WirelessPhreak.com

I like to travel, f*ck with technology, and partake in the occasional tropical drink.
I am also a co-host on The NBD Show podcast.
Follow Me

Open SSLV3 vulnerability



By   WirelessPhreak      Tuesday, November 01, 2022      Labels: , ,  

 

So Open SSL announced that they are going to release details of a Critical OpenSSL vulnerability that  affects versions 3.0.0 to 3.0.6. There is rumbling that this vulnerability may be a major deal likened to the everyone's favorite CVE of 2014, heartbleed.

Open SSL will be releasing their patch/update Tuseday 1st November 2022 between 1300-1700 UTC

But unlike heartbleed this OpenSSL vulnerability my not have the impact to security and network infrastructure that heartbleed had. So far from what I have gotten from several security and network infrastructure companies it's looking ok. As you would expect many of these companies don't run the most bleeding versions of these open source libraries for this very reason. Also many times stability and security take president over new features.

What I wanted to do is put links to OSS (Open Source Software) lists that are used in different vendors platforms. I started out hopeful but for many of them it is very difficult to find. I will post hem as i run across them.

Cisco - https://www.cisco.com/c/en/us/about/legal/open-source-documentation-responsive.html

Palo Alto Networks - https://docs.paloaltonetworks.com/oss-listings/pan-os-oss-listings

Juniper - 

Fortinet -

Aruba - 

Arista - 

Extreme Networks - 

Checkpoint - 

F5 - 

Citrix ADC -

 

About WirelessPhreak

Just your everyday Packet Wrangler who enjoy's traveling and anything techie...