Tag Archives: OpenSSL

July 12, 2015   No comments

OpenSSL Fixed a Critical Vulnerability

This week OpenSSL Fixed a Critical Vulnerability, the new security vulnerability discovered in OpenSSL. CVE-2015-1793 is due to a problem with authentication certificate processing which may lead to MITM man in the middle attack. OpenSSL Foundation released the patch to

Read More
March 22, 2015   No comments

New release for OpenSSL to fix several security vulnerabilities

Heartbleed OpenSSL security vulnerability is still not the last vulnerability we see for OpenSSL but we continue to find new and critical security issues in OpenSSL library. New security advisory have been published that include several high severity vulnerabilities that

Read More
October 19, 2014   No comments

OpenSSL Released a fix to four vulnerabilities

OpenSSL have an update for the encryption package, the new version comes to fix four security vulnerabilities including a high severity vulnerability that allows attacker to perform a denial of service attack on vulnerable servers.this bug can be exploited by parsing

Read More
May 3, 2014   No comments

OpenSSH not anymore depending on OpenSSL

OpenSSH is an important set of programs that is used to encrypt communication and connect to servers over SSH. This is the standard way used by many system administrators to remotely manage thousands of servers. For long time developers have

Read More
April 19, 2014   No comments

End User Considerations For OpenSSL Vulnerabilities

OpenSSL vulnerabilities could enable a remote hacker to gain access to sensitive data, including secret keys and authentication credentials, via incorrect memory handling. Some of these vulnerabilities could also cause potential leak of non-encrypted information and DTLS (Datagram Transport Layer

Read More
April 12, 2014   5 Comments

Heartbleed Critical Vulnerability in OpenSSL

The security community is actively discussing over this week the openssl vulnerability that allows attacker to exploit the Heartbeat TLS and receive 64KB in the RAM memory. The attack can be repeated continuously to get sensitive information from end users

Read More
November 18, 2010   11 Comments

OpenSSL New Buffer Overrun Attack

OpenSSL core team informed about a new vulnerability in OpenSSL based TLS server. Users of all OpenSSL 0.9.8 are invited to upgrade immediately to OpenSSL 0.9.8p, in which the bug has been fixed. And Users of OpenSSL 1.0.0 and 1.0.0a

Read More