Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2014.0047
A critical vulnerability in OpenSSL has been identified that
affect multiple McAfee products
11 April 2014
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: McAfee Next Generation Firewall
McAfee Firewall Enterprise
McAfee Enterprise Security Manager
McAfee Web Gateway
McAfee Security for Microsoft Exchange
Operating System: Network Appliance
Virtualisation
Windows
Impact/Access: Access Privileged Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2014-0160
Member content until: Sunday, May 11 2014
Reference: ASB-2014.0042
ESB-2014.0457
OVERVIEW
A critical vulnerability in OpenSSL has been identified that affect
multiple McAfee products. [1]
IMPACT
The vendor has provided the following details on the vulnerability:
"CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before
1.0.1g do not properly handle Heartbeat Extension packets, which
allows remote attackers to obtain sensitive information from process
memory via crafted packets that trigger a buffer over-read, as
demonstrated by reading private keys, related to d1_both.c and t1_lib.c,
aka the Heartbleed bug." [1]
MITIGATION
The vendor recommends applying the available patches or hotfixes for
the relevant product. The vendor also recommends regenerating private
keys, upgrading SSL certificates and revoking old certificates. [1]
REFERENCES
[1] McAfee Security Bulletin – OpenSSL Heartbleed vulnerability patched
in McAfee products
https://kc.mcafee.com/corporate/index?page=content&id=SB10071
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBU0dK1RLndAQH1ShLAQIPVxAAnNPhysDATcj03Jpeob4HVWmEAQpbEWdz
4WzRduy9UXw05cohWuGJvqLW56gPHsk002VMDMy+l+ItySooBSbCzZpQlfpWhUk1
6SCOSRHqcBTMLK3/1LuFHE7tz7ncL884GCDnAj8JWoUyANyPcGY1A6twaS27w11W
F5W9XpvoP5SVSo0tKuasmpfCAeo8/SZfNSNqM2DXscQs3v87z5tE8o2NRF5OpR1Q
zoYCGBmQz/JbKYW0vyrB6IQI8omQxIwpJmD47k2mtscv+pxFbZEGuDYV1KCFxmRj
mPZqGGJuxZ6+v3l3zOsO/GKgVYq8prKfAo5dWIlVamlSoF6g4Iaw0o7oVAzH5GuE
XtxTF7uQLU0ikkD4HxqUgJ3ZKdrEvyagaEli9hZUyv+SZTfzp2Z72ZVNQLB0rEae
5Or1qMKkqIxiJ+5bq6eEClqmrweaGqNyPnoGLZJiiwX3+uonEUhvOYSVkIwvYmV5
0tipsvidcDX1eCK/5mBqB+yn09gkzwLajNM7cSshBA6jJAeq8xhus3Ktpo5T9kw1
NMbLhL0je2LkqQ+8IBMspTkZje4vKcYCEVKe/tJceTIpUsrG5jJPHInAhGCzHKIO
fvC9gIT6/bC8i1CfCKVzh2FfoPS65AJW1GsrHGRfeP6HYb+QzVk5pymWEtM4Ffbi
ICeDTcVzLJY=
=++XF
-----END PGP SIGNATURE-----