OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability

Bugtraq ID: 67899
Class: Design Error
CVE: CVE-2014-0224
Remote: Yes
Local: No
Published: Jun 05 2014 12:00AM
Updated: Nov 14 2014 12:57AM
Credit: KIKUCHI Masashi
Vulnerable: VMWare Update Manager 5.0
VMWare ESXi 5.0
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 LTS
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Sylpheed Sylpheed 2.4.4
Sylpheed Sylpheed 2.2.7
Sylpheed Sylpheed 2.0.4
Sylpheed Sylpheed 2.0.3
Sylpheed Sylpheed 2.0.2
Sylpheed Sylpheed 2.0.1
Sylpheed Sylpheed 2.0
Sylpheed Sylpheed 1.9.5
Sylpheed Sylpheed 1.9.4
Sylpheed Sylpheed 1.9.3
Sylpheed Sylpheed 1.9.2
Sylpheed Sylpheed 1.9.1
Sylpheed Sylpheed 1.9
Sylpheed Sylpheed 1.0.6
Sylpheed Sylpheed 1.0.5
Sylpheed Sylpheed 1.0.4
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Sylpheed Sylpheed 1.0.3
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
Sylpheed Sylpheed 1.0.2
Sylpheed Sylpheed 1.0.1
Sylpheed Sylpheed 1.0 .0
+ Turbolinux Home
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Sylpheed Sylpheed 0.9.99
Sylpheed Sylpheed 0.9.12
Sylpheed Sylpheed 0.9.11
Sylpheed Sylpheed 0.9.10
Sylpheed Sylpheed 0.9.9
Sylpheed Sylpheed 0.9.8
Sylpheed Sylpheed 0.9.7
Sylpheed Sylpheed 0.9.6
Sylpheed Sylpheed 0.9.5
Sylpheed Sylpheed 0.9.4
Sylpheed Sylpheed 0.8.11
Sylpheed Sylpheed 0.8
Sylpheed Sylpheed 0.7.4
SuSE openSUSE 11.4
Splunk Splunk 4.3.1
Splunk Splunk 4.3
Sophos PureMessage for UNIX 5.5.5
Sophos PureMessage for UNIX 5.5.4
Sophos PureMessage for UNIX 4.05
Sophos PureMessage for UNIX 4.04
S.u.S.E. SUSE CORE 9 for x86
S.u.S.E. CORE 9
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux 5.0
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Long Life 5.6 server
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Python Software Foundation Python 2.7
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
Oracle Enterprise Linux 4
Oracle E-Business Suite 11i 11.5.10.2
OpenSSL Project OpenSSL 1.0 beta3
OpenSSL Project OpenSSL 1.0 Beta2
OpenSSL Project OpenSSL 1.0 beta1
OpenSSL Project OpenSSL 1.0
OpenSSL Project OpenSSL 0.9.8 k
OpenSSL Project OpenSSL 0.9.8 j
OpenSSL Project OpenSSL 0.9.8 i
OpenSSL Project OpenSSL 0.9.8 h
OpenSSL Project OpenSSL 0.9.8 e
OpenSSL Project OpenSSL 0.9.8 d
OpenSSL Project OpenSSL 0.9.8 c
OpenSSL Project OpenSSL 0.9.8 b
OpenSSL Project OpenSSL 0.9.8 a
OpenSSL Project OpenSSL 0.9.8
+ Gentoo Linux
OpenSSL Project OpenSSL 1.0.1c
OpenSSL Project OpenSSL 1.0.1a
OpenSSL Project OpenSSL 1.0.1
OpenSSL Project OpenSSL 1.0.0j
OpenSSL Project OpenSSL 1.0.0i
OpenSSL Project OpenSSL 1.0.0g
OpenSSL Project OpenSSL 1.0.0f
OpenSSL Project OpenSSL 1.0.0e
OpenSSL Project OpenSSL 1.0.0d
OpenSSL Project OpenSSL 1.0.0c
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0a
OpenSSL Project OpenSSL 1.0.0 Beta5
OpenSSL Project OpenSSL 1.0.0 Beta4
OpenSSL Project OpenSSL 0.9.8X
OpenSSL Project OpenSSL 0.9.8w
OpenSSL Project OpenSSL 0.9.8t
OpenSSL Project OpenSSL 0.9.8s
OpenSSL Project OpenSSL 0.9.8R
