While i was trying to upgrade openssl, i notice that when i tried to upgrade it says that openssl is not installed but it is.
Open SSL 0.9.8zg 14 July 2015 is the version installed by OS X 10.9(.5) (Mavericks) and resides in /usr/bin/.
Then you are most likely open to these exploits and should continue on with this upgrade.
After running the second check you should get a result looking like this: Server domain.com: Apache/1.3.27 (Unix) mod_ssl/2.8.14 Open SSL/0.9.6b PHP/4.3.2 mod_perl/1.27 Front Page/220.127.116.110 As you can see the server is running Open SSL 0.9.6b and would be open to many exploits even though mod_ssl is running the latest version.You will need to recompile the other applications that used the old Open SSL libaries at build time to fully seucre your system.Applications such as Open SSH and Apache mod_ssl are the ones you will absolutely need to recompile.Title: Upgrading Open SSL on Redhat Servers Revision: 1.0.5 Date: June 28th, 2003 Time: am CST Description: Guide for installing and upgrading Open SSL services on a typical Redhat server to close the very common Open SSL hole that is plaguing many servers today.Difficulty: 6/10 ------------------------------------------------------------ Disclaimer: THIS HOWTO IS PROVIDED BY NULL-ROUTE DOT COM "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.