Wikipedia wrote:Where a Heartbeat Request might ask the server to "send back the four-letter word 'bird'", resulting in a server response of "bird", a malicious Heartbleed Request of "send back the 500-letter word 'hat'" would cause the server to return "hat" followed by whatever 497 characters the server happened to have in active memory. Attackers in this way could receive sensitive data, compromising the security of the server and its users. Vulnerable data include the server's private master key, which would enable attackers to decrypt current or stored traffic...
1 post • Page 1 of 1
- a.k.a. the REAL Lavarinth
- Posts: 1251
- Joined: Sat Aug 19, 2006 12:11 am
- Status: Offline
Who is online
Users browsing this forum: No registered users and 2 guests