OpenSSL Project OpenSSL 0.9.8Q
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8o
OpenSSL Project OpenSSL 0.9.8n
OpenSSL Project OpenSSL 0.9.8m
OpenSSL Project OpenSSL 0.9.8l
OpenSSL Project OpenSSL 0.9.8g
OpenSSL Project OpenSSL 0.9.8f
OpenSSL Project OpenSSL 0.9.8 f
OpenSSL Project OpenSSL 0.9.8v
NetApp Data ONTAP 7.0.2
NetApp Data ONTAP 7.0.1
NetApp Data ONTAP 7.0
NetApp Data ONTAP 6.5
NetApp Data ONTAP 6.4
NetApp Data ONTAP 6.0
NetApp Data ONTAP 7.3.2
NetApp Data ONTAP 7.3.1.1
NetApp Data ONTAP 7.3.1
NetApp Data ONTAP 7.3
NetApp Data ONTAP 7.2.4
Metasploit Project Metasploit Framework 4.1.0
McAfee Web Gateway 7.1.5.2
McAfee Web Gateway 7.1.5.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Juniper Networks JUNOS 11.2R1
Juniper Networks JUNOS 11.1R4
Juniper Networks JUNOS 11.1
Juniper Networks JUNOS 10.4R6
Juniper Networks JUNOS 10.4
Juniper Networks JUNOS 10.3
Juniper Networks JUNOS 10.2R3
Juniper Networks JUNOS 10.2R2
Juniper Networks JUNOS 10.2
Juniper Networks JUNOS 10.1
Juniper Networks JUNOS 10.0S18
Juniper Networks JUNOS 10.0
IBM WebSphere DataPower SOA Appliance Firmware 4.0.1
IBM Tivoli Storage Productivity Center 4.2.1.185
IBM Tivoli Storage Productivity Center 4.2.1 Fix Pack 4
IBM Tivoli Storage Productivity Center 4.2.1
IBM Tivoli Management Framework 4.1.1
IBM Scale Out Network Attached Storage 1.3.0.5
IBM Scale Out Network Attached Storage 1.3.0.4
IBM Rational ClearQuest 7.1.1 02
IBM Rational ClearQuest 7.1.1
IBM Rational ClearQuest 8.0.0.2
IBM Rational ClearQuest 8.0.0.1
IBM Rational ClearQuest 7.1.2.6
IBM Rational ClearQuest 7.1.2.2
IBM Rational ClearQuest 7.1.2.1
IBM Rational ClearQuest 7.1.2
IBM Rational ClearQuest 7.1.1.9
IBM Rational ClearQuest 7.1.1.5
IBM Rational ClearQuest 7.1.1.4
IBM IBM Rational ClearQuest 8.0
IBM IBM Rational ClearQuest 7.1.2.5
IBM Cognos Express 9.5
IBM Cognos Express 10.1
IBM AIX 7.1
IBM AIX 7.1
IBM AIX 6.1
IBM AIX 5.3
HP SSL for OpenVMS 1.4-453
HP Intelligent Management Center (IMC) 0
HP HP-UX B.11.31
HP HP-UX B.11.11
Google Chrome OS 0.9.130.14 Beta
Gentoo Linux
FreeBSD Freebsd 9.0-STABLE
FreeBSD Freebsd 9.0-RELEASE
FreeBSD Freebsd 9.0-RC3
FreeBSD Freebsd 9.0-RC1
FreeBSD FreeBSD 8.0-STABLE
FreeBSD FreeBSD 8.0-RELEASE
Fortinet FortiManager 3.0
Fortinet FortiGate 4.3.6
Fortinet FortiGate 4.3.5
Fortinet FortiClient 3.0.614
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Citrix NetScaler 9.1.100.3
Citrix NetScaler 9.1 build 96.4
Citrix NetScaler 9.1
Citrix NetScaler 9.0 build 70.5
Citrix NetScaler 9.0
Citrix NetScaler 8.1.68.7
Citrix NetScaler 8.1 build 57.3
Citrix NetScaler 8.0 build 47.8
Cisco Wide Area Application Services (WAAS) 0
Cisco Video Surveillance 4000 Series IP Camera 0
Cisco Unified Intelligent Contact Management Enterprise 0
Cisco Unified Contact Center Express 0
Cisco Unified Contact Center Enterprise 0
Cisco TelePresence Video Communication Server (VCS) 0
CentOS CentOS 6
CentOS CentOS 5
Avaya Proactive Contact 5.0
Avaya Message Networking 5.2.1
Avaya Message Networking 5.2.4
