Heartbleed 2.0? Not exactly but more OpenSSL issues have been found

In the wake of the recent Heartbleed Bug another series of OpenSSL vulnerabilities have been found. Whilst the Heartbleed bug was relatively easy to exploit, the latest batch of bugs are not. However if successfully exploited, there is potential for eavesdropping and traffic manipulation (CVE-2014-0224) as well as running arbitrary code on the vulnerable client or server (CVE-2014-0195).

The other vulnerabilities found and noted in the same advisory have been classified as CVE-2014-0221, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470.

For more details, please refer to https://www.openssl.org/news/secadv_20140605.txt

As explained all vulnerabilities can be addressed by upgrading OpenSSL to the latest version.

Loadbalancer.org take security very seriously and will be issuing a patch shortly that addresses these issues. We have already recently released v7.6 and just released v7.6.1 which both include a series of updates that continue to focus on improving existing features and adding new ones, as well as constantly addressing any security issues if and when they are found.

You Can Learn More About the LoadBalancer.org’s Product Line By Going to www.LoadBalancerSolutions.com/LoadBalancer-org

The original article/video can be found at Heartbleed 2.0? Not exactly but more OpenSSL issues have been found

About the Author: Shannon Lewis

Leave a Reply