Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

DAMEware issues with OPenSSL (HeartBleed)

cegan

Are there any security concerns with older versions of DAMEware and this vulnerability?

Find more posts tagged with

Accepted answers

All comments

LGarvin

Greetings.

There are actually two answers to this question, one a universal fact-based one, and the other, since you specifically asked about "older versions" that can be directly inferred from known information about the OpenSSL/Hearbleed bug.

First, DameWare does not use OpenSSL. Period. So no versions of DameWare products are vulnerable.

Second, though, for older versions of DameWare, or practically speaking, for older versions of any software, we can eliminate any product published prior to March, 2012, because that's when the OpenSSL version that introduce this 'bug' was first available.

So, working backward from March, 2012

v7.0 and earlier could not possible be affected as they were released prior to March 2012.
v8.0 was released in March 2012, concurrent with the original release of OpenSSL 1.0.1, so one could also infer the astronomical probabilities that any product released in March 2012 would have a brand new version of OpenSSL included.