Critical OpenSSL Heartbleed Bug In Vicibox 5 (04/08/2014)
Posted: Wed Apr 09, 2014 12:17 pmA critical bug has been found in OpenSSL that allows an attacker to read just about anything out of RAM. Vicibox 5 is running an effected version of OpenSSL. A patch has already been released for it. It is highly recommended that all Vicibox 5 server have the system updates install. You can do so by doing the following on the Linux command line:
1) zypper refresh
2) zypper up
3) rcapache2 restart
Please note the rcapache2 restart can potentially knock your agents offline for a moment.
Here are links to more information about the hack:
http://cve.mitre.org/cgi-bin/cvename.cg ... -2014-0160
http://heartbleed.com/
Here is a website that allows you to test your servers for the bug:
http://filippo.io/Heartbleed/
Here is a link to the official OpenSuSE security announcement:
http://lists.opensuse.org/opensuse-secu ... 00005.html
Here is a link to the official OpenSuSE patch information:
http://lists.opensuse.org/opensuse-secu ... 00004.html
We also highly recommend that you check all of your non-Vicidial servers to see if they are effected as well. This is a major vulnerability effecting a large amount of equipment.
1) zypper refresh
2) zypper up
3) rcapache2 restart
Please note the rcapache2 restart can potentially knock your agents offline for a moment.
Here are links to more information about the hack:
http://cve.mitre.org/cgi-bin/cvename.cg ... -2014-0160
http://heartbleed.com/
Here is a website that allows you to test your servers for the bug:
http://filippo.io/Heartbleed/
Here is a link to the official OpenSuSE security announcement:
http://lists.opensuse.org/opensuse-secu ... 00005.html
Here is a link to the official OpenSuSE patch information:
http://lists.opensuse.org/opensuse-secu ... 00004.html
We also highly recommend that you check all of your non-Vicidial servers to see if they are effected as well. This is a major vulnerability effecting a large amount of equipment.