Information and Downloads on the Heartbleed Bug

The Heartbleed vulnerability allows an attacker to read random 64k blocks of memory of the service using OpenSSL (with TLS). Since every request delivers another 64k memory block an attacker could retrieve sensitive data from the service i.e. private keys. More detailed information about Heartbleed can be found in the security advisory: and here

This vulnerability is only if running the following services are using OpenSSL with TLS:

  • openvpn
  • squid
  • freeradius
  • asterisk
  • curl
  • pound
  • tor
  • transmission

Depending on your setup you may not be affected by Heartbleed.

In addition, NETGEAR confirms there are no vulnerabilities to the Heartbleed bug in thier routers running factory firmware.

If you are running and old version of DD-WRT, Tomato or a NETGEAR supplied DD-WRT buid here are the links for new builds that have the Heartbleed fixes

DD-WRT Releases by Kong

Tomato Releases

DD-WRT Releases by NETGEAR