OpenSSL Heartbleed Bug – is a serious vulnerability in the popular OpenSSL cryptographic software library

OpenSSLHeartbleedBug_logoThe OpenSSL Heartbleed Bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL Software – http://filippo.io/Heartbleed/ is a web based test

OpenSSLHeartbleedBug_01

OpenSSLHeartbleedBug_00

Basically an attacker can grab 64K of memory from a server. The attack leaves no trace and can be done multiple times to grab a different random 64K of memory. This means that anything in memory – SSL private keys, user keys, anything – is vulnerable

 

This entry was posted on Donnerstag, April 10th, 2014 at 08:21 and is filed under Administration, Network Info, Security Solution. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.