This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Patch availability for CVS-2014-3511? New SSL MITM attack

Our recent internal security scans indicate our Sophos email appliances might be suseptalbe to MITM attack based on CVE-2014-3511: clientHello fragmentation and protocol downgrade.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511

Is there a patch release upcoming to address this?

This thread was automatically locked due to age.

Parents

0 ISRyanB over 10 years ago

if you haven't already, might want to use the info in this KB to report the finding:
http://www.sophos.com/en-us/support/knowledgebase/56657.aspx
They can work with you to validate and escalate for patch creation if required.
Very prompt responses in my experience. :)
:53195
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 ISRyanB over 10 years ago

if you haven't already, might want to use the info in this KB to report the finding:
http://www.sophos.com/en-us/support/knowledgebase/56657.aspx
They can work with you to validate and escalate for patch creation if required.
Very prompt responses in my experience. :)
:53195
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data