WirelessPhreak.com

I like to travel, f*ck with technology, and partake in the occasional tropical drink.
I am also a co-host on The NBD Show podcast.
Follow Me

Open SSLV3 vulnerability



By   WirelessPhreak      Tuesday, November 01, 2022      Labels: , ,  

 

So Open SSL announced that they are going to release details of a Critical OpenSSL vulnerability that  affects versions 3.0.0 to 3.0.6. There is rumbling that this vulnerability may be a major deal likened to the everyone's favorite CVE of 2014, heartbleed. 

 

Open SSL will be releasing their patch/update Tuesday 1st November 2022 between 1300-1700 UTC


But unlike heartbleed this OpenSSL vulnerability might not have the same impact to security and network infrastructure that heartbleed had. So far most security and network infrastructure companies are looking ok. As you would expect many of these companies don't run the most bleeding edge versions of open source libraries for this very reason. Also many times stability and security take president over new features. 

 

What I wanted to do is put links to OSS (Open Source Software) lists that are used in different vendors platforms. I started out hopeful but for many of the companies it is very difficult to find. I will post hem as i run across them.

 

Cisco - https://www.cisco.com/c/en/us/about/legal/open-source-documentation-responsive.html

Palo Alto Networks - https://docs.paloaltonetworks.com/oss-listings/pan-os-oss-listings

Juniper - 

Fortinet -

Aruba - 

Arista - 

Extreme Networks - 

Checkpoint - 

F5 - 

Citrix ADC -

 

About WirelessPhreak

Just your everyday Packet Wrangler who enjoy's traveling and anything techie...