Hi everyone,
I'm running Freebsd 7.0 with pf and openvpn. I'm somewhat new to freebsd and noticed there was a recent security advisor stating a vulnerability with openssl.
http://forums.freebsd.org/showthread.php?p=8287#post8287
This lead me to believe that i'm vulnerable due to ssh and openvpn using it. I think I have the version of openssl that is installed with the base since i don't see it with pkg_info. Only with "whereis".
# whereis openssl
openssl: /usr/bin/openssl /usr/share/openssl/man/man1/openssl.1.gz /usr/src/secure/usr.bin/openssl
When I ran portaudit -Fda on the box, nothing was found.
# portaudit -Fda
auditfile.tbz 100% of 53 kB 54 kBps
New database installed.
Database created: Sun Jan 11 10:10:10 EST 2009
0 problem(s) in your installed packages found.
# pkg_info | grep openvpn
openvpn-2.0.6_9 Secure IP/Ethernet tunnel daemon
Should I proceed anyways with the patching steps instructed in the advisory? Also, does this affect ssh as well?
Thanks,
Fatman
I'm running Freebsd 7.0 with pf and openvpn. I'm somewhat new to freebsd and noticed there was a recent security advisor stating a vulnerability with openssl.
http://forums.freebsd.org/showthread.php?p=8287#post8287
This lead me to believe that i'm vulnerable due to ssh and openvpn using it. I think I have the version of openssl that is installed with the base since i don't see it with pkg_info. Only with "whereis".
# whereis openssl
openssl: /usr/bin/openssl /usr/share/openssl/man/man1/openssl.1.gz /usr/src/secure/usr.bin/openssl
When I ran portaudit -Fda on the box, nothing was found.
# portaudit -Fda
auditfile.tbz 100% of 53 kB 54 kBps
New database installed.
Database created: Sun Jan 11 10:10:10 EST 2009
0 problem(s) in your installed packages found.
# pkg_info | grep openvpn
openvpn-2.0.6_9 Secure IP/Ethernet tunnel daemon
Should I proceed anyways with the patching steps instructed in the advisory? Also, does this affect ssh as well?
Thanks,
Fatman
