| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+2LWjhgPvmUcs28q=MgDct4612Rx4Km-vzdKFSRNT8bqCqJ1Q@mail.gmail.com> Date: Tue, 8 Apr 2014 10:21:34 -0400 From: Matthew Musingo <matthew.musingo@...il.com> To: Jann Horn <jann@...jh.net> Cc: fulldisclosure@...lists.org Subject: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160 Even if your systems were patched an attacker could have already attained the secrets. Certs and other sensitive information need to be reconsidered for replacement or changed On Apr 8, 2014 8:00 AM, "Jann Horn" <jann@...jh.net> wrote: > On Tue, Apr 08, 2014 at 10:23:26AM +0200, Joerg Mertin wrote: > > Ubuntu already has released: > > http://www.ubuntu.com/usn/usn-2165-1/ > > > > My server updated during the night :} > > Make sure that it actually worked! I did this after updating my debian > server: > > root@...jh:/home/jann# for pid in $(grep -F > '/usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 (deleted)' /proc/*/maps | cut > -d/ -f3 | sort -u); do cat /proc/$pid/cmdline | tr '\0' ' '; echo; done > /usr/lib/erlang/erts-5.9.1/bin/beam -Bd -K true -A 4 -- -root > /usr/lib/erlang -progname erl -- -home /var/lib/couchdb -- -noshell > -noinput -os_mon start_memsup false start_cpu_sup false > disk_space_check_interval 1 disk_almost_full_threshold 1 -sasl errlog_type > error -couch_ini /etc/couchdb/default.ini /etc/couchdb/local.ini > /etc/couchdb/default.ini /etc/couchdb/local.ini -s couch -pidfile > /var/run/couchdb/couchdb.pid -heart > /usr/bin/couchjs /usr/share/couchdb/server/main.js > /usr/bin/couchjs /usr/share/couchdb/server/main.js > /usr/bin/stunnel4 /etc/stunnel/stunnel.conf > /usr/bin/stunnel4 /etc/stunnel/stunnel.conf > /usr/bin/stunnel4 /etc/stunnel/stunnel.conf > /usr/bin/stunnel4 /etc/stunnel/stunnel.conf > /usr/bin/stunnel4 /etc/stunnel/stunnel.conf > /usr/bin/stunnel4 /etc/stunnel/stunnel.conf > /usr/bin/python /usr/lib/mailman/bin/mailmanctl -s -q start > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=ArchRunner:0:1 -s > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=BounceRunner:0:1 -s > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=CommandRunner:0:1 -s > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=IncomingRunner:0:1 -s > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=NewsRunner:0:1 -s > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=OutgoingRunner:0:1 -s > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=VirginRunner:0:1 -s > /usr/bin/python /var/lib/mailman/bin/qrunner --runner=RetryRunner:0:1 -s > /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf > /usr/lib/postfix/master > /usr/sbin/vsftpd > /usr/bin/znc -d /etc/znc > pickup -l -t fifo -u -c > anvil -l -t unix -u -c > smtpd -n smtp -t inet -u -c -o stress= -s 2 > irssi > /usr/sbin/openvpn --writepid /var/run/openvpn.tun0.pid --daemon ovpn-tun0 > --cd /etc/openvpn --config /etc/openvpn/tun0.conf > qmgr -l -t fifo -u > tlsmgr -l -t unix -u -c > > So, yeah, it did replace the library file, but stunnel, couchdb, lighttpd, > postfix, vsftpd and so on are still using the old version. You have to > manually restart those services... :D > > _______________________________________________ > Sent through the Full Disclosure mailing list > http://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists