The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. |
|
 |
|
|
Synthesis of the vulnerability 
An attacker, located as a Man-in-the-Middle, can decrypt a SSL 3.0 session, in order to obtain sensitive information.
Impacted systems: SES, SNS, Apache httpd, Arkoon FAST360, ArubaOS, Asterisk Open Source, BES, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, GAiA, CheckPoint IP Appliance, IPSO, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Cisco ASR, Cisco ACE, ASA, AsyncOS, Cisco CSS, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, IronPort Email, Nexus by Cisco, NX-OS, Prime Infrastructure, Cisco PRSM, Cisco Router, WebNS, Clearswift Email Gateway, Clearswift Web Gateway, CUPS, Debian, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiManager, FortiManager Virtual Appliance, FortiOS, FreeBSD, F-Secure AV, hMailServer, HPE BSM, HP Data Protector, HPE NNMi, HP Operations, ProCurve Switch, SiteScope, HP Switch, TippingPoint IPS, HP-UX, AIX, Domino by IBM, Notes by IBM, Security Directory Server, SPSS Data Collection, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, IVE OS, Juniper J-Series, Junos OS, Junos Space, Junos Space Network Management Platform, MAG Series by Juniper, NSM Central Manager, NSMXpress, Juniper SA, McAfee Email and Web Security, McAfee Email Gateway, ePO, VirusScan, McAfee Web Gateway, IE, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, Windows Vista, NETASQ, NetBSD, NetScreen Firewall, ScreenOS, nginx, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Oracle DB, Oracle Fusion Middleware, Oracle Identity Management, Oracle OIT, Solaris, Tuxedo, WebLogic, Palo Alto Firewall PA***, PAN-OS, Polycom CMA, HDX, RealPresence Collaboration Server, RealPresence Distributed Media Application, Polycom VBP, Postfix, SSL protocol, Puppet, RHEL, JBoss EAP by Red Hat, RSA Authentication Manager, ROS, ROX, RuggedSwitch, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, vCenter Server, VMware vSphere, VMware vSphere Hypervisor, WinSCP.
Severity of this alert: 3/4.
Creation date: 15/10/2014.
Références of this alert: 10923, 1589583, 1595265, 1653364, 1657963, 1663874, 1687167, 1687173, 1687433, 1687604, 1687611, 1690160, 1690185, 1690342, 1691140, 1692551, 1695392, 1696383, 1699051, 1700706, 2977292, 3009008, 7036319, aid-10142014, AST-2014-011, bulletinapr2015, bulletinjan2015, bulletinjan2016, bulletinjul2015, bulletinjul2016, bulletinoct2015, c04486577, c04487990, c04492722, c04497114, c04506802, c04510230, c04567918, c04616259, c04626982, c04676133, c04776510, CERTFR-2014-ALE-007, CERTFR-2014-AVI-454, CERTFR-2014-AVI-509, CERTFR-2015-AVI-169, CERTFR-2016-AVI-303, cisco-sa-20141015-poodle, cpujul2017, CTX216642, CVE-2014-3566, DSA-3053-1, DSA-3253-1, DSA-3489-1, ESA-2014-178, ESA-2015-098, ESXi500-201502001, ESXi500-201502101-SG, ESXi510-201503001, ESXi510-201503001-SG, ESXi510-201503101-SG, ESXi550-201501001, ESXi550-201501101-SG, FEDORA-2014-12989, FEDORA-2014-12991, FEDORA-2014-13012, FEDORA-2014-13017, FEDORA-2014-13040, FEDORA-2014-13069, FEDORA-2014-13070, FEDORA-2014-13444, FEDORA-2014-13451, FEDORA-2014-13764, FEDORA-2014-13777, FEDORA-2014-13781, FEDORA-2014-13794, FEDORA-2014-14234, FEDORA-2014-14237, FEDORA-2014-15379, FEDORA-2014-15390, FEDORA-2014-15411, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2015-9090, FEDORA-2015-9110, FreeBSD-SA-14:23.openssl, FSC-2014-8, HPSBGN03256, HPSBGN03305, HPSBGN03332, HPSBHF03156, HPSBHF03300, HPSBMU03152, HPSBMU03184, HPSBMU03213, HPSBMU03416, HPSBUX03162, HPSBUX03194, JSA10656, MDVSA-2014:203, MDVSA-2014:218, MDVSA-2015:062, NetBSD-SA2014-015, nettcp_advisory, openSUSE-SU-2014:1331-1, openSUSE-SU-2014