For vulnerability in servers using OpenSSL, use this site to test your server of interest
http://filippo.io/Heartbleed/
Another test site
https://lastpass.com/heartbleed/
Here's a list with results
https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt
Common sites with vulnerabilities:
yahoo
addthis
okcupid
slate
leo.org
eventbrite
entrepreneur
usmagazine
fool.com
squidoo
outbrain
This discussion seems to imply that a client (browser) would also need OpenSSL but there are exceptions as well
https://news.ycombinator.com/item?id=7553882
This site has a test also but is too busy currently (during day 0-2, not 4/16 it is useable and provides a good amount of information
https://www.ssllabs.com/ssltest/
Apple had some sites reported as vulnerable
https://discussions.apple.com/message/25422231#25422231
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment