According to the article:-
Pettersen has unearthed two problems. First, many patched servers are still using their old digital certificates. "Given that any server that was patched after April 7 has to be assumed to have had its certificate private key compromised
Second, there's been an alarming rise in the number of new servers that sport Heartbleed, including a sizeable number of F5's BigIP crypto accelerator servers. "In my most recent scan, 20% of the currently vulnerable servers -- as distinguished by IP addresses -- and 32% of the vulnerable BigIP servers were NOT vulnerable when they were scanned previously," he said. "This means that thousands of sites have gone from not having a Heartbleed problem to having a Heartbleed problem."
The link below has more information:-
No comments:
Post a Comment