[ninux-not-wireless] The Heartbleed Bug
Claudio
claudyus84 at gmail.com
Wed Apr 9 11:04:20 CEST 2014
ciao a tutti,
giusto per capire quanti servizi sono coinvolti.
$ apt-cache rdepends libssl1.0.0
libssl1.0.0
Reverse Depends:
libreoffice-core
ntpdate
wine1.4-amd64
postgresql-9.2
libsasl2-modules
php5-fpm
libfreerdp1
postfix
virtualbox
wpasupplicant
nginx-naxsi
nginx-extras
nginx-light
nginx-full
vsftpd
wine1.4-amd64
wine-compholio-amd64
android-tools-adb
libspice-server1
spice-client
wimlib9
wimlib7
android-tools-adb
nginx-naxsi
nginx-extras
nginx-light
nginx-full
nginx-passenger
grub-customizer
bitcoin-qt
bitcoind
openvpn
openvswitch-switch
openvswitch-controller
openvswitch-common
openvswitch-brcompat
libssl1.0.0:i386
libssl1.0.0:i386
transmission-qt
transmission-gtk
transmission-daemon
transmission-cli
snmp
sbsigntool
python3.2-minimal
python3.2-dbg
python2.7-minimal
python2.7-dbg
python-openssl-dbg
python-openssl
postgresql-contrib-9.1
postgresql-client-9.1
postgresql-9.1
php5-cli
php5-cgi
openssl
openssh-server
openssh-client
libssl1.0.0-dbg
libssl-dev
libssh-4
libsnmp15
libruby1.9.1
libruby1.8
libreoffice-core
libpython3.2
libpython2.7
libpq5
libdns81
libcurl3
libapache2-mod-php5
freeradius-utils
freeradius
apache2.2-bin
apache2-utils
xymon
virtualbox
stunnel4
postgresql-contrib-8.4
postgresql-client-8.4
postgresql-8.4
php5-fpm
nginx-naxsi
nginx-light
nginx-full
nginx-extras
libxml-security-c16
libglobus-gridftp-server0
libapache2-mod-php5filter
krb5-pkinit
jabberd2
isc-dhcp-server-ldap
ejabberd
bip
postgresql-contrib-9.3
postgresql-contrib-9.2
postgresql-contrib-9.1
postgresql-contrib-9.0
postgresql-contrib-8.4
postgresql-contrib-8.3
postgresql-contrib-8.2
postgresql-client-9.3
postgresql-client-9.2
postgresql-client-9.1
postgresql-client-9.0
postgresql-client-8.4
postgresql-client-8.3
postgresql-client-8.2
postgresql-9.3
postgresql-9.2
postgresql-9.1
postgresql-9.0
postgresql-8.4
postgresql-8.3
postgresql-8.2
pgpool2
pgadmin3
odbc-postgresql
libpq5
libssl1.0.0:i386
libssl1.0.0:i386
vmware-view-open-client
sfcb
libmyth-0.25-0
conserver-server
conserver-client
ckermit
znc
zfs-fuse
yate-core
yapet
xymon
xrdp
xorp
xmms2-plugin-airplay
xmail
xchat
xca
xbmc-bin
x3270
x11vnc
wine1.4-amd64
webauth-utils
vtun
voms-server
voms-mysql-plugin
voms-clients
virtualbox
vde2-cryptcab
unworkable
unbound-anchor
unbound
unar
transgui
trafficserver
tpm-tools
tor
tkrat
tinc
telnetd-ssl
telnet-ssl
tcl-trf
tcl-tls
tboot
syslog-ng-mod-sql
syslog-ng-core
sylpheed
suck
stunnel4
stud
stone
ssvnc
sslsniff
sslscan
spice-client
sofia-sip-bin
socat
slurm-llnl-basic-plugins
skipfish
sipcrack
simutrans
sflphone-daemon
sendmail-bin
scrypt
scim-mozc
sbnc
samdump2
s3270
rsyncrypto
rhash
rdd
ratproxy
radsecproxy
qwbfsmanager
qutecom
qterm
qesteidutil
qdigidoc
qbittorrent-nox
qbittorrent
python-ncrypt
python-libtorrent-dbg
python-libtorrent
pyrit
pypy
pure-ftpd-postgresql
pure-ftpd-mysql
pure-ftpd-ldap
pure-ftpd
prosody
proftpd-basic
prayer-accountd
prayer
pr3287
pound
postler
postgresql-contrib-8.4
postgresql-client-8.4
postgresql-8.4
polygraph
pkcs11-dump
pinot
pidgin-openfetion
pidentd
picolisp
php5-fpm
perdition
pennmush-mysql
pennmush
pavuk
pathfinderd
pathfinder-utils
partimage-server
partimage
p3scan
owl
osptoolkit
ophcrack-cli
ophcrack
openwsman
openvswitch-switch
openvswitch-controller
openvswitch-common
openvswitch-brcompat
openvas-client
opensc
openntpd
opennebula
openhpi-plugin-ipmidirect
opendkim
openconnect
oftc-hybrid-respond
oftc-hybrid
odbc-postgresql
ocsigen
ntop
nsd3
nordugrid-arc-plugins-needed
nordugrid-arc-gridftpd
nordugrid-arc-client
nordugrid-arc-arex
nodejs
ngorca
nginx-naxsi
nginx-light
nginx-full
nginx-extras
network-manager-openconnect-gnome
netsurf-gtk
navit
nagircbot
nagios-nrpe-plugin
myproxy
mumble-server
mumble-11x
mumble
mozc-server
monit
mktorrent
mixmaster
mini-httpd
medusa
maptool
mailfilter
mailavenger
mail-notification
linuxdcpp
links2
links
lighttpd
licq
lib....
