I know that the vulnerability exploits the Heartbeat response which is a TLS feature. Now, when testing some of my important sites, there was some wording that scared me, namely:
TLS extension 15 (heartbeat) seems disabled, so your server is probably unaffected.
Does that means that there's another possible vulnerability related to Heartbeat, or the wording is like that just to leave the possibility of other vulnerabilities and don't make me feel safe?