[CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround

Tue Apr 8 22:19:21 UTC 2014
Keith Keller <kkeller at wombat.san-francisco.ca.us>

On 2014-04-08, Leon Fauster <leonfauster at googlemail.com> wrote:
> looking inside - its seems that this issue (cve-2014-0160) is resolved
> in ssl/d1_both.c and ssl/t1_lib.c and not in files under crypto/ ... 
> to say more i have to take a look into the build process.

So if it turns out to be true that the bug is in libssl, and not
libcrypto (which so far seems like a reasonable guess, but has not yet
been confirmed), then the following lsof should work to report active
processes which are still vulnerable:

lsof -n | grep -E libssl | grep -i DEL

The -i makes the grep case-insensitive.  I've seen both DEL and deleted
in the lsof output for various CentOS versions; it's possible that an
old lsof could still be running on a box with a vulnerable openssl,
though, so it's safest to look for both patterns.


kkeller at wombat.san-francisco.ca.us