SlideShare una empresa de Scribd logo

Juniper heartbleed bug

Kappa Data
Kappa Data
Internet
1 de 1
Descargar para leer sin conexión
2014-04 OUT OF CYCLE SECURITY BULLETIN: MULTIPLE PRODUCTS AFFECTED BY OPENSSL “HEARTBLEED” ISSUE (CVE-2014-0160) PROBLEM: The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information (such as private keys, username and passwords, or contents of encrypted traffic) from process memory via crafted packets that trigger a buffer over-read. This issue is also known as The Heartbleed Bug. STATUS OF DIFFERENT OPENSSL VERSIONS: • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable • OpenSSL 1.0.1g is NOT vulnerable • OpenSSL 1.0.0 branch is NOT vulnerable • OpenSSL 0.9.8 branch is NOT vulnerable VULNERABLE PRODUCTS: • Junos OS 13.3R1 (Fixed code is listed in the “Solution” section) • SSL VPN (IVEOS) 7.4r1 and later, and SSL VPN (IVEOS) 8.0r1 and later (Fixed code is listed in the “Solution” section) • UAC 4.4r1 and later, and UAC 5.0r1 and later (Fixed code is listed in the “Solution” section) • Junos Pulse (Desktop) 5.0r1 and later, and Junos Pulse (Desktop) 4.0r5 and later (Fixed code is listed in the “Solution” section) • Network Connect (windows only) version 7.4R5 to 7.4R9.1 & 8.0R1 to 8.0R3.1. (This client is only impacted when used in FIPS mode.) (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on Android version 4.2R1 and higher. (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on iOS version 4.2R1 and higher. (This client is only impacted when used in FIPS mode.)(Fixed code is listed in the “Solution” section) • WebApp Secure (Fixed code is listed in the “Solution” section) • Odyssey client 5.6r5 and later PRODUCTS NOT VULNERABLE: • Junos OS 13.2 and earlier is not vulnerable • Non-FIPS version of Network Connect clients are not vulnerable • SSL VPN (IVEOS) 7.3, 7.2, and 7.1 are not vulnerable • SRX Series is not vulnerable • Junos Space is not vulnerable • NSM is not vulnerable • Pulse 4.0r4 and earlier is not vulnerable • QFabric Director is not vulnerable • CTPView is not vulnerable • vGW/FireFly Host is not vulnerable • Firefly Perimeter is not vulnerable • ScreenOS is not vulnerable • UAC 4.3, 4.2, and 4.1 are not vulnerable • JUNOSe is not vulnerable PRODUCTS CURRENTLY UNDER INVESTIGATION: • Stand Alone IDP Juniper continues to investigate this issue and as new information becomes available this document will be updated. This issue has been assigned CVE-2014-0160.   • Odyssey client 5.6r4 and earlier are not vulnerable • Junos Pulse (Mobile) on iOS (Non-FIPS Mode) • WX-Series is not vulnerable • Junos DDoS Secure is not vulnerable • STRM/JSA is not vulnerable • Media Flow Controller is not vulnerable • SBR Carrier is not vulnerable • SBR Enterprise is not vulnerable • Junos Pulse Mobile Security Suite is not vulnerable • SRC Series is not vulnerable • Junos Pulse Endpoint Profiler is not vulnerable • Smart Pass is not vulnerable • Ring Master is not vulnerable • ADC is not vulnerable

Recomendados

Heartbleed Bug: A case study
Heartbleed Bug: A case studyHeartbleed Bug: A case study
Heartbleed Bug: A case studyAdri Jovin
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 
Demo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerDemo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerAjit Dadresa
 
Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet
 
nessus
nessusnessus
nessusMuhammad Yasin
 
FossilDay-Openwrt#1
FossilDay-Openwrt#1FossilDay-Openwrt#1
FossilDay-Openwrt#1Feri Andriyansah
 
SW3 Presentation 14
SW3 Presentation 14SW3 Presentation 14
SW3 Presentation 14guestd0ad3d
 
Tulevaisuuden työasema
Tulevaisuuden työasema Tulevaisuuden työasema
Tulevaisuuden työasema 3 Step IT Suomi
 

Recomendados

Heartbleed Bug: A case study
Heartbleed Bug: A case studyHeartbleed Bug: A case study
Heartbleed Bug: A case studyAdri Jovin
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 
Demo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerDemo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerAjit Dadresa
 
Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet
 
nessus
nessusnessus
nessusMuhammad Yasin
 
FossilDay-Openwrt#1
FossilDay-Openwrt#1FossilDay-Openwrt#1
FossilDay-Openwrt#1Feri Andriyansah
 
SW3 Presentation 14
SW3 Presentation 14SW3 Presentation 14
SW3 Presentation 14guestd0ad3d
 
Tulevaisuuden työasema
Tulevaisuuden työasema Tulevaisuuden työasema
Tulevaisuuden työasema 3 Step IT Suomi
 
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Andrew Carr
 
Managing the SSL Process
Managing the SSL ProcessManaging the SSL Process
Managing the SSL ProcessRocket Software
 
OSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdfOSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdfMarcus Meissner
 
Apache web-server-security
Apache web-server-securityApache web-server-security
Apache web-server-securityAndrew Carr
 
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuHow To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuVEXXHOST Private Cloud
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Khaled Mosharraf
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)Gabriella Davis
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoNCCOMMS
 
Control assistant 4
Control assistant 4Control assistant 4
Control assistant 4Francisco Lima
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpPine Cove Consulting
 
Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!Nelson Brito
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide Array Networks
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
 
Vulnerability Assessment Report
Vulnerability Assessment ReportVulnerability Assessment Report
Vulnerability Assessment ReportHarshit Singh Bhatia
 
Deployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSDDeployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSDWO Community
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldLINE Corporation
 
Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02akrammohemmed1
 
Building world-class security response and secure development processes
Building world-class security response and secure development processesBuilding world-class security response and secure development processes
Building world-class security response and secure development processesDavid Jorm
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)Jerome Smith
 
Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.Kappa Data
 
Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016 Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016 Kappa Data
 

Más contenido relacionado

Similar a Juniper heartbleed bug

Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Andrew Carr
 
Managing the SSL Process
Managing the SSL ProcessManaging the SSL Process
Managing the SSL ProcessRocket Software
 
OSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdfOSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdfMarcus Meissner
 
Apache web-server-security
Apache web-server-securityApache web-server-security
Apache web-server-securityAndrew Carr
 
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuHow To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuVEXXHOST Private Cloud
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Khaled Mosharraf
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)Gabriella Davis
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoNCCOMMS
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpPine Cove Consulting
 
Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!Nelson Brito
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide Array Networks
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
 
Deployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSDDeployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSDWO Community
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldLINE Corporation
 
Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02akrammohemmed1
 
Building world-class security response and secure development processes
Building world-class security response and secure development processesBuilding world-class security response and secure development processes
Building world-class security response and secure development processesDavid Jorm
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)Jerome Smith
 

Similar a Juniper heartbleed bug (20)

Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
Why you are not secure: Apache, OpenSSL, and PHP (Intermediate Talk)
 
Managing the SSL Process
Managing the SSL ProcessManaging the SSL Process
Managing the SSL Process
 
OSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdfOSC2023_security_automation_data.pdf
OSC2023_security_automation_data.pdf
 
Apache web-server-security
Apache web-server-securityApache web-server-security
Apache web-server-security
 
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or UbuntuHow To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
How To Mitigate & Fix OpenSSL Heartbeat on CentOS or Ubuntu
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
 
Control assistant 4
Control assistant 4Control assistant 4
Control assistant 4
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
 
Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!Exploit Next Generation®: Missão dada é missão cumprida!
Exploit Next Generation®: Missão dada é missão cumprida!
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
 
Vulnerability Assessment Report
Vulnerability Assessment ReportVulnerability Assessment Report
Vulnerability Assessment Report
 
Deployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSDDeployment of WebObjects applications on FreeBSD
Deployment of WebObjects applications on FreeBSD
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile World
 
Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02Weblicensingwebinar2014141124 141202145340-conversion-gate02
Weblicensingwebinar2014141124 141202145340-conversion-gate02
 
Building world-class security response and secure development processes
Building world-class security response and secure development processesBuilding world-class security response and secure development processes
Building world-class security response and secure development processes
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)
 

Más de Kappa Data

Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.Kappa Data
 
Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016 Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016 Kappa Data
 
Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016 Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016 Kappa Data
 
