漏洞信息详情
多个TLS/DTLS实现加密问题漏洞
- CNNVD编号:CNNVD-201302-133
- 危害等级: 中危
- CVE编号: CVE-2013-0169
- 漏洞类型: 加密问题
- 发布时间: 2013-02-18
- 威胁类型: 远程
- 更新时间: 2022-04-08
- 厂 商: polarssl
- 漏洞来源: Nadhem AlFardan, R...
漏洞简介
OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层(SSL v2/v3)和安全传输层(TLS v1)协议的通用加密库,它支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。
OpenSSL,OpenJDK,PolarSSL和其它产品中所使用的TLS协议1.1以及1.2,DTLS协议1.0以及1.2中存在漏洞,该漏洞源于程序在处理畸形的CBC填充期间没有正确地研究针对固执的MAC地址检查操作所进行的计时边信道攻击。通过对特制报文的计时数据的统计分析,远程攻击者可利用该漏洞实施区分攻击以及明文恢复攻击。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
http://www.openssl.org/news/secadv_20130204.txt
参考网址
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2013-1456.HTML
来源:CONFIRM
链接:https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.HTML
来源:HP
链接:http://marc.info/?l=bugtraq&m=137545771702053&w=2
来源:CONFIRM
链接:https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
来源:SECUNIA
链接:http://secunia.com/advisories/55139
来源:CONFIRM
链接:https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released
来源:MISC
链接:http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/
来源:MLIST
链接:http://openwall.com/lists/oss-security/2013/02/05/24
来源:CERT
链接:http://www.us-cert.gov/cas/techalerts/TA13-051A.HTML
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2013-0783.HTML
来源:SECTRACK
链接:http://www.securitytracker.com/id/1029190
来源:CONFIRM
链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT5880
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608
来源:HP
链接:http://marc.info/?l=bugtraq&m=136733161405818&w=2
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016
来源:SECUNIA
链接:http://secunia.com/advisories/55108
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.HTML
来源:HP
链接:http://marc.info/?l=bugtraq&m=136396549913849&w=2
来源:SECUNIA
链接:http://secunia.com/advisories/55351
来源:SECUNIA
链接:http://secunia.com/advisories/55350
来源:CONFIRM
链接:http://www.openssl.org/news/secadv_20130204.txt
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21644047
来源:HP
链接:http://marc.info/?l=bugtraq&m=136432043316835&w=2
来源:MANDRIVA
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.HTML
来源:CONFIRM
链接:http://www.splunk.com/view/SP-CAAAHXG
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424
来源:CERT-VN
链接:http://www.kb.cert.org/vuls/id/737740
来源:CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2013/Sep/msg00002.HTML
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2013-0587.HTML
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.HTML
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2013-0833.HTML
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540
来源:BID
链接:https://www.securityfocus.com/bid/57778
来源:FEDORA
链接:http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.HTML
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.HTML
来源:CONFIRM
链接:http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.HTML
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.HTML
来源:DEBIAN
链接:https://www.debian.org/security/2013/dsa-2622
来源:DEBIAN
链接:https://www.debian.org/security/2013/dsa-2621
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2013-0782.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/53623
来源:CONFIRM
链接:http://www.matrixssl.org/news.HTML
来源:GENTOO
链接:http://security.gentoo.org/glsa/glsa-201406-32.xml
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.HTML
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2013-1455.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/55322
来源:MISC
链接:http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
来源:CONFIRM
链接:https://puppet.com/security/cve/cve-2013-0169
来源:HP
链接:http://marc.info/?l=bugtraq&m=136439120408139&w=2
来源:UBUNTU
链接:http://www.ubuntu.com/usn/USN-1735-1
来源:CONFIRM
链接:https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c03883001
来源:www.xerox.com
链接:http://www.xerox.com/download/security/security-bulletin/12047-4e4eed8d42ca6/cert_XRX13-007_v1.0.pdf
来源:downloads.avaya.com
链接:https://downloads.avaya.com/CSS/P8/documents/100172009
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21633674
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21633669
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21644596
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643075
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21632225
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21633311
来源:www.hitachi.co.jp
链接:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-008/index.HTML
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21646460
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21641524
来源:www.vmware.com
链接:http://www.vmware.com/security/advisories/VMSA-2013-0009.HTML
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643316
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21677352
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21649786
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21654360
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21627634
来源:www-304.ibm.com
链接:http://www-304.ibm.com/support/docview.wss?uid=swg21650209
来源:www-304.ibm.com
链接:http://www-304.ibm.com/support/docview.wss?uid=swg21648667
来源:www-304.ibm.com
链接:http://www-304.ibm.com/support/docview.wss?uid=swg21648811
来源:www-304.ibm.com
链接:http://www-304.ibm.com/support/docview.wss?uid=swg21648843