:1384-1, openSUSE-SU-2014:1395-1, openSUSE-SU-2014:1426-1, openSUSE-SU-2016:0640-1, openSUSE-SU-2016:1586-1, openSUSE-SU-2017:0980-1, PAN-SA-2014-0005, POODLE, RHSA-2014:1652-01, RHSA-2014:1653-01, RHSA-2014:1692-01, RHSA-2014:1920-01, RHSA-2014:1948-01, RHSA-2015:0010-01, RHSA-2015:0011-01, RHSA-2015:0012-01, RHSA-2015:1545-01, RHSA-2015:1546-01, SA83, SB10090, SB10104, sk102989, SOL15702, SP-CAAANKE, SP-CAAANST, SPL-91947, SPL-91948, SSA:2014-288-01, SSA-396873, SSA-472334, SSRT101767, STORM-2014-02-FR, SUSE-SU-2014:1357-1, SUSE-SU-2014:1361-1, SUSE-SU-2014:1386-1, SUSE-SU-2014:1387-1, SUSE-SU-2014:1387-2, SUSE-SU-2014:1409-1, SUSE-SU-2015:0010-1, SUSE-SU-2016:1457-1, SUSE-SU-2016:1459-1, T1021439, TSB16540, USN-2839-1, VIGILANCE-VUL-15485, VMSA-2015-0001, VMSA-2015-0001.1, VMSA-2015-0001.2, VN-2014-003, VU#577193.
Description of the vulnerability 
An SSL/TLS session can be established using several protocols:
- SSL 2.0 (obsolete)
- SSL 3.0
- TLS 1.0
- TLS 1.1
- TLS 1.2
An attacker can downgrade the version to SSLv3. However, with SSL 3.0, an attacker can change the padding position with a CBC encryption, in order to progressively guess clear text fragments.
This vulnerability is named POODLE (Padding Oracle On Downgraded Legacy Encryption).
An attacker, located as a Man-in-the-Middle, can therefore decrypt a SSL 3.0 session, in order to obtain sensitive information. Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
This weakness announce impacts software or systems such as SES, SNS, Apache httpd, Arkoon FAST360, ArubaOS, Asterisk Open Source, BES, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, GAiA, CheckPoint IP Appliance, IPSO, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Cisco ASR, Cisco ACE, ASA, AsyncOS, Cisco CSS, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, IronPort Email, Nexus by Cisco, NX-OS, Prime Infrastructure, Cisco PRSM, Cisco Router, WebNS, Clearswift Email Gateway, Clearswift Web Gateway, CUPS, Debian, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiManager, FortiManager Virtual Appliance, FortiOS, FreeBSD, F-Secure AV, hMailServer, HPE BSM, HP Data Protector, HPE NNMi, HP Operations, ProCurve Switch, SiteScope, HP Switch, TippingPoint IPS, HP-UX, AIX, Domino by IBM, Notes by IBM, Security Directory Server, SPSS Data Collection, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, IVE OS, Juniper J-Series, Junos OS, Junos Space, Junos Space Network Management Platform, MAG Series by Juniper, NSM Central Manager, NSMXpress, Juniper SA, McAfee Email and Web Security, McAfee Email Gateway, ePO, VirusScan, McAfee Web Gateway, IE, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, Windows Vista, NETASQ, NetBSD, NetScreen Firewall, ScreenOS, nginx, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Oracle DB, Oracle Fusion Middleware, Oracle Identity Management, Oracle OIT, Solaris, Tuxedo, WebLogic, Palo Alto Firewall PA***, PAN-OS, Polycom CMA, HDX, RealPresence Collaboration Server, RealPresence Distributed Media Application, Polycom VBP, Postfix, SSL protocol, Puppet, RHEL, JBoss EAP by Red Hat, RSA Authentication Manager, ROS, ROX, RuggedSwitch, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, vCenter Server, VMware vSphere, VMware vSphere Hypervisor, WinSCP.
Our Vigil@nce team determined that the severity of this vulnerability alert is important.
The trust level is of type confirmed by the editor, with an origin of internet client.
An attacker with a expert ability can exploit this computer threat announce.
Solutions for this threat 
OpenSSL: version 1.0.1j.
The version 1.0.1j is fixed:
https://www.openssl.org/
OpenSSL: version 1.0.0o.
