[mythtv-users] the heartbleed openssl bug and mythtv

[Will Dormann]

On 4/9/14, 3:51 PM, Chris Lewis wrote:
> 
>>
>> I am not trying to be a troll at all, but I have a legitimate
> question.  If I am running my backend as a MythTV only server, what
> should I be worried about?  Someone can see/schedule/delete recordings
> if they decide to target/sniff my IP and get login credentials?
>>
>> -Tom
> 
> And run spam relays, and launch DDoS attacks, and join botnets etc etc....
> Chris


Given that the vulnerability is an info leak, I think there are a few
steps between it and code execution that you describe.

http://www.kb.cert.org/vuls/id/720951


-WD