Print

Print


Hi Rich,

The VPN concentrators serving sslvpn.uvm.edu have been verified as safe
from this vulnerability. As for "general advice", please see my message
to SECURITY as forwarded by Nick Gingrow ("FW: [SECURITY] serious flaw
in OpenSSL 1.0.1 (CVE-2014-0160/"Heartbleed")").

Let us know if you have further questions or suggestions.


Cheers,

-sth

--
Sam Hooker | [log in to unmask]
Information Security Engineer
Enterprise Technology Services
The University of Vermont


On 20140409, 08:53 , Rich Downing wrote:
> Hi,
> 
> Does UVM's information security personnel have any 'official' advice on
> dealing with the OpenSSL 'Heartbleed' security bug? Should use of Cisco
> AnyConnect be continued?
> 
> Rich
>