Disk Arrays
cancel
Showing results for 
Search instead for 
Did you mean: 

Heartbleed affected Storage Systems

Ruben_Herold
Advisor

Heartbleed affected Storage Systems

hi,

 

has anybody a list of all systems affected by the heartbleed bug:

 

http://en.wikipedia.org/wiki/Heartbleed

 

I found out that these systems are affected:

 

P2000G3 newest Firmware

P9500 newest Firmware

 

 

4 REPLIES
HeHan
Occasional Advisor

Re: Heartbleed affected Storage Systems

Any specific storage system you're thinking about?

Torsten.
Acclaimed Contributor

Re: Heartbleed affected Storage Systems

Where did you get the information?

 

Obviously the P9500 is affected if it is using apache 2.2.24 only (see c04240206 - "HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information"), the MSA is "under investigation" so far.

 

http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%253Demr_na-c04240206-1%257CdocLocale%253Den_US%257CcalledBy%253D&javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&ac.admitted=1397641622...


Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Michael Leu
Honored Contributor

Re: Heartbleed affected Storage Systems

HP advisory c04239413 also contains some useful information on what is and isn't affected:

Notice: HP Servers Communication: OpenSSL "HeartBleed" Vulnerability

 

 

Torsten.
Acclaimed Contributor

Re: Heartbleed affected Storage Systems

Yes, it is related to servers, but a good information anyway.

 

...

Products NOT Impacted by "HeartBleed"
Virtual Connect
Integrated Lights Out (iLO) 2, 3, 4
HP Insight Control Server Provisioning
System Management Homepage (SMH) HP-UX
HP OneView
Systems Insight Manager
NonStop SSL
iTP WebServer for NonStop Servers
Onboard Administrator for NonStop Integrity Platforms
HP-UX
OpenVMS
 
 
 
Products Impacted by "HeartBleed"
Product Version Impacted
Security Bulletin
HP Onboard Administrator (OA)
4.11 and 4.20
HP Smart Update Manager (HP SUM)
6.0.0 - 6.3.0
HP System Management Homepage (SMH) Linux and Windows
7.1.2, 7.2, 7.2.1, 7.2.2, 7.3, 7.3.1

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!