Posted on Leave a comment

OpenSSL Heartbleed vulnerability issue

As a follow-up of the Heartbleed vulnerability issue, we have reviewed all Koffeeware services for impact for the issue described in CVE-2014-0160.

A short explanation of the Heartbleed issue

For over two years, the Internet’s most popular implementation of the Transport Layer Security (TLS) protocol has contained a critical defect that allowed attackers to pluck account passwords, authentication cookies, and other sensitive data out of the private server memory of websites. Koffeeware sites were among the millions of web sites using the OpenSSL library, and thus affected by this vulnerability.

Continue reading OpenSSL Heartbleed vulnerability issue