Himalia Enemy Territory Gaming Community

An Enemy Territory Gaming Community
https://www.himalia.fi/forum/

Vulnerability in OpenSSL 1.0.1 heartbeat

https://www.himalia.fi/forum/viewtopic.php?t=1263

Page 1 of 1

Vulnerability in OpenSSL 1.0.1 heartbeat

Posted: 08 Apr 2014, 11:45
by gR!ns
"OpenSSL 1.0.1 contains a vulnerability that could disclose private information to an attacker." There is a patch for this at least in Ubuntu repo.

https://www.kb.cert.org/vuls/id/720951

Re: Vulnerability in OpenSSL 1.0.1 heartbeat

Posted: 08 Apr 2014, 13:58
by gaoesa
...

The actual advisory
https://www.openssl.org/news/secadv_20140407.txt

Re: Vulnerability in OpenSSL 1.0.1 heartbeat

Posted: 08 Apr 2014, 16:29
by gaoesa
Here is some more information of this exploit
http://heartbleed.com/

OpenSSL is used in over 90 percent of SSL implementations, so now quickly to exploit this to find out the secrets of everybody. Please don't go into hysteria though, other implementations may not have this specific bug but they have been found to have other exploits and also, those implementations probably haven't been audited to the same extent as OpenSSL.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited