A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or
server.
https://www.openssl.org/news/secadv_20140407.txt
http://heartbleed.com/
http://www.reddit.com/r/netsec/comments/22gym6/diagnosis_of_the_openssl_heartbleed_bug/
http://security.stackexchange.com/search?q=heartbleed
regards,
mex
can be used to reveal up to 64k of memory to a connected client or
server.
https://www.openssl.org/news/secadv_20140407.txt
http://heartbleed.com/
http://www.reddit.com/r/netsec/comments/22gym6/diagnosis_of_the_openssl_heartbleed_bug/
http://security.stackexchange.com/search?q=heartbleed
regards,
mex