[Skip navigation links]

OpenSSL Vulnerabilities

OpenSSL has announced updates for several vulnerabilities (including 'Logjam') that affect users of OpenSSL clients and servers. Exploitation of these vulnerabilities could lead to, at worst, man-in-the-middle and denial of service (DoS) attacks. Most vendors have updated packages available and it is advisable to apply these at the earliest opportunity.

OpenSSL security advisory: http://openssl.org/news/secadv_20150611.txt

SANS analysis: https://isc.sans.edu/forums/diary/Updates+to+OpenSSL+fix+vulnerabilities+related+to+Logjam/19793/

Logjam analysis and server test: https://weakdh.org/