Hi, On 08/04/2014 13:55, Mike Tancsa wrote: > On 4/8/2014 7:47 AM, Adriaan de Jong wrote: > >> Using the tls-auth option should protect against this vulnerability > (assuming that your tls-auth key is not known to the attacker). > > > >> If you're not using tls-auth and are using a vulnerable version of > OpenSSL, you should definitely upgrade to OpenSSL 1.0.1g. > > > > Note that you should also replace both server and client private > keys, as these can be read by an attacker. > > Perhaps a dumb question, but if the server instance is linked against > an older version of openssl (9.8.x), but the client is compiled and > linked against the vulnerable version, is it still an issue for both > sides, or is the client going to leak private information ?
The client can then leak keys (both private master key and session keys), which completely breaks your secure connection, for that client. So when the server is not vulnerable, each client has to be attacked individually, and not-vulnerable clients have a secure connection to the server. As long as there are vulnerable clients, you should consider those as potentially malicious, and thus you should consider the network as insecure. -Steffan
