Remove OpenSSL Heartbleed vulnerability
OpenSSL Heartbleed vulnerability
Vulnerable computer systems and applications:
OpenSSL.
Description:
OpenSSL versions ranging from 1.0.1 to 1.0.1f have vulnerabilities in the TLS/DTLS protocols used for data encryption. By using this vulnerability, attackers can intercept protected information – passwords, private encryption keys, etc. This vulnerability has appeared because of a programming error in the OpenSSL library.
Instructions for removal:
To remove the vulnerability, it is necessary to update the OpenSSL library to 1.0.1g, which addresses specifically this violation. It is also recommended that you erase any encryption keys generated by previous, vulnerable OpenSSL versions, and create new ones.