Pascal Meunier writes

The entry for CVE-2006-4339 reached 16941 bytes, with 352 references. This is an OpenSSL issue, and highlights how much we are dependent on it.

Vulnerabilities in any security suite aren’t something you ever want to hear about, particularly something as ubiquitous as OpenSSL. Whenever you use an application that has SSL capabilities, there’s a good chance you’re relying on OpenSSL for security, especially if the software doesn’t come from a company that has its own proprietary security suite (such as Microsoft or Mozilla). VMWare, Opera, various products from Sun, any Apache instance using mod_ssl…there’s a lot out there that needs to be patched right now. You may want to do a quick search of your systems for ssleay32.dll/so and libeay.dll/so to see if you have anything that needs updating.

This entry was posted on Monday, March 31st, 2008 at 2:05 pm by Walt Turnes and is filed under software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.