CVE-2014-0224

Hi Everyone,
We have multiple switches being found that have this vulnerability CVE-2014-0224 known as OpenSSL Change CipherSpec Vulnerability. This affects our CATALYST 3750v2 switches is there any mitigations or workaround on this vulnerability other than upgrading its IOS.
Thank you
Sherwin

Firstly, I think you've posted this in the wrong section of the forums (TelePresence).
But, if you read the notices in detail, and especially the ones for each specific product, they will usually let you know a workaround if there is one.
For some of these vulnerabilities mentioned, you need to have physical access to the box, so making sure they're in a secured location is a good first step.

Similar Messages

  • OpenSSL SSL/TLS Man-In-The-Middle Injection Attack CVE-2014-0224

    Can some help me to fix Open SSL Issue in Windows server 2008 R2 CVE-2014-0224 , Please advice

    Hi,
    From the description on Open SSL site, it is fixed in newer versions so could you update to the new version?
    https://www.openssl.org/news/vulnerabilities.html
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
    CVE-2014-0224: 5th June 2014
    An attacker can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. (original advisory).
    Reported by KIKUCHI Masashi (Lepidum Co. Ltd.).
    Fixed in OpenSSL 1.0.1h (Affected 1.0.1g, 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1)
    Fixed in OpenSSL 1.0.0m (Affected 1.0.0l, 1.0.0k, 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0)
    Fixed in OpenSSL 0.9.8za (Affected 0.9.8y, 0.9.8x, 0.9.8w, 0.9.8v, 0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m, 0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8e, 0.9.8d, 0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)
    If you have any feedback on our support, please send to [email protected]

  • OpenSSL vulnerability CVE-2014-0224

    My customer want to know whether ASE is affected by the following OpenSSL vulnerability in http://www.openssl.org/news/secadv_20140605.txt
          SSL/TLS MITM vulnerability (CVE-2014-0224),
          DTLS recursion flaw (CVE-2014-0221)
          DTLS invalid fragment vulnerability (CVE-2014-0195)
          SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
          SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
          Anonymous ECDH denial of service (CVE-2014-3470)
    Can you help me to confirm the above question?

    You have clearly double posted this question in two groups.
    So the first question goes back to you.
    Are you Running SAP Applications on ASE, if so this is not the proper group?

  • High Risk on DMP 4400 and 4310 "OpenSSL MITM CVE-2014-0224"

    I cannot find a patch to fix the problem - is there a fix or should I create a TAC case?
    DMM version - 5.3.0
    4310 and 4400 - version 5.4.1

    Here is what I received for the Dell Response to Openssl vulnerability. 
    After a couple of calls to technical support here is what I'm getting for my iDRAC7 getting flagged by Foundstone security scans for the vulnerability CVE-2014-0224:
    " The OPEN SSL package used here contains multiple components, the component that is impacted and vulnerable is not being used, other components in this package are being used but aren't vulnerable".
    "Dell has determined that the products listed in the attached document are not affected by the vulnerabilities.  Some products have leveraged an older (but not vulnerable) OpenSSL module.  These could be flagged by a scanner.  Dell is currently working on updating the modules to a version that will not be flagged for these issues".
    I've also attempted to upload the document, hopefully it can be viewed or downloaded.
    If this post has helped you please rate it. 
    Thanks
    2376.Dell-ResponseOpenSSLSecurityAdvisory_05_June_2014_final.pdf

  • CSCuq79267 - UCS Apache 2.2 Vulnerability CVE-2014-0118

    I too am seeing this same behavior. Nessus has found this, and 3 other, vulnerabilities with the Apache version provided by the UCS platform.
    Any fixes in the works? We are currently running firmware 2.2(3c). The release notes for 2.2(3d) and 2.2(3e) do not address CVE-2014-0118.
    EDIT:
    2.2(3f) also does not address these vulnerabilities. Does the UCS version of Apache use the modules that are found faulty according to Nessus?
    Nessus is also reporting the following CVEs related to this one: CVE-2013-6438, CVE-2014-0098, CVE-2013-5704, CVE-2014-0226, and CVE-2014-0231.

