Well, that’s the point, Paul. (You hit the nail on the head.) If you don’t have an openssl service exposed, the problem doesn’t affect you.
Since normally the web GUI isn’t exposed to the WAN, the attack surface is minimized. We are working at cutting a new release. Jim On Apr 8, 2014, at 1:49 PM, Paul Galati <[email protected]> wrote: > Is this vulnerability tied to a secure web connection on the wan interface? > If I do not have the web gui enabled on the wan interface and I am not using > openVPN, what other services allow this point of entry possible? > > Thanks for your time. > > Paul Galati > [email protected] > > > > On Apr 8, 2014, at 8:20 AM, Marek Salwerowicz <[email protected]> wrote: > >> Regarding the web test provided at: >> http://filippo.io/Heartbleed/ >> >> All my pfSense firewalls (their HTTPS WEB GUI) are vulnerable... > > _______________________________________________ > List mailing list > [email protected] > https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
