Open SSL Heartbleed vulnerability – A complete check and fix


In this time, we all are aware about the new Open SSL Heartbleed vulnerability. The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. You will get more details from this link Heartbleed.

The open SSL version 1.0.1 version has vulnerabilities except 1.0.1g and other versions. Different communities are already released updates.

How to check if the Open SSL installed is patched or not ?
You can find this by different method. This link will help you to find out your domain’s Open SSL status.
You can check the same from the server back-end also. The following OS may effected the Heartbleed Vulnerabilities.

OpenBSD 5.3 (OpenSSL 1.0.1c 10 May 2012) and 5.4 (OpenSSL 1.0.1c 10 May 2012)
FreeBSD 10.0 - OpenSSL 1.0.1e 11 Feb 2013
NetBSD 5.0.2 (OpenSSL 1.0.1e)
OpenSUSE 12.2 (OpenSSL 1.0.1c)
Debian Wheezy (stable), OpenSSL 1.0.1e-2+deb7u4
Ubuntu 12.04.4 LTS, OpenSSL 1.0.1-4ubuntu5.11
CentOS 6.5, OpenSSL 1.0.1e-15
Fedora 18, OpenSSL 1.0.1e-4

You can check it by executing the following command.

rpm -q --changelog openssl | grep CVE-2014-0160

If the above commands returns output like “– fix CVE-2014-0160 – information disclosure in TLS heartbeat extension” then, we can conclude the server’s Open SSL is already patched.


root@test [~]# rpm -q --changelog openssl | grep CVE-2014-0160
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

You may use the YUM command and check the release note to find out if it is updated or not.

yum info openssl


root@test [~]# yum info openssl|egrep -i "Release|Version"
Version     : 1.0.1e
Release     : 16.el6_5.7
Version     : 1.0.1e
Release     : 16.el6_5.7

In this example the first two lines are indicating the Version and Release details of installed Opes SSL and the second two lines are the corresponding Version and Release details of available updates.

How to update the Open SSL to overcome the vulnerabilities ?
Please do follow the steps below:

Step 1 : Login to server as root user.
Step II : Upgrade the Open SSL package using YUM

yum clean all
yum update openssl

Step II : Restart Apache

/etc/init.d/httpd stop
/etc/init.d/httpd start

If it is cPanel server restart the cPanel service also. I recommend a Stop – Start rather than a restart. :-)

/etc/init.d/cpanel stop
/etc/init.d/cpanel start

Different communities have already released updates.


If you are using LiteSpeed, upgrade LiteSpeed also:


Originally posted 2016-01-11 05:52:55.


Please enter your comment!
Please enter your name here