OpenSSL CCS Injection Vulnerability (CVE-2014-0224) Alert - Red Hat Customer Portal

Comments

See the details and frequently asked quesetions on this at this link https://access.redhat.com/site/articles/904433

This is different than 'heartbleed'.

Here is the info from openssl.org, - https://www.openssl.org/news/secadv_20140605.txt

At lwn.net, it says: "For the curious, Masashi Kikuchi, the discoverer of the MITM vulnerability, has posted the story of how it was found http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html".

An OpenSSL CCS Injection Detector (from redhat.com).
A perl version of the above to download, the offline detection tool (from redhat.com, see their note on false positives).

The Red Hat Enterprise Linux CVE response https://access.redhat.com/security/cve/CVE-2014-0224, and the bugzilla on this.

Here are the resolution instructions for Red Hat Enterprise Linux at solution id 905793.

Started 2014-06-05T20:01:31+00:00 by

RJ Hinton

Community Leader Guru 6797 points

Responses

Quick Links

Help

Site Info

Related Sites

Copyright © 2024 Red Hat, Inc.

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)