buy non prescription drugs generic cytotec The OpenSSL team released a critical security update today. The update patches 6 flaws. One of the flaws (CVE-2014-0195) may lead to arbitrary code execution. All versions of OpenSSL are vulnerable to CVE-2014-0195, but this vulnerability only affects DTLS clients or servers (look for SSL VPNs… not so much HTTPS).

http://surgicalinsight.com/albuterol The OpenSSL team released a critical security update today. The update patches 6 flaws. One of the flaws (CVE-2014-0195) may lead to arbitrary code execution. [1] All versions of OpenSSL are vulnerable to CVE-2014-0195, but this vulnerability only affects DTLS clients or servers (look for SSL VPNs… not so much HTTPS).

source site I also rated CVE-2014-0224 critical, since it does allow for MiTM attacks, one of the reasons you use SSL. But in order to exploit this issue, both client and server have to be vulnerable, and only openssl 1.0.1 is vulnerable on servers…

Read more at SANS ISC

Source: Linux.com | software

Johan Louwers

Johan Louwers

Global Lead Archict at Capgemini
Johan Louwers is an Oracle ACE Director and works for the global Capgemini Infrastructure organisation where he leads the Oracle Architect Office as the lead architect.
Johan Louwers

Latest posts by Johan Louwers (see all)