OpenSSL & quot; heartbleed & quot; security vulnerability emergency repair solution [CentOS 6.x] [Red Hat 6.x] [download security patches on the official website]

Source: Internet
Author: User
Tags install perl cve

Address: http://blog.csdn.net/hujkay
Author: Jekkay Hu (34538980@qq.com)
Keywords: openssl, heartbleed, CVE-2014-0160, vulnerability repair, patch download
Time:

1. Overview

On the heartbleed official website, detailed information about the CVE-2014-0160 vulnerability, this is about the OpenSSL Information Leakage vulnerability caused by security issues. Changing the Heartbleed bug allows anyone on the Internet to read system-protected memory. This compromise key is used to identify service providers and encrypted traffic, user names and passwords, and actual content. This vulnerability allows attackers to intercept communication and directly steal data from service providers by simulating service providers and users.

The affected RedHat 6.x and CentOS 6.x released the openssl vulnerability patches immediately,

RHEL.6 for openssl Security Announcement number is: RHSA-2014: 0376-1, more detailed please open the following connection:

https://rhn.redhat.com/errata/RHSA-2014-0376.html



2. Vulnerability Detection

First, download the vulnerability patch file from the connection at the end of this Article. After decompression, there should be the following files:


Run the following command:

# Python ssltest. py 127.0.0.1

As shown in the following figure:Server likely not vulnerableIs normal, as follows:


If the result is:Server is vulnerableThe vulnerability is as follows:


If it is detectedConnection refused, Indicating that the HTTPS service has not been activated. Check whether the server has activated openssl-related services. If not, you do not need to upgrade the server temporarily.


3. Repair

Upload the patch to the service and run the following command:

yum install perl-WWW-Curl-4.09-3.el6.x86_64.rpm -yyum install *.rpm --skip-broken  --setopt=protected_multilib=false -y

4. patch download

The official website patch provided by Redhat can be downloaded from the following link:

http://download.csdn.net/detail/hujkay/7165571

[Click here to send coffee] [https://me.alipay.com/jekkay]

Hu, Jekkay Hu


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.