    Hi,
    Please refer this links,
    Linux GHOST vulnerability (CVE-2015-0235) is not as scary as it looks | Symantec Connect
    https://rhn.redhat.com/errata/RHSA-2015-0090.html
    Regards,
    S27

  • Are you aware about bash security issue CVE-2014-6271 ? Do you have a patch for that? The problem may exist in all Solaris versions.

    Are you aware about bash security issue CVE-2014-6271 ? Do you have a patch for that? The problem may exist in all Solaris versions.

    The official communication is now posted to
        https://blogs.oracle.com/security/entry/security_alert_cve_2014_7169

  • PCI Compliance Azure Websites (CVE-2014-6321)

    Trying to gain PCI compliance of an azure website. Trustwave scan came back as a pass apart from the following:-
    Vulnerability in Security Channel Could Allow Remote Code Execution (MS14-066)/CVE-2014-6321
    Anything I can do? It's post 443 - we have a EV SSL certificate in IP Based SSL.

    I just had a conversation with Trustwave and they are going to disable this check while they figure out a detection without this false positive, so your scans should be fine now. Thank you Trustwave for such a quick response and turn around!

  • CSCur27617: AnyConnect vulnerable to POODLE attack (CVE-2014-3566) Win/Mac/Linux Question

    CSCur27617: AnyConnect vulnerable to POODLE attack (CVE-2014-3566) Win/Mac/Linux
    I wanted to know if the AnyConnect Secure Mobility Client would still be vulnerable to this if it was only connecting via SSL VPN (TLS) to an ASA that already has the workaround implemented on it (Disable SSLv3)?
    Thanks,
    Rob Miele

    Hi Rob , 
    According to the bug: 
    All versions of desktop AnyConnect for Mac OS X and Linux prior to 3.1.00495 are vulnerable , so Anyconnect 3.1.06.073 is safe from POODLE vulnerability 
    On the Anyconnect you can disable the SSL using Ikev2 instead of the SSL protocols , however as the bug mention , the client creates a paralel ssl tunnel to get updates and profile from the router.
    If you're asking to disable SSLv3 on the router , unfortunately there is not code yet , the workaround is to disable the webvpn or upgrade the VPN client.
    As well here is the officil advisory for the POODLE vulnerbility on Cisco Products.
    http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
    Hope it helps
    - Randy - 

  • Sourcefire rule for CVE 2014-1692

    Hi,
    Please mention me the Sourcefire rule number for CVE 2014-1692.
    Best Regards,
    Jackson Ku

    Hi,
    Thanks for your reply. Do you mean no Sourcefire rule for CVE 2014-1692 currently, and we should raise a TAC case to request?
    Best Regards,
    Jackson

  • Bash vulnerability bash CVE-2014-6271 on Cisco devices

    Hi, all,
    Anybody know whether any Cisco devices are vulnerable to  recent bash CVE-2014-6271? I am especially concerned about ASA which opens https to the public.
    Thanks,

    Have a look here: 
    http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_Bash_09252014.html
    and here:
    http://tools.cisco.com/security/center/mcontent/CiscoSecurityAdvisory/cisco-sa-20140926-bash
    Under affected products. 

  • Is patch available for CVE-2014-3566?

    Is patch available for CVE-2014-3566?

    Update your OS X to the latest version plus any security updates.
    Pete

  • Bash bug  CVE-2014-6271 patch availability?

    Hi everyone, does anyone know if Oracle has released a patch for the bash bug?  CVE-2014-6271 link below.
    NVD - Detail
    I'm looking for a patch on el5uek and el6uek I'm using: 2.6.39-400.126.1.el5uek, 2.6.39-400.21.1.el6uek.x86_64
    thanks!

