The Heartbleed bug, officially referenced as CVE-2014-0160, is already being coined as one of the biggest security threats since the mass adoption of the Internet – affecting millions of websites and services, including credit-card numbers, email accounts and a wide range of online commerce.
Shortly speaking, Heartbleed shares the memory of a system protected by OpenSSL to anyone on the Internet.
Who reported it?
According to OpenSSL, it was Neel Mehta from Google’s security team that reported the problem in the beginning of April. What’s really scary is that the bug slipped under the radar for so long.
Am I affected by Heartbleed?
To check if your website or application is vulnerable you can use Metasploit’s Brand New Heartbleed Scanner Module.
If you would like to check Open-E DSS V7, here’s an example of how to install Metasploit Framework on Ubuntu.
Is Open-E software safe?
Our team of developers tested the products with Metasploit’s Brand New Heartbleed Scanner Module and guarantee that all Open-E Data Storage Software products are secure. There is no need to update software or change passwords.
Read more about the OpenSSL “Heartbleed” Vulnerbility: