Copy
HostingSecList - Security notices for the hosting community.

OpenSSL

Urgent Action Required

There is a vulnerability present within OpenSSL that can allow sensitive information that is stored in the server memory to be disclosed to an attacker.

A public proof of concept has already been released and in our testing we were able to see credentials, session and private information!

It is highly recommended that you upgrade OpenSSL on all of your servers to one of the patched versions and also ensure that any other software using OpenSSL is patched as well. It would also be a good idea to revoke any private keys as this vulnerability has apparently been known for a couple years now.

Vulnerability Explained:
http://heartbleed.com

Test If You Are Vulnerable:
http://filippo.io/Heartbleed/

Ongoing Discussion at WHT:
http://www.webhostingtalk.com/showthread.php?t=1364373
Our mailing address is:
RACK911 Labs
1110 Palms Airport Drive
Suite 110
Las Vegas, NV 89119

Add us to your address book


Copyright © 2014 RACK911 Labs, All rights reserved.
Email Marketing Powered by Mailchimp