[Owasp-orlando] Heartbleed SSL vuln

Tony Turner tony.turner at owasp.org
Wed Apr 9 16:57:23 UTC 2014


List, I don't usually communicate vulns to the group but this one is pretty
bad. If you have not already tested your sites for this flaw and patched,
you really should do it ASAP. It's one of the worst if not the worst SSL
vuln I've ever seen. The SANS Internet Storm Center threat level has been
elevated to yellow, which happens so rarely that I used to have an
interview question asking what the threat level was today because it's
almost always green.

http://heartbleed.com/

https://isc.sans.edu/diary/OpenSSL+CVE-2014-0160+Fixed/17917
https://isc.sans.edu/diary/%2A+Patch+Now%3A+OpenSSL+%22Heartbleed%22+Vulnerability/17921


-- 
Tony Turner
OWASP Orlando Chapter Founder/Co-Leader
tony.turner at owasp.org
https://www.owasp.org/index.php/Orlando
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-orlando/attachments/20140409/5005609d/attachment.html>


More information about the Owasp-orlando mailing list