Is Ghost Solution Suite affected by the CVE-2014-0160 (Heartbleed) vulnerability?
|Article:TECH216638|||||Created: 2014-04-11|||||Updated: 2014-04-11|||||Article URL http://www.symantec.com/docs/TECH216638|
What is Heartbleed? In short, Heartbleed is a security vulnerability where an attacker can use a TLS heartbeat packet to reveal up to 64k of memory from the server's buffer; this information can include anything that would be stored in that section of memory including unencrypted usernames and passwords.
Ghost Solution suite is not impacted by this vulnerability because the packaged Linux Preboot uses OpenSSL version "0.9.2".
Article URL http://www.symantec.com/docs/TECH216638