Thursday 5th June 2014

Alcatel-Lucent & Infoblox DDI solutions are unaffected by this vulnerability, further details are provided below.

  • Alcatel-Lucent has confirmed that both VitalQIP and their Appliance Range are unaffected by this vulnerability.
  • Infoblox has confirmed that No NIOS DNS servers are vulnerable to this attack.

Further Information

This attack can only be performed between a vulnerable client and server - in order for the attack to be possible both sides need to be vulnerable. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.

distributed by