Full Disclosure mailing list archives

Re: heartbleed OpenSSL bug CVE-2014-0160

From: Francesc Guitart <fguitart () gmx com>
Date: Tue, 08 Apr 2014 16:20:04 +0200

El 08/04/2014 13:59, Jann Horn escribió:

On Tue, Apr 08, 2014 at 10:23:26AM +0200, Joerg Mertin wrote:

Ubuntu already has released:
http://www.ubuntu.com/usn/usn-2165-1/

My server updated during the night :}


Make sure that it actually worked! I did this after updating my debian server:

root@thejh:/home/jann# for pid in $(grep -F '/usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 (deleted)' /proc/*/maps | cut -d/ -f3 | sort -u); do 
cat /proc/$pid/cmdline | tr '\0' ' '; echo; done



If I'm not wrong this does the same in a little bit easier way:

sudo lsof -n | grep ssl | grep DEL

I guess it works on all Linux distributions.


--
Francesc Guitart

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

heartbleed OpenSSL bug CVE-2014-0160 Kirils Solovjovs (Apr 07)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Andrew Case (Apr 07)
- Re: heartbleed OpenSSL bug CVE-2014-0160 David H (Apr 08)
  - Re: heartbleed OpenSSL bug CVE-2014-0160 Joerg Mertin (Apr 08)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Jann Horn (Apr 08)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Francesc Guitart (Apr 08)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Javier Reoyo (Apr 10)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Carlos P (Apr 10)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 David H (Apr 08)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Matthew Musingo (Apr 08)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Craig Holmes (Apr 09)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Michal Zalewski (Apr 09)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Menso Heus (Apr 09)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Txalin (Apr 10)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Pål Nilsen (Apr 10)
    - Re: heartbleed OpenSSL bug CVE-2014-0160 Reindl Harald (Apr 10)

(Thread continues...)