"The Electronic Frontier Foundation,[10] Ars Technica,[11] and Bruce Schneier[12] all deemed the Heartbleed bug "catastrophic".
Forbes cybersecurity columnist Joseph Steinberg wrote, "Some might argue that [Heartbleed] is the worst vulnerability found
(at least in terms of its potential impact) since commercial traffic began to flow on the Internet."[13]"
Although most severe for attacking servers it could be used by a malicious server
to read data from the client's memory such as website usernames and passwords.
Security firms advice to change passwords.
on your internet sites
read more:
http://en.wikipedia.org/wiki/Heartbleed
I checked on alphaOS 14.5 - and it has the exploit
( that same goes at least for my 32-bit alphaos and probably
for older versions as well.)
Code: Select all
[root@alphaos] > openssl version
OpenSSL 1.0.1e 2 Nov 2013
on 15.0 - SAFE
Code: Select all
[root@alphaos] > openssl version
OpenSSL 1.0.1g 7 Apr 2014