WOT site remains exposed to Heartbleed exploit! Why?

Post Reply
User avatar
Pianosa
Posts: 44
Joined: Fri Apr 25, 2014 6:25 pm

WOT site remains exposed to Heartbleed exploit! Why?

Post by Pianosa » Tue May 27, 2014 12:58 pm

Following the Heartbleed disclosure, only one of the two SSL certificates offered by www.mywot.com has been revoked (on 2014-04-16 21:19:15 ). The certificate with serial number 0x112180d7ea6963e3c9776eff010d3c7a69fd (www.mywot.com) which is due to expire on 2016-01-30 has NOT yet been revoked, thus leaving the domain exposed to the Heartbleed vulnerability.
<!--break-->
Is there any intention to revoke this (possibly compromised) certificate?
<!--break-->
If so, what is the reason for the lengthy delay?

Guest

RE: WOT site remains exposed to Heartbleed exploit! Why?

Post by Guest » Tue May 27, 2014 9:27 pm

Ops, true
Image

http://toolbar.netcraft.com/help/faq/in ... heartbleed

Hopefully the Staff of mywot will address this issue soon
Thank you for the heads up

User avatar
Timo
Posts: 418
Joined: Sun Oct 29, 2006 5:11 pm

RE: WOT site remains exposed to Heartbleed exploit! Why?

Post by Timo » Wed May 28, 2014 11:09 am

Thanks for reminding about the revoking the certificate. We fixed openssl as soon as it was discovered but simply forgot to revoke the certificate. Issue has been fixed.

Guest

RE: WOT site remains exposed to Heartbleed exploit! Why?

Post by Guest » Wed May 28, 2014 5:24 pm

<quote user="timo">
Thanks for reminding about the revoking the certificate. We fixed openssl as soon as it was discovered but simply forgot to revoke the certificate. Issue has been fixed.
[/quote]

Thank you Timo
I feel much better now :)

User avatar
Pianosa
Posts: 44
Joined: Fri Apr 25, 2014 6:25 pm

RE: WOT site remains exposed to Heartbleed exploit! Why?

Post by Pianosa » Mon Jul 21, 2014 11:42 am

<quote user="timo">
Thanks for reminding about the revoking the certificate. We fixed openssl as soon as it was discovered but simply forgot to revoke the certificate. Issue has been fixed.
[/quote]

@Timo
Thanks.

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest