"OpenSSL 1.0.1 contains a vulnerability that could disclose private information to an attacker." There is a patch for this at least in Ubuntu repo.
https://www.kb.cert.org/vuls/id/720951
Vulnerability in OpenSSL 1.0.1 heartbeat
Re: Vulnerability in OpenSSL 1.0.1 heartbeat
He hoped and prayed that there wasn't an afterlife. Then he realized there was a contradiction involved here and merely hoped that there wasn't an afterlife.
- Douglas Adams
silEnT development
http://mygamingtalk.com/
- Douglas Adams
silEnT development
http://mygamingtalk.com/
Re: Vulnerability in OpenSSL 1.0.1 heartbeat
Here is some more information of this exploit
http://heartbleed.com/
OpenSSL is used in over 90 percent of SSL implementations, so now quickly to exploit this to find out the secrets of everybody. Please don't go into hysteria though, other implementations may not have this specific bug but they have been found to have other exploits and also, those implementations probably haven't been audited to the same extent as OpenSSL.
http://heartbleed.com/
OpenSSL is used in over 90 percent of SSL implementations, so now quickly to exploit this to find out the secrets of everybody. Please don't go into hysteria though, other implementations may not have this specific bug but they have been found to have other exploits and also, those implementations probably haven't been audited to the same extent as OpenSSL.
He hoped and prayed that there wasn't an afterlife. Then he realized there was a contradiction involved here and merely hoped that there wasn't an afterlife.
- Douglas Adams
silEnT development
http://mygamingtalk.com/
- Douglas Adams
silEnT development
http://mygamingtalk.com/