[Bug 67564] New: Lots of servers are vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224)

bugzilla-daemon Sun, 06 Jul 2014 04:58:12 -0700

https://bugzilla.wikimedia.org/show_bug.cgi?id=67564


            Bug ID: 67564
           Summary: Lots of servers are vulnerable to the OpenSSL CCS
                    vulnerability (CVE-2014-0224)
           Product: Wikimedia
           Version: unspecified
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: Unprioritized
         Component: SSL related
          Assignee: [email protected]
          Reporter: [email protected]
       Web browser: ---
   Mobile Platform: ---

Originally I posted this issue under Bug 53259, but I find more and more
vulnerable sites, so I think it is more appropriate to move to a new bug
report.

According to SSL Labs these servers are "vulnerable to the OpenSSL CCS
vulnerability (CVE-2014-0224) and exploitable":

* graphite.wikimedia.org
* gdash.wikimedia.org
* dumps.wikimedia.org
* noc.wikimedia.org

These are vulnerable but probably not exploitable:

* ganglia.wikimedia.org
* lists.wikimedia.org

[1] https://www.ssllabs.com/ssltest/analyze.html?d=noc.wikimedia.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 67564] New: Lots of servers are vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224)

Reply via email to