    Check the following:
    [root@vm110 ~]# yum -y install yum-security
    [root@vm110 ~]# yum list-security | grep bash
    This system is not registered with ULN.
    You can use up2date --register to register.
    ULN support will be disabled.
    ELSA-2014-1293 security bash-3.2-33.el5.1.x86_64
    [root@vm110 ~]# yum info-security ELSA-2014-1293
    Loaded plugins: rhnplugin, security
    This system is not registered with ULN.
    You can use up2date --register to register.
    ULN support will be disabled.
    ===============================================================================
       bash security update
    ===============================================================================
      Update ID : ELSA-2014-1293
        Release : Oracle Linux 5
           Type : security
         Status : final
         Issued : 2014-09-24
           CVEs : CVE-2014-6271
    Description : [4.1.2-15.1]
                : - Check for fishy environment
                :   Resolves: #1141645
       Solution : This update is available via the Unbreakable Linux Network (ULN)
                : and the Oracle Public Yum Server. Details on how
                : to use ULN or http://public-yum.oracle.com to
                : apply this update are available at
                : http://linux.oracle.com/applying_updates.html.
         Rights : Copyright 2014 Oracle, Inc.
       Severity : Critical
    info-security done
    [root@vm110 ~]# yum -y install bash-3.2-33.el5.1
    If you cannot see the above and do not pay for a subscription, make sure you have correct yum repository setup.
    See Oracle Public Yum Server for details.
    To install:
    [root@vm110 ~]# yum -y install bash-3.2-33.el5.1

  • Bash bug  CVE-2014-6271 patch availability for OL4?

    Hi,
    Kindly advise how to download the CVE-2014-7169  CVE-2014-6271 security patches for Oracle Linux 4?
    Rgds;
    Shirley

    Exactly the same way as you would for OL5, OL6 or OL7: either connect your machine to the Unbreakable Linux Network or public-yum.oracle.com and use the up2date tool to upgrade bash.

  • Are any versions of Firefox susceptable to Heartbleed bug CVE-2014-0160 ?

    Do any versions of Firefox use OpenSSL?
    if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified.
    As covered in:
    http://heartbleed.com/
    http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

    An interesting article on the Heartbleed vulnerability and its probable extent
    * http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/

  • Regarding CVE-2014-0510

    Regarding CVE-2014-0510, the CVE only references 12.0.0.77; however, none of the updates since address this CVE.  Is this vulnerability still outstanding in current versions?

    Hi,
    As far as I know, ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file.
    If you are not using the above version of Intel Indeo Video, then systems are not affected.
    In addition, it is recommended to keep Windows machines fully patched.
    More information for you:
    Vulnerability Summary for CVE-2014-3735
    https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3735
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
    Best Regards,
    Amy
    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]

Maybe you are looking for

  • Carriage Returns / Line Breaks & PDF

    I have a requirement to display a customers address in 1 column of a PDF report. The address is stored in the RPD as Address1, Address2, etc. etc. I use the answer of the question "Carriage Returns / Line Breaks" as a basic startup. ( Question Regist

  • Windows Experience Index 5.9 - Do I Need A New Hard Drive?

    System C Drive is an SSD, A is a RAID 0 (2 x 2 TB SATA III) and B is a RAID 0 (2 x 1.5 TB SATA II) The WEI was 7.2, but is now 5.9, because of 'Data Transfer Rate'  I get no other fail indications. I performed the PPMB6, although the 'statistics' fun

  • 2011 MBP display went black

    My 15" MBP was bought last month. I started up my MBP this morning I heard the machine running sound and saw the power light turned on. However, the screen was totally black till loaded to the login page. I forced to shut down by pressing the power b

  • How to unlock foreign iPhone?

    Hi, my iPhone is locked to a French network (I got it on a contract while studying in France). My French network operator has passed my details on to Apple for unlocking (I have checked twice). However when I restore it it doesn't get unlocked. I sus

  • Abap-hr-2

    10 important latest question on hr-abap please