来源:www-304.ibm.com
链接:http://www-304.ibm.com/support/docview.wss?uid=swg21648839
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21639487
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21649711
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21672363
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643437
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21651154
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643972
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21633351
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643439
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004342
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21637525
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=ssg1S1004390
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=isg3T1022151
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=swg21685323
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21641009
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21639549
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21638108
来源:www.ibm.com
链接:http://www.ibm.com/support/docview.wss?uid=swg21639736
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21636324
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21626523
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21635988
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21638670
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21638669
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21641655
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=swg21651503
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=swg21657767
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21650814
来源:www.ibm.com
链接:https://www.ibm.com/support/docview.wss?uid=swg21649999
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21645397
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=swg21653954
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21641324
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21641325
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=ssg1S1004513
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004360
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21642358
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21638184
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21634548
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21638802
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21635888
来源:www-947.ibm.com
链接:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096564
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21633107
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21634946
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21634945
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21636105
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21649701
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21647685
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21639830
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21637998
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21640615
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21645355
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21642703
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21639354
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21634236
来源:www-947.ibm.com
链接:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5094215
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21645082
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21647384
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21637636
来源:www.alienvault.com
链接:https://www.alienvault.com/forums/discussion/5438/security-advisory-alienvault-v5-0-4-addresses-31-vulnerabilities
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21640763
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24035145
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24035161
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24035159
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21633170
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=swg21646583
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21646582
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24035061
来源:downloads.avaya.com
链接:https://downloads.avaya.com/CSS/P8/documents/100171476
来源:www.oracle.com
链接:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.HTML
来源:www.openssl.org
链接:http://www.openssl.org/news/secadv_20130205.txt
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21640533
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21667626
来源:www.hitachi.co.jp
链接:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.HTML
来源:www.hitachi.co.jp
链接:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-018/index.HTML
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21660080
来源:aix.software.ibm.com
链接:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21650811
来源:rhn.redhat.com
链接:https://rhn.redhat.com/errata/RHSA-2013-0782.HTML
来源:rhn.redhat.com
链接:https://rhn.redhat.com/errata/RHSA-2013-0783.HTML
来源:kc.mcafee.com
链接:https://kc.mcafee.com/corporate/index?page=content&id=SB10041
来源:kb.juniper.net
链接:https://kb.juniper.net/InfoCenter/index?cmid=no&page=content&id=jsA10591
