Freeware Files | Download Free Software

Friday, 06 June 2014 15:29

OpenSSL patch fixes 7 vulnerabilities

Rate this item
(1 Vote)

Good news for those who fear being victims of any OpenSSL vulnerability.

Since the discovery of the Heartbleed bug, security experts are pouring over its source code, in a bid to tidy up what could be described as a messy coding chaos.

And the first patches have followed swiftly. The OpenSSL open source project has issued a security patch that aims to fix 7 vulnerabilities, 2 of which have been deemed critical by the SAMS Internet Storm Center.

The first one is a so-called man-in-the-middle flaw, using a OpenSSL exploit to tamper with traffic between clients and servers.

It was discovered by Japanese researcher Masashi Kikuchi from security company Lepidum and has been around for over 16 years, since the very inception of OpenSSL.

Kikuchi blames the insufficient number of code reviews as well as the lack of experience of reviewers for the time it took to unearth this vulnerability.

Another critical flaw was identified six weeks ago and is classified as a "Datagram Transport Layer Security (DTLS) invalid fragment vulnerability", which is a buffer overrun attack, allowing an arbitrary code to be executed on the compromised host.

Source

Subscribe via RSS or Email:

 
Read 1683 times Last modified on Friday, 06 June 2014 18:52

Comments   

0 #1 Michael A 2014-06-07 18:47
AFAIR the patch was available one day after the discovery of heartbleed. That normal with Free Software.

Only mislead users of commercial scrap have to wait months or years before well known security breaches get closed.
Quote
  1. Latest News
  2. Most Popular
  3. Top Rated
  4. Latest Comments
  • Michael A
    Why they do not shut down the company that provides the faulty patchwork systems that make such malware first possible? No, not because of a faulty ...

    Read more...

     
  • Moubreb
    The people at any router between You and facebook can read Your communication if: 1. You're using an http: connection 2. A fake facebook certificate ...

    Read more...

     
  • theoctagon
    You could always just use what's already baked in: Android Device Manager. https://www.google.com/android/devicemanager

    Read more...

     
  • Michael A
    AFAIR the patch was available one day after the discovery of heartbleed. That normal with Free Software. Only mislead users of commercial scrap have ...

    Read more...

next
prev

Quick Search

Powered by Liquidtroll
Prev Next

Openarch System Introduces Wall Tablets

03-03-2013 Hits:3061 Latest Vasia L. - avatar Vasia L.

Openarch System Introduces Wall Tablets

Αn innovative system that transforms all the surfaces of a house into a giant screen... Madrid: It is called Openarch system and has an open "gate" of communication, able to embrace...

Installing Adobe Flash Player 64-bit How to on Ubuntu 11.04

31-12-2011 Hits:4407 Linux Vasia L. - avatar Vasia L.

Installing Adobe Flash Player 64-bit How to on Ubuntu 11.04

The proceed from tutorial will teach you how to install the 64-bit edition of the Adobe Flash Player 11 plugin on the Ubuntu 11.04 (Natty Narwhal) operating system. Well, I guess...

Samsung announces Series 7 Touch Monitor for Windows 8

06-02-2013 Hits:5090 Latest George Q - avatar George Q

Samsung announces Series 7 Touch Monitor for Windows 8

The SC770 or Series 7 Touch is the first multi-touch monitor from Samsung and it is optimized for Windows 8 operating systems. Users of the newer version of Windows can drag,...

Secure your Facebook and avoid bad links clicking

11-04-2012 Hits:3171 Security George Q - avatar George Q

Secure your Facebook and avoid bad links clicking

The Internet has become an integral part of our life and digital thieves worldwide know this very well. In this article i m going to show you a way to avoid...

What Ultimately Happens With The Used Games And The Always Online For Xbox …

22-05-2013 Hits:1878 Games Panagiotis K. - avatar Panagiotis K.

What Ultimately Happens With The Used Games And The Always Online For Xbox One

Alongside the impressions created by Microsoft with the launch of Xbox One, there has been created or left unanswered several important questions regarding the operation of the device. The most important...