CVE-2014-3566
EUVD-2014-354715.10.2014, 00:55
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_desktop_supplementary | 5.0 |
| redhat | enterprise_linux_desktop_supplementary | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_supplementary | 5.0 |
| redhat | enterprise_linux_server_supplementary | 6.0 |
| redhat | enterprise_linux_server_supplementary | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
| redhat | enterprise_linux_workstation_supplementary | 7.0 |
| ibm | aix | 5.3 |
| ibm | aix | 6.1 |
| ibm | aix | 7.1 |
| apple | mac_os_x | 𝑥 ≤ 10.10.1 |
| mageia | mageia | 3.0 |
| mageia | mageia | 4.0 |
| novell | suse_linux_enterprise_desktop | 9.0 |
| novell | suse_linux_enterprise_desktop | 10.0 |
| novell | suse_linux_enterprise_desktop | 11.0 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| novell | suse_linux_enterprise_software_development_kit | 11.0:sp3 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| novell | suse_linux_enterprise_server | 11.0:sp3 |
| novell | suse_linux_enterprise_server | 11.0:sp3 |
| novell | suse_linux_enterprise_server | 12.0 |
| opensuse | opensuse | 12.3 |
| opensuse | opensuse | 13.1 |
| openssl | openssl | 0.9.8 |
| openssl | openssl | 0.9.8a:a |
| openssl | openssl | 0.9.8b:b |
| openssl | openssl | 0.9.8c:c |
| openssl | openssl | 0.9.8d:d |
| openssl | openssl | 0.9.8e:e |
| openssl | openssl | 0.9.8f:f |
| openssl | openssl | 0.9.8g:g |
| openssl | openssl | 0.9.8h:h |
| openssl | openssl | 0.9.8i:i |
| openssl | openssl | 0.9.8j:j |
| openssl | openssl | 0.9.8k:k |
| openssl | openssl | 0.9.8l:l |
| openssl | openssl | 0.9.8m:m |
| openssl | openssl | 0.9.8m:m |
| openssl | openssl | 0.9.8n:n |
| openssl | openssl | 0.9.8o:o |
| openssl | openssl | 0.9.8p:p |
| openssl | openssl | 0.9.8q:q |
| openssl | openssl | 0.9.8r:r |
| openssl | openssl | 0.9.8s:s |
| openssl | openssl | 0.9.8t:t |
| openssl | openssl | 0.9.8u:u |
| openssl | openssl | 0.9.8v:v |
| openssl | openssl | 0.9.8w:w |
| openssl | openssl | 0.9.8x:x |
| openssl | openssl | 0.9.8y:y |
| openssl | openssl | 0.9.8z:z |
| openssl | openssl | 0.9.8za:za |
| openssl | openssl | 0.9.8zb:zb |
| openssl | openssl | 1.0.0 |
| openssl | openssl | 1.0.0:beta1 |
| openssl | openssl | 1.0.0:beta2 |
| openssl | openssl | 1.0.0:beta3 |
| openssl | openssl | 1.0.0:beta4 |
| openssl | openssl | 1.0.0:beta5 |
| openssl | openssl | 1.0.0a:a |
| openssl | openssl | 1.0.0b:b |
| openssl | openssl | 1.0.0c:c |
| openssl | openssl | 1.0.0d:d |
| openssl | openssl | 1.0.0e:e |
| openssl | openssl | 1.0.0f:f |
| openssl | openssl | 1.0.0g:g |
| openssl | openssl | 1.0.0h:h |
| openssl | openssl | 1.0.0i:i |
| openssl | openssl | 1.0.0j:j |
| openssl | openssl | 1.0.0k:k |