来源:downloads.avaya.com
链接:https://downloads.avaya.com/CSS/P8/documents/100170207
来源:rhn.redhat.com
链接:https://rhn.redhat.com/errata/RHSA-2013-0833.HTML
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21640169
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21634069
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004381
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=ssg1S1004345
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24037241
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24033501
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24030251
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=isg400001560
来源:www-304.ibm.com
链接:https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_systems_director_storage_control_is_affected_by_vulnerabilities_in_ibm_java_sdk_cve_2014_0453_cve_2013_5772_cve_2013_5803_cv
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=swg21670968
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=isg400001529
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21638022www-01.ibm.com/support/docview.wss?uid=isg400001530
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643248
来源:www-304.ibm.com
链接:https://www-304.ibm.com/support/docview.wss?uid=swg21647223
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643544
来源:alerts.hp.com
链接:http://alerts.hp.com/r?2.1.3KT.2ZR.xg7ek.JToPrC..T.czDA.807w.bW89MQ%5f%5fDGFEFRO0
来源:h20566.www2.hp.com
链接:https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03701301-1%257CdocLocale%253D%
来源:h20564.www2.hp.com
链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04126444
来源:h20566.www2.hp.com
链接:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748879
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643698
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21650623
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg27021867
来源:www.securityfocus.com
链接:http://www.securityfocus.com/archive/1/526912
来源:seclists.org
链接:http://seclists.org/bugtraq/2013/Jun/att-65/ESA-2013-039.txt
来源:www.securityfocus.com
链接:http://www.securityfocus.com/archive/1/526915
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24035073
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24024222
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24037193
来源:kb.juniper.net
链接:http://kb.juniper.net/InfoCenter/index?page=content&id=jsA10659
来源:kb.juniper.net
链接:https://kb.juniper.net/InfoCenter/index?page=content&id=jsA10575
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21640024
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21637087
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21634544
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21648999
来源:www.stunnel.org
链接:https://www.stunnel.org/sdf_ChangeLog.HTML
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21643832
来源:www.ibm.com
链接:http://www.ibm.com/support/docview.wss?uid=swg21633299
来源:www.ibm.com
链接:http://www.ibm.com/support/docview.wss?uid=swg21633300
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21638270
来源:docs.ipswitch.com
链接:http://docs.ipswitch.com/_Messaging/IMailServer/v12.3/ReleaseNotes/index.htm#link3
来源:lists.opensuse.org
链接:http://lists.opensuse.org/opensuse-updates/2013-03/msg00004.HTML
来源:openssl.org
链接:http://openssl.org/
来源:openjdk.java.net
链接:http://openjdk.java.net/
来源:blogs.oracle.com
链接:https://blogs.oracle.com/sunsecurity/entry/lucky_thirteen_vulnerability_in_sun
来源:blogs.oracle.com
链接:https://blogs.oracle.com/sunsecurity/entry/lucky_thirteen_vulnerability_in_solaris
来源:h20000.www2.hp.com
链接:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03710522
来源:h20564.www2.hp.com
链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748879
来源:www-01.ibm.com
链接:http://www-01.ibm.com/support/docview.wss?uid=swg24032650
来源:w3.efi.com
链接:http://w3.efi.com/Fiery
来源:blogs.oracle.com
链接:https://blogs.oracle.com/sunsecurity/entry/cve_2013_0169_lucky_thirteen
来源:kb.juniper.net
链接:http://kb.juniper.net/InfoCenter/index?page=content&id=jsA10642&cat=SIRT_1&actp=LIST
来源:seclists.org
链接:http://seclists.org/oss-sec/2013/q1/263
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2018/09/msg00029.HTML
来源:www.us-cert.gov
链接:https://www.us-cert.gov/ics/advisories/icsa-19-192-04
来源:kb.juniper.net
链接:http://kb.juniper.net/InfoCenter/index?page=content&id=jsA10939
来源:support.f5.com
链接:https://support.f5.com/csp/article/K14190
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2022.0696
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3700/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.2584/
来源:www.ibm.com
链接:https://www.ibm.com/support/pages/node/1168306
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.2340/
来源:us-cert.cisa.gov
链接:https://us-cert.cisa.gov/ics/advisories/icsa-22-097-01
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.0328/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.2561/
来源:www.securityfocus.com
链接:https://www.securityfocus.com/bid/57778
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159727/Red-Hat-Security-Advisory-2020-4298-01.HTML
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2022.1512
受影响实体
- Polarssl Polarssl:1.1.4
- Polarssl Polarssl:1.1.3
- Polarssl Polarssl:1.1.2
- Polarssl Polarssl:1.1.1
- Polarssl Polarssl:1.1.0:Rc1
补丁
- 多个TLS/DTLS实现加密问题漏洞的修复措施
评论