Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


OpenSSL 3 Critical security vulnerability -- Potential memory leak & remote code execution?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

OpenSSL 3 Critical security vulnerability -- Potential memory leak & remote code execution?

PulsedMediaPulsedMedia Member, Patron Provider

It's likely to be abused to disclose server memory contents, and potentially reveal user details, and could be easily exploited remotely to compromise server private keys or execute code execute remotely. In other words, pretty much everything you don't want happening on your production systems.

ZDNet probably did that for the hyperbole clicks, not sure, here is ZDNet article:

https://www.zdnet.com/article/openssl-warns-of-critical-security-vulnerability-with-upcoming-patch/

Check if you are affected from here: https://isc.sans.edu/forums/diary/Upcoming+Critical+OpenSSL+Vulnerability+What+will+be+Affected/29192

(or just type ' openssl version ' in shell!)

I don't think any of our production servers are affected sigh of relief

Comments

Sign In or Register to comment.