ldnsutils
l2tp-ipsec-vpn
kvirc-modules
kvirc
kumofs
krb5-pkinit
kontrolpack
kolabadmin
kolab-libcyrus-imap-perl
kolab-cyrus-pop3d
kolab-cyrus-imapd
kolab-cyrus-common
kolab-cyrus-clients
kftpgrabber
kannel-sqlbox
kannel-extras
kannel
jabberd2
italc-client
isync
istgt
isc-dhcp-server-ldap
isakmpd
ipmitool
inn2
imapproxy
imapfilter
ike-scan
ike-qtgui
ike
idecrypt
ice34-services
hydra
httping
httperf
httest
hostapd
hfsprogs
heirloom-mailx
gvpe
gstreamer0.10-plugins-bad
grisbi
gridengine-exec
gogoc
gnupg-pkcs11-scd
gnubiff
globus-proxy-utils
globus-gram-job-manager
globus-gatekeeper
globus-gass-copy-progs
ginkgocadx
gfsd
gatling
g2ipmsg
ftpd-ssl
ftp-ssl
fqterm
fossil
flush
fdm
ewf-tools
eurephia
ettercap-text-only
ettercap-graphical
epic5
epic4
encfs
ekg2-core
ekg-gtk
ekg
ejabberd
eggdrop
dsniff
dmg2img
dma
dk-filter
dillo
dicomscope
dcmtk
dcap-tunnel-ssl
cyrus-replication-2.4
cyrus-pop3d-2.4
cyrus-nntpd-2.4
cyrus-murder-2.4
cyrus-imapd-2.4
cyrus-common-2.4
cyrus-clients-2.4
crtmpserver-libs
crtmpserver-apps
courier-ssl
cone
citadel-webcit
citadel-server
citadel-client
cfengine3
cfengine2
certmonger
c3270
burp
btpd
bozohttpd
boxbackup-server
boxbackup-client
boinc-server-maker
boinc-client
bitcoind
bip
beid-tools
batv-filter
barnowl
balsa
ayttm
asterisk-modules
asterisk
apf-server
apf-client
anon-proxy
amanda-common
alpine
afflib-tools
xchat-gnome
wpasupplicant
wget
w3m
vsftpd
virtuoso-opensource-6.1-common
virtuoso-opensource-6.1-bin
trousers
transmission-qt
transmission-gtk
transmission-daemon
transmission-cli
tcpdump
spamc
snmp
siege
sasl2-bin
rdesktop
racoon
python3.2-minimal
python3.2-dbg
python2.7-minimal
python2.7-dbg
python-openssl-dbg
python-openssl
python-m2crypto
pulseaudio-module-raop
postgresql-contrib-9.1
postgresql-client-9.1
postgresql-9.1
postfix
php5-cli
php5-cgi
pacemaker
openvpn
openssl
openssh-server
openssh-client
nmap
nagios-plugins-basic
nagios-nrpe-server
likewise-open
lib... 2 dump
keepalived
irssi
iputils-ping
htmldoc
freeradius-utils
freeradius
fetchmail
erlang-ssl
erlang-crypto
dovecot-core
crda
bacula-common
apache2.2-bin
apache2-utils
Il giorno 08 aprile 2014 15:12, Saverio Proto <zioproto at gmail.com> ha
scritto:
> dopo git blame ...
> git show bd6941cf
>
> bug introdotto la sera di capodanno 31/12/2011 alle 23:00
>
> meglio uscire a ubriacarsi ...
>
> Saverio
>
>
> Il 08 aprile 2014 10:41, Clauz <clauz at ninux.org> ha scritto:
> > Nel giorno del XPcaplipse viene fuori un bruttissimo bug di OpenSSL, per
> > cui molte delle comunicazioni cifrate https degli scorsi due anni e'
> > come se fossero passate in chiaro.
> >
> > http://heartbleed.com/
> >
> > Non ho capito se il bug riguarda solo il lato server.
> >
> > :(
> > Clauz
> >
> > _______________________________________________
> > Not-wireless mailing list
> > Not-wireless at ml.ninux.org
> > http://ml.ninux.org/mailman/listinfo/not-wireless
> _______________________________________________
> Not-wireless mailing list
> Not-wireless at ml.ninux.org
> http://ml.ninux.org/mailman/listinfo/not-wireless
>
--
Claudio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.ninux.org/pipermail/not-wireless/attachments/20140409/b7751390/attachment-0001.html>
More information about the Not-wireless
mailing list