Full Disclosure mailing list archives
Re: heartbleed OpenSSL bug CVE-2014-0160
From: Matthew Musingo <matthew.musingo () gmail com>
Date: Tue, 8 Apr 2014 10:21:34 -0400
Even if your systems were patched an attacker could have already attained the secrets. Certs and other sensitive information need to be reconsidered for replacement or changed On Apr 8, 2014 8:00 AM, "Jann Horn" <jann () thejh net> wrote:
On Tue, Apr 08, 2014 at 10:23:26AM +0200, Joerg Mertin wrote:Ubuntu already has released: http://www.ubuntu.com/usn/usn-2165-1/ My server updated during the night :}Make sure that it actually worked! I did this after updating my debian server: root@thejh:/home/jann# for pid in $(grep -F '/usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 (deleted)' /proc/*/maps | cut -d/ -f3 | sort -u); do cat /proc/$pid/cmdline | tr '\0' ' '; echo; done /usr/lib/erlang/erts-5.9.1/bin/beam -Bd -K true -A 4 -- -root /usr/lib/erlang -progname erl -- -home /var/lib/couchdb -- -noshell -noinput -os_mon start_memsup false start_cpu_sup false disk_space_check_interval 1 disk_almost_full_threshold 1 -sasl errlog_type error -couch_ini /etc/couchdb/default.ini /etc/couchdb/local.ini /etc/couchdb/default.ini /etc/couchdb/local.ini -s couch -pidfile /var/run/couchdb/couchdb.pid -heart /usr/bin/couchjs /usr/share/couchdb/server/main.js /usr/bin/couchjs /usr/share/couchdb/server/main.js /usr/bin/stunnel4 /etc/stunnel/stunnel.conf /usr/bin/stunnel4 /etc/stunnel/stunnel.conf /usr/bin/stunnel4 /etc/stunnel/stunnel.conf /usr/bin/stunnel4 /etc/stunnel/stunnel.conf /usr/bin/stunnel4 /etc/stunnel/stunnel.conf /usr/bin/stunnel4 /etc/stunnel/stunnel.conf /usr/bin/python /usr/lib/mailman/bin/mailmanctl -s -q start /usr/bin/python /var/lib/mailman/bin/qrunner --runner=ArchRunner:0:1 -s /usr/bin/python /var/lib/mailman/bin/qrunner --runner=BounceRunner:0:1 -s /usr/bin/python /var/lib/mailman/bin/qrunner --runner=CommandRunner:0:1 -s /usr/bin/python /var/lib/mailman/bin/qrunner --runner=IncomingRunner:0:1 -s /usr/bin/python /var/lib/mailman/bin/qrunner --runner=NewsRunner:0:1 -s /usr/bin/python /var/lib/mailman/bin/qrunner --runner=OutgoingRunner:0:1 -s /usr/bin/python /var/lib/mailman/bin/qrunner --runner=VirginRunner:0:1 -s /usr/bin/python /var/lib/mailman/bin/qrunner --runner=RetryRunner:0:1 -s /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf /usr/lib/postfix/master /usr/sbin/vsftpd /usr/bin/znc -d /etc/znc pickup -l -t fifo -u -c anvil -l -t unix -u -c smtpd -n smtp -t inet -u -c -o stress= -s 2 irssi /usr/sbin/openvpn --writepid /var/run/openvpn.tun0.pid --daemon ovpn-tun0 --cd /etc/openvpn --config /etc/openvpn/tun0.conf qmgr -l -t fifo -u tlsmgr -l -t unix -u -c So, yeah, it did replace the library file, but stunnel, couchdb, lighttpd, postfix, vsftpd and so on are still using the old version. You have to manually restart those services... :D _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- heartbleed OpenSSL bug CVE-2014-0160 Kirils Solovjovs (Apr 07)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Andrew Case (Apr 07)
- Re: heartbleed OpenSSL bug CVE-2014-0160 David H (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Joerg Mertin (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Jann Horn (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Francesc Guitart (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Javier Reoyo (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Carlos P (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Joerg Mertin (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 David H (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Matthew Musingo (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Craig Holmes (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Michal Zalewski (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Menso Heus (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Txalin (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Pål Nilsen (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Reindl Harald (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Pål Nilsen (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Ricardo Iramar dos Santos (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Nik Mitev (Apr 08)