[CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
Keith Keller
kkeller at wombat.san-francisco.ca.usTue Apr 8 22:19:21 UTC 2014
- Previous message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Next message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2014-04-08, Leon Fauster <leonfauster at googlemail.com> wrote: > > looking inside - its seems that this issue (cve-2014-0160) is resolved > in ssl/d1_both.c and ssl/t1_lib.c and not in files under crypto/ ... > to say more i have to take a look into the build process. So if it turns out to be true that the bug is in libssl, and not libcrypto (which so far seems like a reasonable guess, but has not yet been confirmed), then the following lsof should work to report active processes which are still vulnerable: lsof -n | grep -E libssl | grep -i DEL The -i makes the grep case-insensitive. I've seen both DEL and deleted in the lsof output for various CentOS versions; it's possible that an old lsof could still be running on a box with a vulnerable openssl, though, so it's safest to look for both patterns. --keith -- kkeller at wombat.san-francisco.ca.us
- Previous message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Next message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list