Verifying whether your VMWare ESXi systems are affected by Heartbleed or not

The Heartbleed bug affects specific versions of ESXi. This article will help you to determine which versions are affected and which are not.

Systems with following version of OpenSSL are affected

  • OpenSSL 1.0.1 through 1.0.1f

Systems with following version of OpenSSL are not affected

  • OpenSSL 1.0.1g
  • OpenSSL 1.0.0
  • OpenSSL 0.9.8

From what I’ve gathered so far the only version of ESXi that has an affected version of OpenSSL on it is ESXi 5.5

To check your VMWare systems for version run the following  command:

~ # vmware -vl

VMware ESXi 5.1.0 build-1483097
VMware ESXi 5.1.0 Update 2

To check your VMWare systems for the OpenSSL version run the following  command:

~ # openssl version -a
OpenSSL 0.9.8y

So based on just this information your VSPhere server is fine. ESXi 5.1.0 Update 2 runs OpenSSL 0.9.8y which is not affected.

Now we can run the same command on a 5.5 system

~ # openssl version -a
OpenSSL 1.0.1e

This system is affected by the HeartBleed Bug as it falls into the following category:

  • OpenSSL 1.0.1 through 1.0.1f

There is some additional output you will see when you’re running the listed commands on an ESXi server. I removed a portion of the output to make this easier to read.

Leave a Reply

Your email address will not be published. Required fields are marked *