Avaya Message Networking 5.2.3
Avaya Message Networking 5.2.2
Avaya Message Networking 5.2 SP1
Avaya Message Networking 5.2
Avaya Meeting Exchange 6.0
Avaya Meeting Exchange 5.1 SP1
Avaya Meeting Exchange 5.1
Avaya IQ 5.2
Avaya IQ 5.1.1
Avaya IQ 5.1
Avaya IQ 5
Avaya IP Office Application Server 8.1
Avaya IP Office Application Server 8.0
Avaya Communication Server 1000M Signaling Server 7.5
Avaya Communication Server 1000M Signaling Server 7.0
Avaya Communication Server 1000M Signaling Server 6.0
Avaya Communication Server 1000M 7.5
Avaya Communication Server 1000M 7.0
Avaya Communication Server 1000M 6.0
Avaya Communication Server 1000E Signaling Server 7.5
Avaya Communication Server 1000E Signaling Server 7.0
Avaya Communication Server 1000E Signaling Server 6.0
Avaya Communication Server 1000E 7.5
Avaya Communication Server 1000E 7.0
Avaya Communication Server 1000E 6.0
Avaya Aura System Platform 6.0.2
Avaya Aura System Platform 6.0.1
Avaya Aura System Platform 6.0 SP3
Avaya Aura System Platform 6.0 SP2
Avaya Aura System Platform 6.0
Avaya Aura System Platform 1.1
Avaya Aura System Manager 6.2
Avaya Aura System Manager 6.1.3
Avaya Aura System Manager 6.1.2
Avaya Aura System Manager 6.1.1
Avaya Aura System Manager 6.1 SP2
Avaya Aura System Manager 6.1 Sp1
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0 SP1
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Session Manager 6.2.1
Avaya Aura Session Manager 6.1.3
Avaya Aura Session Manager 6.1.2
Avaya Aura Session Manager 6.1.1
Avaya Aura Session Manager 6.2
Avaya Aura Session Manager 6.1 SP2
Avaya Aura Session Manager 6.1 Sp1
Avaya Aura Session Manager 6.1
Avaya Aura Session Manager 6.0 SP1
Avaya Aura Session Manager 6.0
Avaya Aura Session Manager 5.2 SP2
Avaya Aura Session Manager 5.2 SP1
Avaya Aura Session Manager 5.2
Avaya Aura Presence Services 6.1.1
Avaya Aura Presence Services 6.1
Avaya Aura Presence Services 6.0
Avaya Aura Messaging 6.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Messaging 6.0.1
Avaya Aura Messaging 6.0
Avaya Aura Experience Portal 6.0
Avaya Aura Conferencing 6.0 Standard
Avaya Aura Conferencing 6.0 SP1 Standard
Avaya Aura Communication Manager Utility Services 6.2
Avaya Aura Communication Manager Utility Services 6.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Communication Manager Utility Services 6.0
Avaya Aura Communication Manager 6.0.1
Avaya Aura Communication Manager 6.0
Avaya Aura Communication Manager 5.1
Avaya Aura Communication Manager 4.0
Avaya Aura Application Server 5300 SIP Core 2.1
Avaya Aura Application Server 5300 SIP Core 2.0
Avaya Aura Application Enablement Services 5.2.1
Avaya Aura Application Enablement Services 6.1.1
Avaya Aura Application Enablement Services 6.1
Avaya Aura Application Enablement Services 5.2.3
Avaya Aura Application Enablement Services 5.2.2
Avaya Aura Application Enablement Services 5.2
Aruba Networks AirWave 7.2.2
Aruba Networks AirWave 7.2
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus