7 Apr
2014
7 Apr
'14
5:18 p.m.
This is a bad one: http://heartbleed.com/ ... The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. ... * OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable * OpenSSL 1.0.1g is NOT vulnerable * OpenSSL 0.9.8 branch is NOT vulnerable Everyone using TLS methods with EAP are likely vulnerable. Anyone using RadSec is likely vulnerable. Please check which version of OpenSSL you are using. Alan DeKok.