Skip to Content
author's profile photo Former Member
Former Member

OpenSSL vulnerability CVE-2014-0224

My customer want to know whether ASE is affected by the following OpenSSL vulnerability in http://www.openssl.org/news/secadv_20140605.txt

SSL/TLS MITM vulnerability (CVE-2014-0224),

DTLS recursion flaw (CVE-2014-0221)

DTLS invalid fragment vulnerability (CVE-2014-0195)

SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)

SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)

Anonymous ECDH denial of service (CVE-2014-3470)

Can you help me to confirm the above question?

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Jul 23, 2014 at 06:29 AM

    You have clearly double posted this question in two groups.

    So the first question goes back to you.

    Are you Running SAP Applications on ASE, if so this is not the proper group?

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.