openssl

  1. TA15-119A: Top 30 Targeted High Risk Vulnerabilities

    Original release date: April 29, 2015 Systems Affected Systems running unpatched software from Adobe, Microsoft, Oracle, or OpenSSL. Overview Cyber threat actors continue to exploit unpatched software to conduct attacks against critical infrastructure organizations. As many as 85 percent of...
  2. TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack

    Original release date: October 17, 2014 Systems Affected All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this...
  3. VIDEO Addressing Internet "Heartbleed" Emergency

    This website is not affected by the exploit in any way. Further information: Last night news about a remote OpenSSL bug was disclosed on http://heartbleed.com/ which detailed out an exploit in the OpenSSL system library that handles HTTPS connections on your server. This bug impacts CentOS 6.x...
  4. TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)

    Original release date: April 08, 2014 Systems Affected OpenSSL 1.0.1 through 1.0.1f OpenSSL 1.0.2-beta Overview A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory...
  5. November 2013 Website Changes and Updates

    Greetings! A new list of internal changes is now available for November 2013. Most of these changes are "under the hood" internal upgrades. PHP updated to 5.4.21 Core: Fixed bug #65322 (compile time errors won't trigger auto loading). CLI server: Fixed bug #65633 (built-in server treat some...
  6. P

    Windows 7 Windows 7 OCSP malformed request

    Hi, I couldn't get OCSP revocation check to work on Windows 7. I installed my self-signed Root and Intermediate certificates (generated using openssl 0.9.8) on my Windows 7 machine. I then go to Internet Explorer and type in the https://....com:4440. The port sends back a leaf certificate...