Heartbleed vulnerability in OpenSSL

This Heartbleed vulnerability allows an attacker to read 64 kilobyte chunks of memory from the servers and clients that connect using SSL through a flaw in the OpenSSL’s implementation of the heartbeat extension.

cPanel & WHM does not provide any copies of the OpenSSL library. The daemons and applications shipped with cPanel & WHM link to the version of OpenSSL provided by the core operating system.

RedHat 6, CentOS 6, and CloudLinux 6 provided vulnerable versions of OpenSSL 1.0.1. All three distros have published patched versions of their OpenSSL 1.0.1 RPMs to their mirrors.

 

heartbleed vulnerability

 

 How to fix this Heartbleed vulnerability?

 

To update any affected servers, use the following commands.

1. SSH to your server

2. yum update openssl

3. /scripts/upcp —force

4. /etc/init.d/cpanel restart

5.  stop apache with the command:

service httpd stop

6.  kill any remaining apache processes

7.  start apache with command:

service httpd start

8.  Please test your server at http://filippo.io/Heartbleed/ to confirm the server is patched.

9.  If your server still shows vulnerable still after step #8 we have found it is necessary to recompile apache.  Recompile apache and run step #8 again.

Also you can ensure you are updated by running the following command:

rpm -q –changelog openssl | grep -B 1 CVE-2014-0160
* Mon Apr 07 2014 Tomáš Mráz 1.0.1e-16.7
– fix CVE-2014-0160 – information disclosure in TLS heartbeat extension

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

cPanel & WHM Version 74 Now in STABLE

cPanel has released cPanel & WHM Version 74 to the STABLE tier. It includes updates for some...

Installing cpanel on google cloud

Create a new CentOS 7 instance on your google cloud engine. From the cPanel & WHM System...

Install Free SSL Let’s Encrypt plugin in cPanel

Let’s Encrypt is a trusted, open source certificate authority that offers free SSL certificates...

Replace MySQL with Percona in cPanel Server

Percona Server is an enhanced drop-in replacement for MySQL. If you are a web hosting service...

Install nginx as a reverse proxy cPanel plugin

Install Nginx on your cPanel/WHM server using the Engintron cPanel Plugin as a reverse proxy. It...