MoinMoin Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • Start
  • Sitemap
Revision 1 as of 2014-04-09 11:50:55
  • heartbleed

heartbleed

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.

http://helpdesk.wisc.edu/page.php?id=39080

== How to check for vulnerable versions of OpenSSL==

Versions 1.0.1 to 1.0.1f are potentially vulnerable. Version 1.0.1g if the fixed version. Other versions of OpenSSL (1.0.0 branch, 0.9.8 branch) are not vulnerable.

A basic version check: openssl version -a

A more specific check: openssl version -a| grep -oE '1.0.1[a-g]{1}?|DOPENSSL_NO_HEARTBEATS'

This should return the version, assuming version 1.0.1x. If the OPENSSL_NO_HEARTBEATS flag shows up then it’s not vulnerable regardless of version.

  • MoinMoin Powered
  • Python Powered
  • GPL licensed
  • Valid HTML 4.01