| openssl | openssl | 1.0.0l:l |
| openssl | openssl | 1.0.0m:m |
| openssl | openssl | 1.0.0n:n |
| openssl | openssl | 1.0.1 |
| openssl | openssl | 1.0.1:beta1 |
| openssl | openssl | 1.0.1:beta2 |
| openssl | openssl | 1.0.1:beta3 |
| openssl | openssl | 1.0.1a:a |
| openssl | openssl | 1.0.1b:b |
| openssl | openssl | 1.0.1c:c |
| openssl | openssl | 1.0.1d:d |
| openssl | openssl | 1.0.1e:e |
| openssl | openssl | 1.0.1f:f |
| openssl | openssl | 1.0.1g:g |
| openssl | openssl | 1.0.1h:h |
| openssl | openssl | 1.0.1i:i |
| ibm | vios | 2.2.0.10 |
| ibm | vios | 2.2.0.11 |
| ibm | vios | 2.2.0.12 |
| ibm | vios | 2.2.0.13 |
| ibm | vios | 2.2.1.0 |
| ibm | vios | 2.2.1.1 |
| ibm | vios | 2.2.1.3 |
| ibm | vios | 2.2.1.4 |
| ibm | vios | 2.2.1.5 |
| ibm | vios | 2.2.1.6 |
| ibm | vios | 2.2.1.7 |
| ibm | vios | 2.2.1.8 |
| ibm | vios | 2.2.1.9 |
| ibm | vios | 2.2.2.0 |
| ibm | vios | 2.2.2.1 |
| ibm | vios | 2.2.2.2 |
| ibm | vios | 2.2.2.3 |
| ibm | vios | 2.2.2.4 |
| ibm | vios | 2.2.2.5 |
| ibm | vios | 2.2.3.0 |
| ibm | vios | 2.2.3.1 |
| ibm | vios | 2.2.3.2 |
| ibm | vios | 2.2.3.3 |
| ibm | vios | 2.2.3.4 |
| netbsd | netbsd | 5.1 |
| netbsd | netbsd | 5.1.1 |
| netbsd | netbsd | 5.1.2 |
| netbsd | netbsd | 5.1.3 |
| netbsd | netbsd | 5.1.4 |
| netbsd | netbsd | 5.2 |
| netbsd | netbsd | 5.2.1 |
| netbsd | netbsd | 5.2.2 |
| netbsd | netbsd | 6.0 |
| netbsd | netbsd | 6.0:beta |
| netbsd | netbsd | 6.0.1 |
| netbsd | netbsd | 6.0.2 |
| netbsd | netbsd | 6.0.3 |
| netbsd | netbsd | 6.0.4 |
| netbsd | netbsd | 6.0.5 |
| netbsd | netbsd | 6.0.6 |
| netbsd | netbsd | 6.1 |
| netbsd | netbsd | 6.1.1 |
| netbsd | netbsd | 6.1.2 |
| netbsd | netbsd | 6.1.3 |
| netbsd | netbsd | 6.1.4 |
| netbsd | netbsd | 6.1.5 |
| debian | debian_linux | 7.0 |
| debian | debian_linux | 8.0 |
| oracle | database | 11.2.0.4 |
| oracle | database | 12.1.0.2 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bouncycastle |
| ||||||||||||||||
| epiphany-browser |
| ||||||||||||||||
| erlang |
| ||||||||||||||||
| gnutls28 |
| ||||||||||||||||
| haskell-tls |
| ||||||||||||||||
| lighttpd |
| ||||||||||||||||
| midori |
| ||||||||||||||||
| netsurf |
| ||||||||||||||||
| nss |
| ||||||||||||||||
| openjdk-8 |
| ||||||||||||||||
| openssl |
| ||||||||||||||||
| pound |
| ||||||||||||||||
| surf |
| ||||||||||||||||
| wolfssl |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| nss |
| ||||||||||||||||||||||||||||||||||||||
| openjdk-6 |
| ||||||||||||||||||||||||||||||||||||||
| openjdk-7 |
| ||||||||||||||||||||||||||||||||||||||
| openssl |
| ||||||||||||||||||||||||||||||||||||||
| openssl098 |
| ||||||||||||||||||||||||||||||||||||||
| pound |
|
Common Weakness Enumeration