Is Ghost Solution Suite affected by the CVE-2014-0160 (Heartbleed) vulnerability?

Article:TECH216638  |  Created: 2014-04-11  |  Updated: 2014-04-11  |  Article URL http://www.symantec.com/docs/TECH216638
Article Type
Technical Solution

Product(s)

Issue



What is Heartbleed? In short, Heartbleed is a security vulnerability where an attacker can use a TLS heartbeat packet to reveal up to 64k of memory from the server's buffer; this information can include anything that would be stored in that section of memory including unencrypted usernames and passwords.


Solution



Ghost Solution suite is not impacted by this vulnerability because the packaged Linux Preboot uses OpenSSL version "0.9.2".




Article URL http://www.symantec.com/docs/TECH216638


Terms of use for this information are found in Legal Notices