Please note the following versions of OpenSSL:

  • OpenSSL 1.0.1 through to 1.0.1f (inclusive) is vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 is NOT vulnerable
  • OpenSSL 0.9.8 is NOT vulnerable

To check whether your server is vulnerable, on CentOS / Red Hat, run:

rpm -qa openssl*

Or

yum info openssl | egrep \”Package|Version|Release\”

On Ubuntu Server:

dpkg -l | grep openssl

(On Ubuntu, ensure the version returned matches the ones mentioned here.)

You can patch / upgrade the openssl version yourself. Just run the following commands on your appropriate server(s).

# For the Linux cPanel server:

  • yum update openssl -y
  • for service in sshd pure-ftpd httpd exim cpanel courier-imap ; do /etc/init.d/$service restart; done
  • /etc/init.d/httpd stop;/etc/init.d/httpd startssl

# For the Linux Plesk server:

  • yum update openssl -y
  • /etc/init.d/psa stopall
  • /etc/init.d/psa startall
  • /etc/init.d/psa restart

# For the Linux plain server:

  • * yum update openssl -y
  • * Just restart all SSL-enabled services or reboot the system.

In the interest of customer security, we would strongly advise to change cPanel/WHM password and account password of the hosting billing area.

Incoming searches related to OpenSSL vulnerability

  • openssl vulnerability database
  • openssl vulnerability 2009
  • ssl version 2 vulnerability
  • openssl security
  • openssl linux
  • openssl exploit
  • openssl buffer overflow
  • openssl bug

Popular Posts You May Read

Explore more hosting insights, tips and industry updates.

content strategy

How To Build An Effective Content Strategy For Growing Brand

Content marketing is the perfect way for businesses all around the world to grow their…

CSF Installation Problem: Solve Blocking Google Bot

“CSF” and “Mod security” both are very important for your server. If any user wants…

Migrating Dedicated Servers and On-site Servers into the Cloud

Cloud web hosting can be used for the hosting of powerful virtual machines that can…