With the Heartbleed bug vulnerability around there is a need to determine the version on openssl used on apache systems
The status of the versions of Openssl affected are:
- OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
- OpenSSL 1.0.1g is NOT vulnerable
- OpenSSL 1.0.0 branch is NOT vulnerable
- OpenSSL 0.9.8 branch is NOT vulnerable
How to determine the version of openssl that is being run in the apache installation on windows.
Open the command line and navigate to the apache/bin directory and use the following line
openssl version -a
To check openssl vulnerabilities in apache based sites use the online tool at:
No comments:
Post a Comment