Cisco Devices are not effected as they are running OpenSSL version 0.9.8 on the newest 9.01 IOS Software. Most Cisco Firewalls have Older IOS versions and therefore have older versions of OpenSSL.

The heartbleed bug was introduced in OpenSSL 1.0.1 and is present in
• 1.0.1
• 1.0.1a
• 1.0.1b
• 1.0.1c
• 1.0.1d
• 1.0.1e
• 1.0.1f
The bug is not present in 1.0.1g, nor is it present in the 1.0.0 branch nor the 0.9.8 branch of OpenSSL.



  1. Set valid password for vi-admin, for example F0t56otk!# should do
  2. Login to vMA shell as vi-admin
  3. Elevate session as root with “sudo –s”
  4. Run “pam-config –d –-cracklib” (note double dashes on front of cracklib)
  5. Exit root shell with “exit”
  6. Change vi-admin password with “passwd” to any password you’d like

Above pam-config command disables cracklib in vMA PAM (pluggable authentication module) configuration, cracklib is a PAM library which is used to enforce Linux, and it this case vMA account password strength.

VMware has released vSphere 5.5 (and other related product updates)

Duncan Epping has posted a list of all download links on his blog.

In this post I will provide a quick way to update your standalone ESXi host to ESXi 5.5

How to update to ESXi 5.5

If your host is connected to the Internet then you just need to run the following commands in an ESXi shell:

# open firewall for outgoing http requests:
esxcli network firewall ruleset set -e true -r httpClient

# Install the ESXi 5.5 GA Imageprofile from the VMware Online depot

esxcli software profile update -d -p ESXi-5.5.0-1331820-standard

It might be very important to use update and not install here! More on this later. Reboot the host to complete the update.