Home Q&A Forum Cyber Security Need the Mac "Terminal.app" command, for checking for the "Heartbleed"-vulnrblty

  • Need the Mac "Terminal.app" command, for checking for the "Heartbleed"-vulnrblty

    Posted by Randall Blanchard on November 20, 2019 at 8:32 am

    I need to find-out the ENTIRE Mac “Terminal.app” command, for checking for the “Heartbleed”-vulnerability — it got “cut-off”, in one of your articles, so I couldn’t use what was in the article .

    Please supply it, because I appear to have outgoing-“long-buffer” problems, accessing, some websites !

    Randall Blanchard replied 5 years, 1 month ago 2 Members · 5 Replies
  • 5 Replies
  • Komando Community

    Administrator
    November 21, 2019 at 10:15 am

    The Heartbleed vulnerability affected websites hosted on servers running insecure versions of OpenSSL. This vulnerability was from several years ago and websites would have already updated and patched their software where applicable. The Mac operating system OS X was never affected directly. As such, I was not able to find the commands you were inquiring about either on our site or elsewhere.

    Do you happen to have the link to the article you mentioned? We can take a look to see what it was discussing and how to find the information that was “cut off”.

  • Randall Blanchard

    Member
    November 25, 2019 at 9:32 am

    I just need the command-line, to check the version, of the possibly-offending, software .

  • Randall Blanchard

    Member
    November 25, 2019 at 9:39 am
  • Komando Community

    Administrator
    November 25, 2019 at 10:18 am

    @leftblank15

    To clarify, the Heartbleed vulnerability only affects web servers and services and does not affect clients (your personal computer, not being used as a server).

    If you are hosting your own website or web services, you can connect to your server and then use the command in the 3rd-party article you linked. This will check to see if your server is running an old version of OpenSSL. I show the full command needed is listed in that article.

    It should also be noted that, according to Apple, iOS and OSX web servers and other Apple web-based services were never affected by the Heartbleed vulnerability. Apple software never used the vulnerable version of OpenSSL that was affected.

  • Randall Blanchard

    Member
    December 7, 2019 at 2:52 am

    It turns-out, in the link that I had mentioned, you can copy the WHOLE command-line command, even if you cannot SEE the whole command, on the webpage .

Log in to reply.