Whitepaper: Digipass Authentication for Pulse Connect Secure
Whitepaper: Digipass Authentication for Pulse Connect Secure Whitepaper: Digipass Authentication for Pulse Connect Secure
Whitepaper: Digipass Authentication for Pulse Connect Secure Kappa Data
 
Press release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco plPress release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco plKappa Data
 
Kemp Technologies rises on Gartner's Magical Quadrant for ADC
Kemp Technologies rises on Gartner's Magical Quadrant for ADCKemp Technologies rises on Gartner's Magical Quadrant for ADC
Kemp Technologies rises on Gartner's Magical Quadrant for ADCKappa Data
 
Barracuda NG Firewalls - high availability
Barracuda NG Firewalls - high availabilityBarracuda NG Firewalls - high availability
Barracuda NG Firewalls - high availabilityKappa Data
 
New Barracuda firewall platform
New Barracuda firewall platformNew Barracuda firewall platform
New Barracuda firewall platformKappa Data
 
Case study vandeputte group def
Case study vandeputte group defCase study vandeputte group def
Case study vandeputte group defKappa Data
 
Case study vandeputte group def
Case study vandeputte group defCase study vandeputte group def
Case study vandeputte group defKappa Data
 
Barracuda integration with aerohive
Barracuda integration with aerohiveBarracuda integration with aerohive
Barracuda integration with aerohiveKappa Data
 
Aerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperAerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperKappa Data
 
Juniper round table switching and product overview
Juniper round table switching and product overviewJuniper round table switching and product overview
Juniper round table switching and product overviewKappa Data
 
Kappa Data Trainings Q2
Kappa Data Trainings Q2Kappa Data Trainings Q2
Kappa Data Trainings Q2Kappa Data
 
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NL
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NLKappa Data Roadshow 2015 - April 8th at Rijswijk, NL
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NLKappa Data
 
Roadshow 2015 - Agenda
Roadshow 2015 - AgendaRoadshow 2015 - Agenda
Roadshow 2015 - AgendaKappa Data
 
Kappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distriKappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distriKappa Data
 
Aerohive promotions
Aerohive promotionsAerohive promotions
Aerohive promotionsKappa Data
 
Pictures new building
Pictures new buildingPictures new building
Pictures new buildingKappa Data
 
Case study sofico/juniper
Case study sofico/juniperCase study sofico/juniper
Case study sofico/juniperKappa Data
 

Más de Kappa Data (20)

Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.Focus op netwerken en netwerksecurity betaalt zich uit.
Focus op netwerken en netwerksecurity betaalt zich uit.
 
Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016 Kappa Data Kappaloog, editie Nederland - November 2016
Kappa Data Kappaloog, editie Nederland - November 2016
 
Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016 Kappa Data Kappaloog België (in het Nederlands) - November 2016
Kappa Data Kappaloog België (in het Nederlands) - November 2016
 
Whitepaper: Digipass Authentication for Pulse Connect Secure
Whitepaper: Digipass Authentication for Pulse Connect Secure Whitepaper: Digipass Authentication for Pulse Connect Secure
Whitepaper: Digipass Authentication for Pulse Connect Secure
 
Press release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco plPress release kappa data signs distribution agreement with vasco pl
Press release kappa data signs distribution agreement with vasco pl
 
Kemp Technologies rises on Gartner's Magical Quadrant for ADC
Kemp Technologies rises on Gartner's Magical Quadrant for ADCKemp Technologies rises on Gartner's Magical Quadrant for ADC
Kemp Technologies rises on Gartner's Magical Quadrant for ADC
 
Barracuda NG Firewalls - high availability
Barracuda NG Firewalls - high availabilityBarracuda NG Firewalls - high availability
Barracuda NG Firewalls - high availability
 
New Barracuda firewall platform
New Barracuda firewall platformNew Barracuda firewall platform
New Barracuda firewall platform
 
Case study vandeputte group def
Case study vandeputte group defCase study vandeputte group def
Case study vandeputte group def
 
Case study vandeputte group def
Case study vandeputte group defCase study vandeputte group def
Case study vandeputte group def
 
Barracuda integration with aerohive
Barracuda integration with aerohiveBarracuda integration with aerohive
Barracuda integration with aerohive
 
Aerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperAerohive and Barracuda Whitepaper
Aerohive and Barracuda Whitepaper
 
Juniper round table switching and product overview
Juniper round table switching and product overviewJuniper round table switching and product overview
Juniper round table switching and product overview
 
