Tuesday, April 29, 2014

Heartbleed Bug









The Heartbleed Bug

The Heartbleed bug allows anyone on the internet to read memory of systems protected by the vulnerable versions of the OpenSSL software.  Because of this, the secret keys used to identify the service providers and encrypt the traffic is left compromised.  This leaves user names and passwords vulnerable for attacks: such as eavesdropping, and theft of user data directly from the service itself.


What is OpenSSL?! - OpenSSL is a library that provides cryptographic functionality to applications, an example of this type of application would be a web server.


A fixed version of OpenSSL was released on April 7, 2014

Read more:
More Information can be found here:
http://heartbleed.com/

http://www.kb.cert.org/vuls/id/720951

No comments:

Post a Comment