Shortly speaking, Heartbleed shares the memory of a system protected by OpenSSL to anyone on the Internet.<\/p>\n
Dr Seggelmann, of M\u00fcnster in Germany, said the bug which introduced the flaw was “unfortunately” missed by him and a reviewer when it was introduced into the open source OpenSSL encryption protocol over two years ago.<\/p>\n
Who reported it?<\/b><\/p>\n
According to OpenSSL<\/a>, it was Neel Mehta from Google’s security team that reported the problem in the beginning of April. What’s really scary is that the bug slipped under the radar for so long.<\/p>\n <\/p>\n Am I affected by Heartbleed?<\/b><\/p>\n To check if your website or application is vulnerable you can use Metasploit’s Brand New Heartbleed Scanner Module<\/a>.<\/p>\n If you would like to check Open-E DSS V7, here’s an example of how to install Metasploit Framework on Ubuntu<\/a>.<\/p>\n <\/p>\n Is Open-E software safe?<\/b><\/p>\n Our team of developers tested the products with Metasploit’s Brand New Heartbleed Scanner Module and guarantee that all Open-E Data Storage Software<\/a> products are secure. There is no need to update software or change passwords.<\/p>\n <\/p>\n
![\"\"](\"https:\/\/imgs.xkcd.com\/comics\/heartbleed_explanation.png)
<\/a>