Информационная безопасность
[RU] switch to English


DoS против HP iLO
Опубликовано:4 мая 2014 г.
Источник:
SecurityVulns ID:13708
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ устройства на запросе, демонстрирующем уязвимость Heartbleed.
Затронутые продукты:HP : iLO 2
CVE:CVE-2014-2601 (The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.)
 CVE-2014-0160 (The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.)
Оригинальный текстdocumentHP, [security bulletin] HPSBHF03006 rev.1 - HP Integrated Lights-Out 2 (iLO 2) Denial of Service (04.05.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород