Check if Heartbleed-Patched OpenSSL is installed
openssl version -a
|
– OpenSSL 1.0.1g is NOT vulnerable
– OpenSSL 1.0.0 branch is NOT vulnerable
– OpenSSL 0.9.8 branch is NOT vulnerable
Patching Heartbleed Vulnerability is not enough!
...if an attacker has already exploited the Heartbleed bug to steal your SSL private keys they can continue to decrypt all past and future traffic even after the vulnerability has been patched – using the existing stolen keys.
