Monday, April 14, 2014

To check for openssl vulnerability 

To check for openssl vulnerability
----------------------------------------------


>>> Go to server 


   


      Type command  openssl version 




      ( Affected version  1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1)






Bear in mind the version of openssl that is vulnerable. 




For versions that is not, do not attempt the upgrade.



Type the command:
  rpm -q --changelog openssl | grep 'CVE-2014-0160'




if the output says,  "fix CVE-2014-0160 - information disclosure in TLS 
heartbeat extension", then no need to attempt for openssl upgrade.
if there is no output, then you need to do   yum upgrade openssl

DO NOT USE THIRDPARTY REPO.  ONLY YUM UPGRADE  << This is important

Then recheck the openssl again as stated above.


Then reset the service SSL certificates.












Posted by



at







































No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)