I was reading a BBC article about Heartbleed, and in the article it references couple of sites that can test other websites for presence of Heartbleed vulnerability. The sites' stated purpose is to help users see if a site that they use is currently vulnerable (e.g. test if the site I'm about to purchase from is vulnerable to Heartbleed), which
How to Check if a Website is Vulnerable to the Heartbleed Apr 10, 2014 Heartbleed Overblown? Experts Test Seriousness Of OpenSSL Bug Apr 14, 2014 Heartbleed test If there are problems, head to the FAQ Results are now cached globally for up to 6 hours. Enter a URL or a hostname to test the server for CVE-2014 SSL Server Test . This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet. Please note that the information you submit here is used only to provide you the service. We don't use the domain names or the test results, and we never will. The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.
Apr 10, 2014
Heartbleed is a major security hole in multiple versions of OpenSSL resulting in temporary information being stored in a site's server memory after it has been unencrypted. That server memory can How to Check if a Site Is Safe From 'Heartbleed'
The Heartbleed bug is a security vulnerability in OpenSSL that has affected and continues to affect millions of people around the world. SSL and TLS encryption used to secure information across the web is being exploited by cyber-attackers to gain valuable user information such as passwords, billing information, and other valuable credentials.
ssl-heartbleed NSE Script - Nmap Detects whether a server is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160). The code is based on the Python script ssltest.py authored by Jared … Not All Heartbleed Checkers Are Created Equally | DigiCert.com Some Heartbleed checkers look at the NotBefore field (the beginning date) of an SSL Certificate to determine if it was issued before or after the Heartbleed fix was issued. This approach has two major problems, namely, a site could have a new certificate, but if it was installed before patching the OpenSSL installation, it is subject to the ‘Heartbleed’ Bug Exposes Passwords, Web Site Encryption Apr 08, 2014 Chromebleed alerts sites vulnerable to Heartbleed - CNET