Heartbleed Vulnerability and You – A Patch Guide

Recently, the Heartbleed Bug (CVE-2014-0160), a serious vulnerability in the popular OpenSSL cryptographic software library was discovered. This is a very serious vulnerability which captures all SSL/TLS encrypted information, such as login details, email correspondence, instant messages, etc. It affected servers all over the world including huge international companies. More information about it can be found using the links below:

https://www.openssl.org/news/secadv_20140407.txt
Heartbleed Bug
You can also Test your server for Heartbleed (CVE-2014-0160).

Status of different versions:

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable

Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.

It is strongly recommended to check your VDS and dedicated servers. If it is determined that you do have the vulnerability, fear not. We have steps below that you can follow to remove the heartbleed vulnerability.

How to Fix the Heartbleed Vulnerability

To begin, you will first need to access your server via SSH. Once logged in, perform the following commands:
yum clean all
yum update openssl openssl-devel
yum reinstall keyutils-libs* openssh* -y
/etc/init.d/httpd restart

This will update the packages that contained the vulnerability and restart the HTTP service. Once this is done, we also recommend that you restart all services that use openssl by doing the following:

/scripts/restartsrv_sshd && /scripts/restartsrv_mailman && 
/scripts/restartsrv_cpdavd && /scripts/restartsrv_cpsrvd && 
/scripts/restartsrv_httpd && /scripts/restartsrv_exim && 
/scripts/restartsrv_named && /scripts/restartsrv_dovecot && 
/scripts/restartsrv_courier && /scripts/restartsrv_pureftpd && 
/scripts/restartsrv_proftpd && /etc/init.d/cups restart

After all services have restarted successfully you can check the result by performing this one last command and confirming you have this fix in your changelog:

rpm -q --changelog openssl | grep CVE-2014-0160
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

As long as you receive the return line described above, you’re all set. If you have any issues, please don’t hesitate to open a support ticket.

We’d love to hear from you how we’re doing on our articles. Please feel free to leave a comment below!

Leave a Reply