[Cryptography] Seen on /. ... TLS heartbeat bug.
Tom Mitchell
mitch at niftyegg.com
Mon Apr 7 21:02:01 EDT 2014
Apparently another old ssl bug.
https://www.openssl.org/news/secadv_20140407.txt
TLS heartbeat read overrun (CVE-2014-0160)
==========================================
A missing bounds check in the handling of the TLS heartbeat extension can be
used to reveal up to 64k of memory to a connected client or server.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140407/7e02068b/attachment.html>
More information about the cryptography
mailing list