Wireless Access

Reply
Moderator

Cupid, a derivative of Heartbleed, won't affect your network, but may affect your client devices

More details on Cupid can be found here:

http://www.sysvalue.com/en/heartbleed-cupid-wireless/

 


Cupid is an attack that levearges the heartbleed vulnerability to attack connections made over EAP.  It was meant as a proof that other types of TLS connectiosn are vulnerable, which is pretty apparent.  Only versions of code affected by Heartbleed are vulnerable to Cupid.  Please make sure that you are runing heartbleed safe code. 

 

You can check the affected versions by reading the security bullitin released by Aruba.

 

http://www.arubanetworks.com/support/alerts/aid-040814.asc

 

Client devices are also vulnerable to the attack.  Please ensure that none of the client devices on your network are running a vulnerable version of OpenSSL.  That primarily applies to Android and Linux devices.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: