Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: heartbleed OpenSSL bug CVE-2014-0160

From: Michal Zalewski <lcamtuf () coredump cx>
Date: Wed, 9 Apr 2014 22:01:19 -0700
How realistic is it that an attacker would be able to glean passwords through
this vulnerability?


Highly.


Programatically searching through 64k memory dumps for
certificates seems plausible, but looking for passwords does not. A password is
of no pre-determined length or format.


HTTP POST requests have a very specific and distinctive format that
makes it very easy to automatically spot web app login attempts if you
happen to stumble upon one. On top of that, the nature of this
vulnerability makes it relatively easy to stumble upon snippets of
requests made by other users (whereas the leak of crypto keys appears
to be considerably less likely under normal circumstances).

/mz

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: