|
Hearbleed bug in OpenSSL
|
|
2014-04-10, 02:10
(This post was last modified: 2014-04-10 02:12 by mogey5101.)
Post: #1
|
|||||||
|
|||||||
|
Hearbleed bug in OpenSSL
http://heartbleed.com/
People at Google found a bug in OpenSSL that can allow an attacker to leak up to 64k of memory from the server. That memory can contain your encrypted traffic along with the SSL certificate and the decryption key. Don't trust any website you visit in the next couple of days before you check it using something like http://filippo.io/Heartbleed/ . Worst part? This bug has existed for over 2 years, you can actually view the github commit that included the bug here, so theres no way of telling whos abused this bug and where your data has gone. If you have SSL certificates for your site(s), revoke them, if you're using Linux or MaxOSX, update OpenSSL. |
|||||||
|
« Next Oldest | Next Newest »
|
| Messages In This Thread |
|
Hearbleed bug in OpenSSL - mogey5101 - 2014-04-10 02:10
RE: Hearbleed bug in OpenSSL - Ras - 2014-04-10, 12:22
RE: Hearbleed bug in OpenSSL - Audiojack - 2014-04-10, 12:55
RE: Hearbleed bug in OpenSSL - Pete - 2014-04-10, 15:07
RE: Hearbleed bug in OpenSSL - Kayla - 2014-04-10, 15:09
RE: Hearbleed bug in OpenSSL - Chuck - 2014-04-10, 15:23
RE: Hearbleed bug in OpenSSL - Pete - 2014-04-10, 16:47
RE: Hearbleed bug in OpenSSL - mogey5101 - 2014-04-10, 23:22
RE: Hearbleed bug in OpenSSL - Warped - 2014-04-10, 17:14
RE: Hearbleed bug in OpenSSL - Pete - 2014-04-11, 15:10
RE: Hearbleed bug in OpenSSL - FR4NOx - 2014-04-11, 15:33
|
User(s) browsing this thread: 6 Guest(s)
Powered By MyBB, © 2002-2025 MyBB Group