HomeSearchSite MapContact Us RemoteDBA Services for CODASYL DBMS and RdbPreserving Mission Critical IT Applications Through Virtualization

Remote Management of OpenVMS SystemsExtreme Performance Consulting


OPEN VMS ADMINISTRATION

 


Printable
Data Sheet

 

 

Follow SoftwareConcept on Twitter

Follow us
on Twitter

   
 
 

OpenVMS and the "Heartbleed" bug

There has been much publicity lately regarding an internet security vulnerability known as “Heartbleed”. See www.heartbleed.com for a good description of the problem, or, see the CVE web site for the official CVE description.

Some customers have asked if their OpenVMS systems are vulnerable to this bug. SCI offers the following guidance:

  • For customers using HP SSL for OpenVMS: The Heartbleed bug was introduced in OpenSSL V1.0.1 and the most recent version of SSL for OpenVMS is based on OpenSSL V0.9.8y and is therefore not affected.

  • For customers using Process Software Products: The following was posted to the process.com web page: “Process Software's products including MultiNet, TCPware, PMDF, PreciseMail, VAM, and SSH-UCX are NOT vulnerable to this attack. These products do not use the versions of OpenSSL open to attack. No patches or configuration changes are required to secure any version of these products.” ()
     

Please feel free to contact us with additional questions.

 

Copyright © 2016 Software Concepts International
All Rights Reserved