Full Disclosure mailing list archives
heartbleed OpenSSL bug CVE-2014-0160
From: Kirils Solovjovs <kirils.solovjovs () kirils com>
Date: Tue, 08 Apr 2014 03:10:06 +0300
We are doomed. Description: http://www.openssl.org/news/vulnerabilities.html Article dedicated to the bug: http://heartbleed.com/ Tool to check if TLS heartbeat extension is supported: http://possible.lv/tools/hb/ A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to a connected client or server. 1.0.1[ abcdef] affected. P.S. Happy Monday! _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- heartbleed OpenSSL bug CVE-2014-0160 Kirils Solovjovs (Apr 07)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Andrew Case (Apr 07)
- Re: heartbleed OpenSSL bug CVE-2014-0160 David H (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Joerg Mertin (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Jann Horn (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Francesc Guitart (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Javier Reoyo (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Carlos P (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Joerg Mertin (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 David H (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Matthew Musingo (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Craig Holmes (Apr 09)