openssl

  1. TA15-119A: Top 30 Targeted High Risk Vulnerabilities

    Original release date: April 29, 2015 Systems Affected Systems running unpatched software from Adobe, Microsoft, Oracle, or OpenSSL. Overview Cyber threat actors continue to exploit unpatched software to conduct attacks against critical infrastructure organizations. As many as 85 percent of...
    • News
    • Thread
    • administrative privileges adobe attack vectors cybersecurity impact incident response malware microsoft mitigation network security openssl oracle patching prevention restoration sensitive information software threats vulnerabilities whitelisting
    • Replies: 0
    • Forum: Security Alerts

  2. TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack

    Original release date: October 17, 2014 Systems Affected All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this...
    • News
    • Thread
    • ciphers ciphertext data breach downgrade attack encryption exploitation legacy systems mitm network security openssl poodle protocol risk assessment security sensitive data ssl 3.0 tls transport layer security vulnerability web browsers
    • Replies: 0
    • Forum: Security Alerts

  3. VIDEO Addressing Internet "Heartbleed" Emergency

    This website is not affected by the exploit in any way. Further information: Last night news about a remote OpenSSL bug was disclosed on http://heartbleed.com/ which detailed out an exploit in the OpenSSL system library that handles HTTPS connections on your server. This bug impacts CentOS 6.x...
    • Mike
    • Thread
    • bug centos cpanel emergency exploit heartbleed https internet litespeed networking openssl patch security server software ssl support update vulnerability whm
    • Replies: 4
    • Forum: Forum Announcements

  4. TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)

    Original release date: April 08, 2014 Systems Affected OpenSSL 1.0.1 through 1.0.1f OpenSSL 1.0.2-beta Overview A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory...
    • News
    • Thread
    • credentials cve-2014-0160 data exposure exploit heartbleed impact key material memory mitigation openssl patch perfect forward secrecy public access public disclosure revision history security security flaw system administrators tls vulnerability
    • Replies: 0
    • Forum: Security Alerts

  5. November 2013 Website Changes and Updates

    Greetings! A new list of internal changes is now available for November 2013. Most of these changes are "under the hood" internal upgrades. PHP updated to 5.4.21 Core: Fixed bug #65322 (compile time errors won't trigger auto loading). CLI server: Fixed bug #65633 (built-in server treat some...
    • Mike
    • Thread
    • bug fixes cloudlinux compatibility database debugging error handling imagemagick importing litespeed openssl performance php resource limits security server statistical thread management updates website changes xenforo
    • Replies: 1
    • Forum: Forum Announcements
  6. P

    Windows 7 Windows 7 OCSP malformed request

    Hi, I couldn't get OCSP revocation check to work on Windows 7. I installed my self-signed Root and Intermediate certificates (generated using openssl 0.9.8) on my Windows 7 machine. I then go to Internet Explorer and type in the https://....com:4440. The port sends back a leaf certificate...
    • plunkett
    • Thread
    • certificate errors certificates connection issues debugging intermediate certificate internet explorer leaf certificate networking ocsp openssl patching revocation root certificate security self-signed troubleshooting windows 7
    • Replies: 1
    • Forum: Windows Help and Support