OpenSSL

ERROR:- OpenSSL ‘ChangeCipherSpec’ MiTM Vulnerability

by

From a PCI scan, this error. Answer: Your scanning provider is apparently relying on the version information in the banner to determine vulnerability. Redhat frequently backports fixes into previous versions of applications which is the case with your version of OpenSSL (openssl-0.9.8e-27.el5_10.4). This is a false positive. The vulnerability does not affect this server. You … Read more

Openssl Heartbleed Vulnerability

by

Find out if your server is affected http://filippo.io/Heartbleed/ Run the command: to get the version number of openssl. If the command shows e.g.: Your server might be vulnerable as the version is below 1.0.1g. But some Linux distributions patch packages, see below for instructions to find out if the package on your server has been … Read more