Nasty OpenSSL Vulnerability

[quaffapint]

Heartbleed Bug
Need to patch and then regen your keys. The fact that it's not even traceable doesn't exactly leave a warm fuzzy for all the crap you have on the Net.

Test and see if your (or any) server is vulnerable...
Test your server for Heartbleed (CVE-2014-0160)

 

[Joshk]

Very scary

 

[editeur]

I've already updated a few hours ago
There are number of banks here which still run vulnerable openssl, even after multiple warnings.
Amazon cloud had this vulnerability the whole day, exposing to this bug all its' users.

 

[editeur]

Btw, this bug can potentially expose some credit cards data from online shops, and basically anything that comes through https-protected web forms, so be careful with paypages on unpatched servers.