heartbleed and as noted in CVE-2014-0160. It can be used for different SSL TLS versions and multiple (HTTPS/SMTP/IMAP/POP3) protocols. It is optimized for mass scans.
89791cf81b92b962ceaf4da83a28781f5cf9ed884168321574cab9f157657409Mandriva Linux Security Advisory 2015-062 - Multiple vulnerabilities has been discovered and corrected in openssl. The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
e171ec43c2e20ccaebff7416a52645d7f17fe5f2ac7aa5376af3eb0518dd7115HP Security Bulletin HPSBHF03293 1 - Potential security vulnerabilities have been identified with HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash including heartbleed, padding oracle, and shellshock issues. Revision 1 of this advisory.
30d1ba0b92a93958f1b541914c45bffd10181d46e5a162699dcd2c22a93f67c4Gentoo Linux Security Advisory 201412-11 - Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code. Versions prior to 20140406-r1 are affected.
0d52bd946d4c830b5f1f480535296f513bafe2d3abc811d6666cbb6fb317a087HP Security Bulletin HPSBHF03136 - A potential security vulnerability has been identified with HP TippingPoint NGFW running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
6bdd949e8b4cb4636927e862953cb3d4f530ca4d57f3725e586957c6c273c3e8HP Security Bulletin HPSBMU03037 2 - A potential security vulnerability has been identified with HP Multimedia Service Environment (MSE), formerly known as HP Network Interactive Voice Response (NIVR). This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.
084b66e055026239b823e5a146253361afc7465060ae9d8e71bda3d8c747d60bHP Security Bulletin HPSBST03000 4 - A potential security vulnerability has been identified with HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 4 of this advisory.
d73fa1bd882e7f8008920c158bf623bc8f8b58fa93cf66a5af55c435e4a4b1a2HP Security Bulletin HPSBST03016 4 - A potential security vulnerability has been identified in HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL.This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 4 of this advisory.
c824c58a9d51692dcb8aa9df7c86fb0c1822c96d29fe3b750299904ddbb92a55Mandriva Linux Security Advisory 2014-123 - Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for relay identity keys and hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors.
568cbcf858a502e1e84440e1e7c66b0a534813a012aee5e85e193d4acc58aa29HP Security Bulletin HPSBMU03024 3 - A potential security vulnerability has been identified with HP System Management Homepage (SMH) running on Linux and Windows and HP Systems Insight Manager (SIM), components of HP Insight Control server deployment. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Insight Control server deployment packages HP System Management Homepage (SMH) and HP Systems Insight Manager (SIM) and can deploy them through the below list of items. This bulletin will give you the information needed to update your HP Insight Control server deployment solution. Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Revision 3 of this advisory.
38ca5ad69ec755b06d0445833bfe62d0df43899d68a3eaa46a683cf42d15b4caHP Security Bulletin HPSBMU03029 2 - A potential security vulnerability has been identified with HP Insight Control server migration running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.
1e74c0ccaa7df002b779d8233fe2743dc52cabe1d816990cc681de7247931756HP Security Bulletin HPSBMU03033 3 - A potential security vulnerability has been identified with HP Insight Control software components running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 3 of this advisory.
26450869ed7e8e9888feb1b30e20846859e3b7d1ef71705fb6a67553eaba919dHP Security Bulletin HPSBMU03028 2 - A potential security vulnerability has been identified with HP Matrix Operating Environment and HP CloudSystem Matrix software components running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.
ac167e598819b0170873d5d1318b3a3bf755767159a7cd628be5af23f20fd934HP Security Bulletin HPSBMU03009 3 - A potential security vulnerability has been identified with HP CloudSystem Foundation and HP CloudSystem Enterprise software running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 3 of this advisory.
715a2d0a4cdf05596a3668d5ecd8157e6df13d4c09710a6731099c91bd445fb0HP Security Bulletin HPSBMU03025 2 - A potential security vulnerability has been identified in HP Diagnostics running OpenSSL. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. NOTE: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL cryptographic software library. This weakness potentially allows disclosure of information that is normally protected by the SSL/TLS protocol. The impacted products in the list below are vulnerable due to embedding OpenSSL standard release software. Revision 2 of this advisory.
52629bc62087a9590b7c8b290ce662df2a94e3e0cdab3616e08af610cd2dd175HP Security Bulletin HPSBMU02995 8 - The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. Note: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL product cryptographic software library product. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. The impacted products appear in the list below are vulnerable due to embedding OpenSSL standard release software. Revision 8 of this advisory.
8a46199caee50f4b5ccb3fe410da023a1d9cae75b0c14e9eb19f64d6b9895b17HP Security Bulletin HPSBMU03044 - A potential security vulnerability has been identified with HP Business Process Monitor running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
75b0264fcbec223ee3f4ea20c5e45106bd20fec772506d86b5b521ab51e99c32Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
3306c7e085052181a0b7cb7150f2e6a86adc9942ce70c90c6ca896ea79857940HP Security Bulletin HPSBMU03022 3 - A potential security vulnerability has been identified with HP Systems Insight Management (SIM) bundled software running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. The HP SIM software itself is not vulnerable to CVE-2014-0160 ("Heartbleed"). However, the software components bundled with HP SIM are impacted and should be addressed if installed. Revision 3 of this advisory.
8f9087315afcbac376a9d94829c09203bb41b0d59eacf16f29ed2914592cfcdfCA Technologies is investigating an OpenSSL vulnerability, referred to as the "Heartbleed bug" that was publicly disclosed on April 7, 2014. CA Technologies has confirmed that the majority of their product portfolio is unaffected. There are, however, several products that used vulnerable versions of OpenSSL 1.0.1 and consequently may be affected.
cd70166d5a87d345097aa5d535e0e71a59c770f9dfeb06ac3274b16b979bdcfdHP Security Bulletin HPSBMU02995 7 - The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. Note: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL product cryptographic software library product. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. Revision 7 of this advisory.
6006387e1c625c02a0a9153806384fe303b9b3090470fb6d51524c22ca9be3bfHP Security Bulletin HPSBMU03040 - A potential security vulnerability has been identified with HP LoadRunner and HP Performance Center running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
c98620fdab19724e814510188b205e1a98156e02a6b935e29d79afae2e91dfb6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed