SlideShare uma empresa Scribd logo

Juniper heartbleed bug

Kappa Data
Kappa Data
Internet
1 de 1
Baixar para ler offline
2014-04 OUT OF CYCLE SECURITY BULLETIN: MULTIPLE PRODUCTS AFFECTED BY OPENSSL “HEARTBLEED” ISSUE (CVE-2014-0160) PROBLEM: The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information (such as private keys, username and passwords, or contents of encrypted traffic) from process memory via crafted packets that trigger a buffer over-read. This issue is also known as The Heartbleed Bug. STATUS OF DIFFERENT OPENSSL VERSIONS: • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable • OpenSSL 1.0.1g is NOT vulnerable • OpenSSL 1.0.0 branch is NOT vulnerable • OpenSSL 0.9.8 branch is NOT vulnerable VULNERABLE PRODUCTS: • Junos OS 13.3R1 (Fixed code is listed in the “Solution” section) • SSL VPN (IVEOS) 7.4r1 and later, and SSL VPN (IVEOS) 8.0r1 and later (Fixed code is listed in the “Solution” section) • UAC 4.4r1 and later, and UAC 5.0r1 and later (Fixed code is listed in the “Solution” section) • Junos Pulse (Desktop) 5.0r1 and later, and Junos Pulse (Desktop) 4.0r5 and later (Fixed code is listed in the “Solution” section) • Network Connect (windows only) version 7.4R5 to 7.4R9.1 & 8.0R1 to 8.0R3.1. (This client is only impacted when used in FIPS mode.) (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on Android version 4.2R1 and higher. (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on iOS version 4.2R1 and higher. (This client is only impacted when used in FIPS mode.)(Fixed code is listed in the “Solution” section) • WebApp Secure (Fixed code is listed in the “Solution” section) • Odyssey client 5.6r5 and later PRODUCTS NOT VULNERABLE: • Junos OS 13.2 and earlier is not vulnerable • Non-FIPS version of Network Connect clients are not vulnerable • SSL VPN (IVEOS) 7.3, 7.2, and 7.1 are not vulnerable • SRX Series is not vulnerable • Junos Space is not vulnerable • NSM is not vulnerable • Pulse 4.0r4 and earlier is not vulnerable • QFabric Director is not vulnerable • CTPView is not vulnerable • vGW/FireFly Host is not vulnerable • Firefly Perimeter is not vulnerable • ScreenOS is not vulnerable • UAC 4.3, 4.2, and 4.1 are not vulnerable • JUNOSe is not vulnerable PRODUCTS CURRENTLY UNDER INVESTIGATION: • Stand Alone IDP Juniper continues to investigate this issue and as new information becomes available this document will be updated. This issue has been assigned CVE-2014-0160.   • Odyssey client 5.6r4 and earlier are not vulnerable • Junos Pulse (Mobile) on iOS (Non-FIPS Mode) • WX-Series is not vulnerable • Junos DDoS Secure is not vulnerable • STRM/JSA is not vulnerable • Media Flow Controller is not vulnerable • SBR Carrier is not vulnerable • SBR Enterprise is not vulnerable • Junos Pulse Mobile Security Suite is not vulnerable • SRC Series is not vulnerable • Junos Pulse Endpoint Profiler is not vulnerable • Smart Pass is not vulnerable • Ring Master is not vulnerable • ADC is not vulnerable

Recomendados

Heartbleed Bug: A case study
Heartbleed Bug: A case studyHeartbleed Bug: A case study
Heartbleed Bug: A case study
Adri Jovin
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basics
amiable_indian
 
Demo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerDemo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scanner
Ajit Dadresa
 
Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013
Puppet
 
nessus
nessusnessus
nessus
Muhammad Yasin
 
FossilDay-Openwrt#1
FossilDay-Openwrt#1FossilDay-Openwrt#1
FossilDay-Openwrt#1
Feri Andriyansah
 
SW3 Presentation 14
SW3 Presentation 14SW3 Presentation 14
SW3 Presentation 14
guestd0ad3d
 
Tulevaisuuden työasema
Tulevaisuuden työasema Tulevaisuuden työasema
Tulevaisuuden työasema
3 Step IT Suomi
 

Recomendados

Heartbleed Bug: A case study
Heartbleed Bug: A case studyHeartbleed Bug: A case study
Heartbleed Bug: A case study
Adri Jovin
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basics
amiable_indian
 
Demo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerDemo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scanner
Ajit Dadresa
 
Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013
Puppet
 
nessus
nessusnessus
nessus
Muhammad Yasin
 
FossilDay-Openwrt#1
FossilDay-Openwrt#1FossilDay-Openwrt#1
FossilDay-Openwrt#1
Feri Andriyansah
 
SW3 Presentation 14
SW3 Presentation 14SW3 Presentation 14
SW3 Presentation 14
guestd0ad3d
 
Tulevaisuuden työasema
Tulevaisuuden työasema Tulevaisuuden työasema
Tulevaisuuden työasema
3 Step IT Suomi
 
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Andrew Carr
 
Managing the SSL Process
Managing the SSL ProcessManaging the SSL Process
Managing the SSL Process
Rocket Software
 
OSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdfOSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdf
Marcus Meissner
 
Apache web-server-security
Apache web-server-securityApache web-server-security
Apache web-server-security
Andrew Carr
 
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuHow To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
VEXXHOST Private Cloud
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.
Khaled Mosharraf
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
Gabriella Davis
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
NCCOMMS
 
Control assistant 4
Control assistant 4Control assistant 4
Control assistant 4
Francisco Lima
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Pine Cove Consulting
 
Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!
Nelson Brito
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
Sophos Benelux
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
Array Networks
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Anant Shrivastava
 
Vulnerability Assessment Report
Vulnerability Assessment ReportVulnerability Assessment Report
Vulnerability Assessment Report
Harshit Singh Bhatia
 
Deployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSDDeployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSD
WO Community
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile World
LINE Corporation
 
Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02
akrammohemmed1
 
Building world-class security response and secure development processes
Building world-class security response and secure development processesBuilding world-class security response and secure development processes
Building world-class security response and secure development processes
David Jorm
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)
Jerome Smith
 
Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.
Kappa Data
 
Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016 Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data
 

Mais conteúdo relacionado

Semelhante a Juniper heartbleed bug

Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Andrew Carr
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.
Khaled Mosharraf
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
Gabriella Davis
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Pine Cove Consulting
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
Array Networks
 

Semelhante a Juniper heartbleed bug (20)

Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
 
Managing the SSL Process
Managing the SSL ProcessManaging the SSL Process
Managing the SSL Process
 
OSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdfOSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdf
 
Apache web-server-security
Apache web-server-securityApache web-server-security
Apache web-server-security
 
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuHow To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
 
Control assistant 4
Control assistant 4Control assistant 4
Control assistant 4
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
 
Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
 
Vulnerability Assessment Report
Vulnerability Assessment ReportVulnerability Assessment Report
Vulnerability Assessment Report
 
Deployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSDDeployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSD
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile World
 
Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02
 
Building world-class security response and secure development processes
Building world-class security response and secure development processesBuilding world-class security response and secure development processes
Building world-class security response and secure development processes
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)
 

Mais de Kappa Data

Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016 Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data
 
Press release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco plPress release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco pl
Kappa Data
 
Juniper round table switching and product overview
Juniper round table switching and product overviewJuniper round table switching and product overview
Juniper round table switching and product overview
Kappa Data
 
Kappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distriKappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distri
Kappa Data
 

Mais de Kappa Data (20)

Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.
 
Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016 Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016
 
Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016 Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016
 
Whitepaper: Digipass Authentication for Pulse Connect Secure
Whitepaper: Digipass Authentication for Pulse Connect Secure Whitepaper: Digipass Authentication for Pulse Connect Secure
Whitepaper: Digipass Authentication for Pulse Connect Secure
 
Press release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco plPress release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco pl
 
Kemp Technologies rises on Gartner's Magical Quadrant for ADC
Kemp Technologies rises on Gartner's Magical Quadrant for ADCKemp Technologies rises on Gartner's Magical Quadrant for ADC
Kemp Technologies rises on Gartner's Magical Quadrant for ADC
 
Barracuda NG Firewalls - high availability
Barracuda NG Firewalls - high availabilityBarracuda NG Firewalls - high availability
Barracuda NG Firewalls - high availability
 
New Barracuda firewall platform
New Barracuda firewall platformNew Barracuda firewall platform
New Barracuda firewall platform
 
Case study vandeputte group def
Case study vandeputte group defCase study vandeputte group def
Case study vandeputte group def
 
Case study vandeputte group def
Case study vandeputte group defCase study vandeputte group def
Case study vandeputte group def
 
Barracuda integration with aerohive
Barracuda integration with aerohiveBarracuda integration with aerohive
Barracuda integration with aerohive
 
Aerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperAerohive and Barracuda Whitepaper
Aerohive and Barracuda Whitepaper
 
Juniper round table switching and product overview
Juniper round table switching and product overviewJuniper round table switching and product overview
Juniper round table switching and product overview
 
Kappa Data Trainings Q2
Kappa Data Trainings Q2Kappa Data Trainings Q2
Kappa Data Trainings Q2
 
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NL
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NLKappa Data Roadshow 2015 - April 8th at Rijswijk, NL
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NL
 
Roadshow 2015 - Agenda
Roadshow 2015 - AgendaRoadshow 2015 - Agenda
Roadshow 2015 - Agenda
 
Kappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distriKappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distri
 
Aerohive promotions
Aerohive promotionsAerohive promotions
Aerohive promotions
 
Pictures new building
Pictures new buildingPictures new building
Pictures new building
 
Case study sofico/juniper
Case study sofico/juniperCase study sofico/juniper
Case study sofico/juniper
 

Último

一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
F
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Monica Sydney
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
Monica Sydney
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Priya Reddy
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 

Último (20)

一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 

Juniper heartbleed bug

  • 1. 2014-04 OUT OF CYCLE SECURITY BULLETIN: MULTIPLE PRODUCTS AFFECTED BY OPENSSL “HEARTBLEED” ISSUE (CVE-2014-0160) PROBLEM: The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information (such as private keys, username and passwords, or contents of encrypted traffic) from process memory via crafted packets that trigger a buffer over-read. This issue is also known as The Heartbleed Bug. STATUS OF DIFFERENT OPENSSL VERSIONS: • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable • OpenSSL 1.0.1g is NOT vulnerable • OpenSSL 1.0.0 branch is NOT vulnerable • OpenSSL 0.9.8 branch is NOT vulnerable VULNERABLE PRODUCTS: • Junos OS 13.3R1 (Fixed code is listed in the “Solution” section) • SSL VPN (IVEOS) 7.4r1 and later, and SSL VPN (IVEOS) 8.0r1 and later (Fixed code is listed in the “Solution” section) • UAC 4.4r1 and later, and UAC 5.0r1 and later (Fixed code is listed in the “Solution” section) • Junos Pulse (Desktop) 5.0r1 and later, and Junos Pulse (Desktop) 4.0r5 and later (Fixed code is listed in the “Solution” section) • Network Connect (windows only) version 7.4R5 to 7.4R9.1 & 8.0R1 to 8.0R3.1. (This client is only impacted when used in FIPS mode.) (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on Android version 4.2R1 and higher. (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on iOS version 4.2R1 and higher. (This client is only impacted when used in FIPS mode.)(Fixed code is listed in the “Solution” section) • WebApp Secure (Fixed code is listed in the “Solution” section) • Odyssey client 5.6r5 and later PRODUCTS NOT VULNERABLE: • Junos OS 13.2 and earlier is not vulnerable • Non-FIPS version of Network Connect clients are not vulnerable • SSL VPN (IVEOS) 7.3, 7.2, and 7.1 are not vulnerable • SRX Series is not vulnerable • Junos Space is not vulnerable • NSM is not vulnerable • Pulse 4.0r4 and earlier is not vulnerable • QFabric Director is not vulnerable • CTPView is not vulnerable • vGW/FireFly Host is not vulnerable • Firefly Perimeter is not vulnerable • ScreenOS is not vulnerable • UAC 4.3, 4.2, and 4.1 are not vulnerable • JUNOSe is not vulnerable PRODUCTS CURRENTLY UNDER INVESTIGATION: • Stand Alone IDP Juniper continues to investigate this issue and as new information becomes available this document will be updated. This issue has been assigned CVE-2014-0160.   • Odyssey client 5.6r4 and earlier are not vulnerable • Junos Pulse (Mobile) on iOS (Non-FIPS Mode) • WX-Series is not vulnerable • Junos DDoS Secure is not vulnerable • STRM/JSA is not vulnerable • Media Flow Controller is not vulnerable • SBR Carrier is not vulnerable • SBR Enterprise is not vulnerable • Junos Pulse Mobile Security Suite is not vulnerable • SRC Series is not vulnerable • Junos Pulse Endpoint Profiler is not vulnerable • Smart Pass is not vulnerable • Ring Master is not vulnerable • ADC is not vulnerable