Follow

VisibleThread on-premise: How to test for & remediate OpenSSL/Heartbleed vulnerability

How to test if you are effected by the Heartbleed vulnerability

To test if your on-premise deployment is vulnerable to the OpenSSL/Heartbleed vulnerability run the following command in a
console (this will output the version of OpenSSL installed) :

dpkg --list | grep libssl | awk '{print $3}'

The following OpenSSL versions are not affected by the vulnerability : 

  • 0.9.8g-10.1ubuntu2
  • 1.0.1-4ubuntu5.12

If your OpenSSL version is not one of the above then your deployment is effected by this vulnerability and you should follow the remediation steps below.

How to remediate an effected deployment

 

Attached to this article are links to two patch files.

 

Upload these files to your VisibleThread appliance via SSH (Secure Shell) using port 22. The easiest way to do this is to use on of a number of freely available tools such as FileZilla (http://filezillaproject.org/) or WinSCP (http://www.winscp.net).

Connect to your Virtual Appliance using the following details:

- IP Address: The IP Address of your Virtual Appliance

- username: visiblethread

- Password: password (unless changed after deployment)

- Port: 22

 

Now upload the patch files to:

 

/home/visiblethread

 

Next, log on to the VisibleThread appliance console and execute the following commands:

 

sudo dpkg -i libssl1.0.0_1.0.1-4ubuntu5.12_amd64.deb openssl_1.0.1-4ubuntu5.12_amd64.deb

sudo service apache2 restart

dpkg --list | grep libssl | awk '{print $3}'

 

This should upgrade OpenSSL and output the new version number. You should now see that the version number is 1.0.1-4ubuntu5.12

 

If you have any questions or would like to talk please contact us : support@visiblethread.com

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.