I have Unity Asset Server installed on a private server, and was wondering if it is susceptible to the OpenSSL heartbleed bug.
The Unity Asset Server does not utilize SSL so it should not be affected.
As another thread noted, the Asset Server traffic is unencrypted so it is advised to do your own security mechanisms like VPNs, ssh tunnels, etc.
In which case, it would be also recommended to verify the security packages you use are up-to-date.