Kappa Data Trainings Q2
Kappa Data Trainings Q2Kappa Data Trainings Q2
Kappa Data Trainings Q2
 
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NL
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NLKappa Data Roadshow 2015 - April 8th at Rijswijk, NL
Kappa Data Roadshow 2015 - April 8th at Rijswijk, NL
 
Roadshow 2015 - Agenda
Roadshow 2015 - AgendaRoadshow 2015 - Agenda
Roadshow 2015 - Agenda
 
Kappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distriKappa data wins channel award 2015 best belgian distri
Kappa data wins channel award 2015 best belgian distri
 
Aerohive promotions
Aerohive promotionsAerohive promotions
Aerohive promotions
 
Pictures new building
Pictures new buildingPictures new building
Pictures new building
 
Case study sofico/juniper
Case study sofico/juniperCase study sofico/juniper
Case study sofico/juniper
 

Último

办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationMarko4394
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 

Último (20)

办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentation
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 

Juniper heartbleed bug

  • 1. 2014-04 OUT OF CYCLE SECURITY BULLETIN: MULTIPLE PRODUCTS AFFECTED BY OPENSSL “HEARTBLEED” ISSUE (CVE-2014-0160) PROBLEM: The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information (such as private keys, username and passwords, or contents of encrypted traffic) from process memory via crafted packets that trigger a buffer over-read. This issue is also known as The Heartbleed Bug. STATUS OF DIFFERENT OPENSSL VERSIONS: • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable • OpenSSL 1.0.1g is NOT vulnerable • OpenSSL 1.0.0 branch is NOT vulnerable • OpenSSL 0.9.8 branch is NOT vulnerable VULNERABLE PRODUCTS: • Junos OS 13.3R1 (Fixed code is listed in the “Solution” section) • SSL VPN (IVEOS) 7.4r1 and later, and SSL VPN (IVEOS) 8.0r1 and later (Fixed code is listed in the “Solution” section) • UAC 4.4r1 and later, and UAC 5.0r1 and later (Fixed code is listed in the “Solution” section) • Junos Pulse (Desktop) 5.0r1 and later, and Junos Pulse (Desktop) 4.0r5 and later (Fixed code is listed in the “Solution” section) • Network Connect (windows only) version 7.4R5 to 7.4R9.1 & 8.0R1 to 8.0R3.1. (This client is only impacted when used in FIPS mode.) (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on Android version 4.2R1 and higher. (Fixed code is listed in the “Solution” section) • Junos Pulse (Mobile) on iOS version 4.2R1 and higher. (This client is only impacted when used in FIPS mode.)(Fixed code is listed in the “Solution” section) • WebApp Secure (Fixed code is listed in the “Solution” section) • Odyssey client 5.6r5 and later PRODUCTS NOT VULNERABLE: • Junos OS 13.2 and earlier is not vulnerable • Non-FIPS version of Network Connect clients are not vulnerable • SSL VPN (IVEOS) 7.3, 7.2, and 7.1 are not vulnerable • SRX Series is not vulnerable • Junos Space is not vulnerable • NSM is not vulnerable • Pulse 4.0r4 and earlier is not vulnerable • QFabric Director is not vulnerable • CTPView is not vulnerable • vGW/FireFly Host is not vulnerable • Firefly Perimeter is not vulnerable • ScreenOS is not vulnerable • UAC 4.3, 4.2, and 4.1 are not vulnerable • JUNOSe is not vulnerable PRODUCTS CURRENTLY UNDER INVESTIGATION: • Stand Alone IDP Juniper continues to investigate this issue and as new information becomes available this document will be updated. This issue has been assigned CVE-2014-0160.   • Odyssey client 5.6r4 and earlier are not vulnerable • Junos Pulse (Mobile) on iOS (Non-FIPS Mode) • WX-Series is not vulnerable • Junos DDoS Secure is not vulnerable • STRM/JSA is not vulnerable • Media Flow Controller is not vulnerable • SBR Carrier is not vulnerable • SBR Enterprise is not vulnerable • Junos Pulse Mobile Security Suite is not vulnerable • SRC Series is not vulnerable • Junos Pulse Endpoint Profiler is not vulnerable • Smart Pass is not vulnerable • Ring Master is not vulnerable • ADC is not vulnerable