|10 Apr 2014||#1|
| || |
Anatomy of OpenSSL's Heartbleed: Just four bytes trigger horror bug
The password-leaking OpenSSL bug dubbed Heartbleed is so bad, switching off the internet for a while sounds like a good plan.
A tiny flaw in the widely used encryption library allows anyone to trivially and secretly dip into vulnerable systems, from your bank's HTTPS server to your private VPN, to steal passwords, login cookies, private crypto-keys and much more.
How, in 2014, is this possible?
A simple script for the exploit engine Metasploit can, in a matter of seconds, extract sensitive in-memory data from systems that rely on OpenSSL 1.0.1 to 1.0.1f for TLS encryption. The bug affects about 500,000, or 17.5 per cent, of trusted HTTPS websites, we're told, as well as client software, email servers, chat services, and anything else using the aforementioned versions of OpenSSL.
|My System Specs|
|Similar help and support threads for2: Anatomy of OpenSSL's Heartbleed: Just four bytes trigger horror bug|
|Massive Security Bug In OpenSSL Could Affect A Huge Chunk Of The Inter||Security News|
|What Is Heartbleed? The Video||Security News|
|heartbleed bug/virus||System Security|
|Is OpenSSL available for windows7 64bit? (for total commander)||Software|
|Disk has 0 bytes used and 0 bytes free||Installation & Setup|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 08:00 AM.