Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: October 17, 2014
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 20, 2014
Affected
Aruba has published an advisory. Users should refer to the advisory for up-to-date information.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 27, 2014
Affected
Attachmate has released an advisory.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 20, 2014
Not Affected
"Bouncy Castle Java APIs version 1.46, or later, offer the ability to access SSL v3 by overriding methods in order to allow support for it. By default SSL v3 support is turned off. It is possible to see if a developer has created the necessary overrides by looking for overrides of the methods AbstractTlsClient.getMinimumVersion () or TlsClient.notifyServerVersion () in client code, and by looking for overrides of AbstractTlsServer.getMinimumVersion () or TlsServer.getServerVersion () in server code. Bouncy Castle C# APIs version 1.8 (still in beta), also contains a TLS API, which follows the same profile as the Bouncy Castle Java APIs in respect to SSL v3. Support for “TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks”, currently described at https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 has been added to both the Java and C# APIs to allow developers to prevent SSL v3 as anything but a worst case. We are planning to continue tracking the fallback document as it evolves and will include the results in the next releases of the Java and C# APIs (1.52 and 1.8 respectively) For further enquiries in relation to this please contact us at office@bouncycastle.org."
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: January 21, 2015
Affected
https://technet.microsoft.com/en-us/library/security/3009008.aspx
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: October 17, 2014
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: October 28, 2014
Affected
"We provide information on this issue at the following URL: http://jpn.nec.com/security-info/av14-004.html"
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: October 27, 2014
Affected
Novell has released an advisory.
We are not aware of further vendor information regarding this vulnerability.
Updated: October 17, 2014
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 20, 2014
Not Affected
"MatrixSSL version support is configured with compile-time define, and we have disabled SSL3.0 by default since MatrixSSL 3.3.1 on July 16, 2012. Anyone using MatrixSSL over the past 2 years would have had to manually enable SSL 3.0. Also, we do TLS style padding for SSL3.0 since the beginning for record encoding, however we can¹t enforce it on decoding, so that was of limited use unless communicating with our own library"
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: October 27, 2014
Affected
SUSE has released an advisory.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 17, 2014 Updated: October 17, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.