Is OpenDNS affected by Heartbleed?
On April 7th, 2014, CVE-2014-0160 was discovered and documented by the National Vulnerability Database. Referred to as “Heartbleed”, this bug is a security vulnerability in OpenSSL versions before 1.0.1g that allows exploitation of an affected system's memory from client to server and server to client, resulting in an insecure connection.
After a review, OpenDNS engineers have concluded that no production systems that passed user traffic or user credentials was impacted. We are continuing audits as more information about the Heartbleed vulnerability is made known.
Further questions can be directed to our support team at support@opendns.com.
Post is closed for comments.
Comments
1 comment