OpenSSL patches eight new vulnerabilities
// CSO Online
Server administrators are advised to upgrade OpenSSL again to fix eight new vulnerabilities, two of which can lead to denial-of-service (DoS) attacks.
The flaws are only of moderate and low severity, unlike the Heartbleed vulnerability discovered last year. Heartbleed could have allowed attackers to steal sensitive information including encryption keys from servers.
Nevertheless, "system administrators should plan to upgrade their running OpenSSL server instances in the coming days," said Tod Beardsley, engineering manager at vulnerability intelligence firm Rapid7, via email Friday.
Shared via my feedly reader
Sent from my iPhone
Data Center Engineer
1801 Superior Ave. Ste. 300 | Cleveland, OH 44114
(800) 777-7178 | toll free
(440) 268-3297 | office
(216) 224-5769 | mobile
Architects of the anyplace workspace™