The version 1.0.0o is fixed:
https://www.openssl.org/
OpenSSL: version 0.9.8zc.
The version 0.9.8zc is fixed:
https://www.openssl.org/
OpenSSL: patch for POODLE, TLS_FALLBACK_SCSV.
A patch is available in information sources.
With this patch, SSLv3 can still be used, by implementing TLS_FALLBACK_SCSV. The PDF document explains how it works.
Apache httpd: workaround for POODLE.
A workaround is to disable SSLv3 (be aware of compatibility issues with Internet Explorer 6), in httpd.conf :
SSLProtocol All -SSLv2 -SSLv3
Arkoon, Netasq: solution for POODLE.
The solution is indicated in information sources.
Aruba: solution for POODLE.
The solution is indicated in information sources.
Asterisk: solution for POODLE.
The following versiosn are fixed: 1.8.28-cert2, 1.8.31.1, 11.6-cert7, 11.13.1, 12.6.1.
BlackBerry Enterprise Server: solution for POODLE.
The solution is indicated in information sources.
Blue Coat: solution for POODLE.
The solution is indicated in information sources.
Check Point: solution against POODLE.
The solution is indicated in information sources.
Cisco: solution for POODLE.
The solution is indicated in information sources.
Citrix NetScaler: fixed versions for LOM Firmware.
Fixed versions are indicated in information sources.
Citrix NetScaler Platform IPMI LOM: solution.
The solution is indicated in information sources.
Clearswift SECURE Email Gateway: version 3.8.4.
The version 3.8.4 is fixed:
http://www.clearswift.com/
Clearswift SECURE Web Gateway: version 3.2.4.
The version 3.2.4 is fixed:
http://www.clearswift.com/
CUPS: version 2.0.1.
The version 2.0.1 is fixed:
http://www.cups.org/software.php
Debian: new lighttpd packages.
New packages are available:
Debian 7: lighttpd 1.4.31-4+deb7u4
Debian: new openssl packages.
New packages are available:
Debian 7: openssl 1.0.1e-2+deb7u13
Debian: new pound packages.
New packages are available:
Debian 7: pound 2.6-2+deb7u1
Debian 8: pound 2.6-6+deb8u1
Extreme Networks: solution for POODLE.
The solution is indicated in information sources.
F5 BIG-IP: workaround for POODLE.
A workaround is indicated in the information source.
Fedora 20: new deluge packages.
New packages are available:
Fedora 20: deluge 1.3.10-1.fc20
Fedora: new claws-mail packages.
New packages are available:
Fedora 19: claws-mail 3.11.1-2.fc19
Fedora 20: claws-mail 3.11.1-2.fc20
Fedora: new claws-mail-plugins packages.
New packages are available:
Fedora 19: claws-mail-plugins 3.11.1-1.fc19
Fedora 20: claws-mail-plugins 3.11.1-1.fc20
Fedora: new fossil packages.
New packages are available:
Fedora 21: fossil 1.33-1.fc21
Fedora 22: fossil 1.33-1.fc22
Fedora: new libetpan packages.
New packages are available:
Fedora 19: libetpan 1.6-1.fc19
Fedora 20: libetpan 1.6-1.fc20
Fedora: new libuv packages.
New packages are available:
Fedora 19: libuv 0.10.29-1.fc19
Fedora 20: libuv 0.10.29-1.fc20
Fedora 21: libuv 0.10.29-1.fc21
Fedora: new mingw-openssl packages.
New packages are available:
Fedora 20: mingw-openssl 1.0.1j-1.fc20
Fedora 21: mingw-openssl 1.0.1j-1.fc21
Fedora: new nodejs packages.
New packages are available:
Fedora 19: nodejs 0.10.33-1.fc19
Fedora 20: nodejs 0.10.33-1.fc20
Fedora 21: nodejs 0.10.33-1.fc21
Fedora: new openssl packages.
New packages are available:
Fedora 19: openssl 1.0.1e-40.fc19
Fedora 20: openssl 1.0.1e-40.fc20
Fedora: new Pound packages.
New packages are available:
Fedora 19: Pound 2.6-8.fc19
Fedora 20: Pound 2.6-8.fc20
Fedora: new python-rhsm packages.
New packages are available:
Fedora 19: python-rhsm 1.13.6-1.fc19
Fedora 20: python-rhsm 1.13.6-1.fc20
Fedora: new rubygem-httpclient packages.
New packages are available:
Fedora 20: rubygem-httpclient 2.4.0-2.fc20
Fedora 19: rubygem-httpclient 2.4.0-2.fc19
Fedora: new subscription-manager packages.
New packages are available:
Fedora 20: subscription-manager 1.13.6-1.fc20
Fedora: new webkitgtk3 packages.
New packages are available:
Fedora 20: webkitgtk3 2.2.8-2.fc20
Fedora 19: webkitgtk3 2.0.4-4.fc19
Fedora: new zarafa packages.
New packages are available:
Fedora 19: zarafa 7.1.11-1.fc19
Fedora 20: zarafa 7.1.11-1.fc20
Firefox: workaround pour POODLE.
A workaround is to disable SSLv3 (be aware of compatibility issues).
In order to do so, in about:config set security.tls.version.min=1.
Fortinet: solution for POODLE.
The solution is indicated in information sources.
FreeBSD: patch for OpenSSL.
A patch is available in information sources.
FreeBSD 8.4, 9.1, 9.2: http://security.freebsd.org/patches/SA-14:23/openssl-8.4.patch
FreeBSD 9.3: http://security.freebsd.org/patches/SA-14:23/openssl-9.3.patch
FreeBSD 10.0: http://security.freebsd.org/patches/SA-14:23/openssl-10.0.patch
F-Secure: solution for POODLE.
The solution is indicated in information sources. F-Secure states nothing about F-Secure antivus.
hMailServer: version 5.5.2.
The version 5.5.2 is fixed:
https://www.hmailserver.com/download_getfile/?downloadid=236
HP BSM: workaround for POODLE.
A workaround is available:
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01235323?lang=en&cc=us&hpappid=OSPt
HP Business Service Management: patch for POODLE.
A patch is available in information sources.
HP Data Protector: fixed versions for Poodle.
The following versions are fixed:
8.13_206 GRP:
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM00711729
9.03MMR:
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01029738
HP NNMi: solution for POODLE.
The solution is indicated in information sources.
HP Operations: solution for POODLE.
The solution is indicated in information sources.
HP SiteScope: solution for POODLE.
The solution is indicated in information sources.
HP Switch: solution for OpenSSL.
The solution is indicated in information sources.
HP TippingPoint Intrusion Prevention System: solution for POODLE.
The solution is indicated in information sources.
HP-UX: fixed versions of OpenSSL.
Versions OpenSSL are fixed:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I
HP-UX B.11.11: version A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot
HP-UX B.11.23: version A.00.09.08zc.002a_HP-UX_B.11.23_IA-PA.depot
HP-UX B.11.31: version A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot
HP-UX: workaround for sendmail.
A workaround is indicated in the information source.
IBM AIX: countermeasure for POODLE.
The IBM announce states how to disable SSLv3.
IBM AIX: patch for OpenSSL.
A patch is available. The announce states the applicable patch reference according to the already installed version of OpenSSL.
IBM AIX: patch for system daemons.
A patch is available in information sources. They are related to the tools ftp, sendmail, imapd, popd.
IBM Domino, Notes: solution for POODLE.
Version 9.0.1 Fix Pack 3 is fixed.
The solution for other branches is indicated in information sources.
IBM Security Directory Server: countermeasure for POODLE.
The IBM announce states how to disable SSLv3.
IBM SPSS Data Collection: solution for POODLE.
The solution is indicated in information sources.
IBM Tivoli Workload Scheduler: solution for OpenSSL.
The solution is indicated in information sources.
IE: workaround pour POODLE.
A workaround is to disable SSLv3 (be aware of compatibility issues):
- go in Internet Options
- tab "Avanced"
- uncheck "Use SSL 3.0"
Ipswitch WS_FTP Server: solution for POODLE.
The solution is indicated in information sources.
Juniper: solution for POODLE.
The solution is indicated in information sources.
Mandriva BS2: new openssl packages.
New packages are available:
Mandriva BS2: openssl 1.0.1m-1.mbs2
Mandriva: new asterisk packages.
New packages are available:
Mandriva BS1: asterisk 11.14.1-1.mbs1
Mandriva: new openssl packages.
New packages are available:
Mandriva BS1: openssl 1.0.0o-1.mbs1
McAfee ePO: solution for Oracle JRE.
The solution is indicated in information sources.
McAfee: solution for POODLE.
The solution is indicated in information sources.
NetBSD: patch for OpenSSL.
A patch is available in information sources.
NetIQ Sentinel Log Manager: version 1.2.2.0 HF1.
The version 1.2.2.0 HF1 is fixed:
https://download.novell.com/Download?buildid=Pz1STL6q_Q4~
NetIQ Sentinel: version 7.2 SP2.
The version 7.2 SP2 is fixed:
https://download.novell.com/Download?buildid=SIHFofRnkY0~
nginx: workaround for POODLE.
A workaround is to disable SSLv3 (be aware of compatibility issues with Internet Explorer 6) :
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
Node.js: version 0.10.33.
The version 0.10.33 is fixed:
https://nodejs.org/
openSUSE 13.2: new claws-mail packages.
New packages are available:
openSUSE 13.2: claws-mail 3.11.0-2.4.1
openSUSE Leap: new slrn packages.
New packages are available:
openSUSE Leap 42.1: slrn 1.0.3-4.1
openSUSE Leap 42.2: slrn 1.0.3-4.3.1
openSUSE: new libopenssl0_9_8 packages.
New packages are available:
openSUSE 13.2: libopenssl0_9_8 0.9.8zh-9.3.1
openSUSE Leap 42.1: libopenssl0_9_8 0.9.8zh-14.1
openSUSE: new libserf packages.
New packages are available:
openSUSE 13.2: libserf 1-1-1.3.8-2.4.1
openSUSE 13.1: libserf 1-1-1.3.8-20.1
openSUSE 12.3: libserf 1-0-1.1.1-2.8.1
openSUSE: new monit packages.
New packages are available:
openSUSE Leap 42.1: monit 5.10-10.1
openSUSE: new openssl packages.
New packages are available:
openSUSE 12.3: openssl 1.0.1j-1.68.1
openSUSE 13.1: openssl 1.0.1j-11.56.1
openSUSE 13.2: openssl 1.0.1j-2.4.1
Oracle Database: CPU of July 2017.
A Critical Patch Update is available:
https://support.oracle.com/rs?type=doc&id=2261562.1
Oracle Fusion Middleware: CPU of July 2017.
A Critical Patch Update is available:
https://support.oracle.com/rs?type=doc&id=2261562.1
Palo Alto PAN-OS: solution for POODLE.
The solution is indicated in information sources.
Polycom: solution for POODLE.
The solution is indicated in information sources.
Postfix: workaround for POODLE.
A workaround is to disable SSLv3 (be aware of compatibility issues) :
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
Puppet Enterprise: version 3.7.0.
The version 3.7.0 is fixed:
http://puppetlabs.com/
Puppet: solution for POODLE.
The solution is indicated in information sources.
Red Hat JBoss Enterprise: patch for POODLE.
A patch is available:
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=5.2.0
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.3.0
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=enterpriseweb.platform&downloadType=securityPatches&version=5.2.0
Red Hat JBoss Web Server: patch for openssl.
A patch is available:
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0
Red Hat OpenShift Enterprise: new openshift-origin-node-proxy packages.
New packages are available:
RHEL 6: openshift-origin-node-proxy 1.22.3.4-1.el6op, openshift-origin-node-proxy 1.16.4.2-1.el6op
Red Hat Storage Server: new openssl packages.
New packages are available:
RHEL 6: openssl 1.0.1e-30.el6_6.2
RHEL 5: new openssl packages.
New packages are available:
RHEL 5: openssl 0.9.8e-31.el5_11
RHEL 6, 7: new openssl packages.
New packages are available:
RHEL 6: openssl 1.0.1e-30.el6_6.2
RHEL 7: openssl 1.0.1e-34.el7_0.6
RHEL: new nss packages.
New packages are available:
RHEL 5: nss 3.16.2.3-1.el5_11
RHEL 6: nss 3.16.2.3-3.el6_6
RHEL 7: nss 3.16.2.3-2.el7_0
RSA Authentication Manager: solution for POODLE.
The solution is indicated in information sources.
RSA enVision: solution for POODLE.
The solution is indicated in information sources.
Ruby: solution for POODLE.
The solution is indicated in information sources.
Ruggedcom ROS: version 4.2.0.
The version 4.2.0 is fixed:
http://www.siemens.com/automation/support-request
Ruggedcom ROX: version 2.9.0.
The version 2.9.0 is fixed:
http://www.siemens.com/automation/support-request
Slackware: new openssl packages.
New packages are available:
Slackware 13.0: openssl 0.9.8zc-i486-1_slack13.0
Slackware 13.1: openssl 0.9.8zc-i486-1_slack13.1
Slackware 13.37: openssl 0.9.8zc-i486-1_slack13.37
Slackware 14.0: openssl 1.0.1j-i486-1_slack14.0
Slackware 14.1: openssl 1.0.1j-i486-1_slack14.1
Snare Enterprise Agent: fixed versions for OpenSSL.
Fixed versions are indicated in information sources.
Solaris 11.2: patch for OpenSSL.
A patch is available:
https://support.oracle.com/rs?type=doc&id=1936662.1
Solaris: patch for Third Party 03/2016.
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for Third Party (07/2015).
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for Third Party (08/2015).
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for Third Party (10/2015).
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for Third Party (12/2015).
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for Third Party (15/04/2015).
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for Third Party (17/02/2015).
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for Third Party (19/05/2015).
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Solaris: patch for third party software of July 2016 v1.
A patch is available:
https://support.oracle.com/rs?type=doc&id=1448883.1
Spectracom SecureSync: solution for POODLE.
The solution is indicated in information sources.
Splunk Enterprise: version 5.0.11.
The version 5.0.11 is fixed:
http://www.splunk.com/
Splunk Enterprise: version 6.0.7.
The version 6.0.7 is fixed:
http://www.splunk.com/
Splunk: version 6.1.5.
The version 6.1.5 is fixed:
http://www.splunk.com/
Splunk: workaround for POODLE.
A workaround is to disable SSLv3 (be aware of compatibility issues with Internet Explorer 6).
stunnel: version 5.06.
The version 5.06 is fixed:
https://www.stunnel.org/downloads.html
The version 5.07 fixes a regression error.
SUSE LE 11: new openssl 0.9.8 packages.
New packages are available:
SUSE LE 11: openssl 0.9.8j-0.66.1
SUSE LE 11: new openssl packages.
New packages are available, as indicated in information sources.
SUSE LE 11: new suseRegister packages.
New packages are available:
SUSE LE 11: suseRegister 1.4-1.35.1
SUSE LE: new cyrus-imapd packages.
New packages are available:
SUSE LE 11 SP4: cyrus-imapd 2.3.11-60.65.67.1
SUSE LE 12 RTM: cyrus-imapd 2.3.18-37.1
SUSE LE 12 SP1: cyrus-imapd 2.3.18-37.1
Synology: solution for POODLE.
The solution is indicated in information sources.
Tivoli Workload Scheduler: solution for OpenSSL and Java.
The solution is indicated in information sources.
Ubuntu 14.04: new cups packages.
New packages are available:
Ubuntu 14.04 LTS: cups 1.7.2-0ubuntu1.7
VMware ESXi 5.0: patch ESXi500-201502001.
A patch is available:
http://kb.vmware.com/kb/2101910
VMware ESXi 5.1: patch ESXi510-201503001.
A patch is available:
http://kb.vmware.com/kb/2099286
VMware ESXi 5.5: patch ESXi550-201501001.
A patch is available:
ESXi550-201501001.zip
http://kb.vmware.com/kb/2099265
VMware vCenter Server: version 5.5 Update 2d.
The version 5.5 Update 2d is fixed:
https://www.vmware.com/go/download-vsphere
WebSphere AS: solution for POODLE.
The solution is indicated in information sources.
WebSphere AS: version 8.0.0.10.
The version 8.0.0.10 is fixed:
http://www-01.ibm.com/support/docview.wss?uid=swg24039242
WebSphere AS: version 8.5.5.4.
The version 8.5.5.4 is fixed:
http://www.ibm.com/support/docview.wss?uid=swg24038539
WebSphere MQ: solution.
The solution is indicated in information sources.
WebSphere MQ: workaround for POODLE.
A workaround is forbidding cipher suites which are specific to SSL v3. The list of these suites is provided in the information source.
Windows: workaround for POODLE.
A workaround is indicated in the information source.
Wind River Linux: solution for POODLE.
The solution is indicated in information sources.
WinSCP: version 5.5.6.
The version 5.5.6 is fixed:
http://winscp.net/eng/download.php
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
Computer vulnerabilities tracking service 
Vigil@nce provides computer vulnerability patches. The Vigil@nce vulnerability database contains several thousand vulnerabilities.
|