Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Upgrading OpenSSL

Posted on 2008-06-24
1
733 Views
Last Modified: 2013-12-06
Greetings - We just got an e-mail from NETSOL about our wildcard cert. They said that there is a security threat in our CSR. How do I update OpenSSL on a Debian linux box.

Thanks!
0
Comment
Question by:ncartwrightt2systems
1 Comment
 
LVL 6

Accepted Solution

by:
Syngin9 earned 500 total points
ID: 21858051
Run the following as root:

apt-get update

apt-get install openssl

It will install an extra package or 2 which will scan your system for exploitable keys and update them as necessary.  The flaw in OpenSSL revolved around an error with the random number generator used to generate encryption keys.  It is very important to upgrade to the new version of OpenSSL.

http://www.metasploit.com/users/hdm/tools/debian-openssl/
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Best IDE for PHP starters 11 134
Database client version mismatch in PhpMyAdmin 4 75
Only allow one site in Internet Explorer on XenApp. 9 75
Apache error.log 19 57
After running Ubuntu some time, you will be asked to download updates for fixing bugs and security updates. All the packages you download replace the previous ones, except for the kernel, also called "linux-image". This is due to the fact that w…
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question