Heartbleed detector tools report RHEL system vulnerable despite patched or non-vulnerable openssl version

Solution Verified - Updated -

Issue

  • Heartbleed detector tools report RHEL system vulnerable despite patched or non-vulnerable openssl version
  • Red Hat 5 and openssl 0.9.8e is howing a status for CVE-2014-0160 as vulnerable
  • No processes were found using the libssl.so library but Red Hat's Heartbleed Detector says that the system is still vulnerable

Environment

  • Red Hat Enterprise Linux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In