Attachmate Information for VU#720951

OpenSSL TLS heartbeat extension read overflow discloses sensitive information

Status

Affected

Vendor Statement

Some Attachmate products with specific versions are affected by the
CVE-2014-0160 OpenSSL 'Heartbleed' vulnerability when TLS protocol
connections are used.  All affected products now have either new versions
or hot fixes available.

Attachmate maintains the following technical note about affected and
non-vulnerable versions:
http://support.attachmate.com/techdocs/2724.html

In addition, Security Updates technical notes are also available for
specific
products:
Security Updates and Reflection for the Web or Reflection Security Gateway
http://support.attachmate.com/techdocs/1704.html
Security Updates and Reflection
http://support.attachmate.com/techdocs/1708.html
Security Updates and Reflection for Secure IT
http://support.attachmate.com/techdocs/2288.html
Security Updates and EXTRA!
http://support.attachmate.com/techdocs/2501.html
Security Updates and Reflection 2014 or Reflection 2011
http://support.attachmate.com/techdocs/2502.html
Security Updates and INFOConnect
http://support.attachmate.com/techdocs/2546.html
Security Updates and Verastream
http://support.attachmate.com/techdocs/2700.html

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://support.attachmate.com/techdocs/2724.html

http://support.attachmate.com/techdocs/1704.html
http://support.attachmate.com/techdocs/1708.html
http://support.attachmate.com/techdocs/2288.html
http://support.attachmate.com/techdocs/2501.html
http://support.attachmate.com/techdocs/2502.html
http://support.attachmate.com/techdocs/2546.html
http://support.attachmate.com/techdocs/2700.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.