nginx CVE-2014-3616 SSL Session Fixation Vulnerability

Bugtraq ID: 70025
Class: Unknown
CVE: CVE-2014-3616
Remote: Yes
Local: No
Published: Aug 06 2014 12:00AM
Updated: Apr 13 2015 09:39PM
Credit: Antoine Delignat-Lavaud and Karthikeyan Bhargavan
Vulnerable: Igor Sysoev nginx 1.1.17
Igor Sysoev nginx 1.0.14
Igor Sysoev nginx 1.0.10
Igor Sysoev nginx 1.0.9
Igor Sysoev nginx 1.0.8
Igor Sysoev nginx 0.8.40
Igor Sysoev nginx 0.8.36
Igor Sysoev nginx 0.8.35
Igor Sysoev nginx 0.8.33
Igor Sysoev nginx 0.8.32
Igor Sysoev nginx 0.8.15
Igor Sysoev nginx 0.8.14
Igor Sysoev nginx 0.7.66
Igor Sysoev nginx 0.7.65
Igor Sysoev nginx 0.7.64
Igor Sysoev nginx 0.7.62
Igor Sysoev nginx 0.7.61
Igor Sysoev nginx 0.7
Igor Sysoev nginx 0.6.39
Igor Sysoev nginx 0.6.38
Igor Sysoev nginx 0.6.36
Igor Sysoev nginx 0.6.32
Igor Sysoev nginx 0.6
Igor Sysoev nginx 1.1.19
Igor Sysoev nginx 1.0.15
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus