Каталог уязвимостей Сканер-ВС

Вернуться к списку

CVE-2014-3566

Оценки

EPSS

0.940высокий94.0%
0%20%40%60%80%100%

Процентиль: 94.0%

CVSS

3.4низкий3.x
0246810

Оценка CVSS: 3.4/10

Все оценки CVSS

CVSS 3.x
3.4

Вектор: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

CVSS 2.0
5.0

Вектор: AV:N/AC:L/Au:N/C:P/I:N/A:N

Описание

Протокол SSL 3.0, используемый в OpenSSL до версии 1.0.1i и других продуктах, использует недетерминированное CBC-заполнение, что облегчает злоумышленникам, находящимся посередине, получение данных в открытом виде через атаку padding-oracle, также известную как проблема “POODLE”.

Сканер-ВС 7 — современное решение для управления уязвимостями

Использует эту базу данных для обнаружения уязвимостей. Высокая скорость поиска, кроссплатформенность, продвинутый аудит конфигурации и гибкая фильтрация. Подходит для организаций любого масштаба.
Подробнее о Сканер-ВС 7

Источники

debiannvdredhatubuntu

CWE

CWE-310

Связанные уязвимости

BDU:2015-00642

Эксплойты

ID эксплойта: CVE-2014-3566

Источник: github-poc

URL: https://github.com/uthrasri/openssl_g2.5_CVE-2014-3566

Рекомендации

Источник: nvd

All claws-mail users should upgrade to the latest version:
# emerge –sync
# emerge –ask –oneshot –verbose “>=mail-client/claws-mail-3.13.2”

URL: https://security.gentoo.org/glsa/201606-11

Источник: nvd

All Oracle JRE 8 users should upgrade to the latest stable version:
# emerge –sync
# emerge –ask –oneshot –verbose “>=dev-java/oracle-jre-bin-1.8.0.31

All Oracle JDK 8 users should upgrade to the latest stable version:
# emerge –sync
# emerge –ask –oneshot –verbose “>=dev-java/oracle-jdk-bin-1.8.0.31

All Oracle JRE 7 users should upgrade to the latest version:
# emerge –sync
# emerge –ask –oneshot –verbose “>=dev-java/oracle-jre-bin-1.7.0.76

All Oracle JDK 7 users should upgrade to the latest stable version:
# emerge –sync
# emerge –ask –oneshot –verbose “>=dev-java/oracle-jdk-bin-1.7.0.76

URL: https://security.gentoo.org/glsa/201507-14

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2015-1546.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2015-1545.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2015-0086.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2015-0085.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2015-0080.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2015-0079.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2015-0068.html

Источник: nvd

Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1948.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1882.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1881.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1880.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1877.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1876.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1692.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1653.html

Источник: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2014-1652.html

Уязвимое ПО (172)

Тип: Конфигурация

Продукт: arora

Операционная система: debian

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: bouncycastle

Операционная система: debian

Характеристика: 
{  "unaffected": true}

Источник: debian

Тип: Конфигурация

Продукт: candlepin

Операционная система: rhel

Характеристика: 
{  "fixed": "0.9.23.1-1.el7"}

Источник: redhat

Тип: Конфигурация

Продукт: chromium-browser

Операционная система: debian

Характеристика: 
{  "fixed": "39.0.2171.71-1"}

Источник: debian

Тип: Конфигурация

Продукт: chromium-browser

Операционная система: debian wheezy 7

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: chromium-browser

Операционная система: debian squeeze 6

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: conkeror

Операционная система: debian

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: cyassl

Операционная система: debian

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: dwb

Операционная система: debian

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: epiphany-browser

Операционная система: debian

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: erlang

Операционная система: debian

Характеристика: 
{  "fixed": "1:17.3-dfsg-3"}

Источник: debian

Тип: Конфигурация

Продукт: erlang

Операционная система: debian squeeze 6

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: erlang

Операционная система: debian wheezy 7

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: foreman

Операционная система: rhel

Характеристика: 
{  "fixed": "1.6.0.49-1.el7sat"}

Источник: redhat

Тип: Конфигурация

Продукт: galeon

Операционная система: debian

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: gnutls26

Операционная система: debian

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: gnutls26

Операционная система: debian squeeze 6

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: gnutls26

Операционная система: debian wheezy 7

Характеристика: 
{  "unfixed": true}

Источник: debian

Тип: Конфигурация

Продукт: gnutls28

Операционная система: debian

Характеристика: 
{  "fixed": "3.3.8-5"}

Источник: debian

Тип: Конфигурация

Продукт: haskell-tls

Операционная система: debian wheezy 7

Характеристика: 
{  "unfixed": true}

Источник: debian