NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
[Security] Serious OpenSSL bug (impacting ReadyNAS, as well)
http://heartbleed.com/ : "The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library." "Without using any privileged information or credentials we were able s...
heidnerd did you check your NAS via https://filippo.io/Heartbleed
It looks like they back ported a patch to 1.0.1e to fix the problem.
In fact if you look at the apt-get packages lists 6.1.7 uses openssl_1.0.1e-2.deb7u6_armel.deb whereas 6.1.6 uses openssl_1.0.1e-2.deb7u3_armel.deb
If you download the GPL and run a diff you should see changes between 6.1.6 and 6.1.7 for openssl
Consequently simply checking the openssl version the way you did is not the way to check if a system running OS6 is exposed.
It looks like they back ported a patch to 1.0.1e to fix the problem.
In fact if you look at the apt-get packages lists 6.1.7 uses openssl_1.0.1e-2.deb7u6_armel.deb whereas 6.1.6 uses openssl_1.0.1e-2.deb7u3_armel.deb
If you download the GPL and run a diff you should see changes between 6.1.6 and 6.1.7 for openssl
Consequently simply checking the openssl version the way you did is not the way to check if a system running OS6 is exposed.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
