Posted in Industry News on 10/04/2014 @ 09:40
As you have most likely heard a vulnerability within OpenSSL is currently in circulation and may require your attention.
This is really on a per server basis, the majority of servers running CentOS 5 will likely be unaffected due to version of OpenSSL with this bug, users with CentOS 6, specifically CentOS 6.5 may wish to take some action!
The versions of OpenSSL that are affected by this are as follows:-
--OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
--OpenSSL 1.0.1g is NOT vulnerable
--OpenSSL 1.0.0 branch is NOT vulnerable
--OpenSSL 0.9.8 branch is NOT vulnerable
To check your Openssl version, simply type "openssl version", within your servers console, alternatively please use the following tool to check if your vulnerable to this exploit:
If you find yourself vulnerable, try not to panic, update your openssl via yum or apt-get then make sure to restart any services that may be using this, mail / httpd / cpanel and so on, it may be best to reissue your SSL certificates also.
Please be aware that all of our managed clients that were affected by this were updated in full when the 0day vulnerability was announced.
For further information on this please feel free to view the following pages:-
If you find that you require server management with your dedicated or virtual server this is something that we provide at a monthly fee if you find you're out of your depth!