Wikipedia wrote:Where a Heartbeat Request might ask the server to "send back the four-letter word 'bird'", resulting in a server response of "bird", a malicious Heartbleed Request of "send back the 500-letter word 'hat'" would cause the server to return "hat" followed by whatever 497 characters the server happened to have in active memory. Attackers in this way could receive sensitive data, compromising the security of the server and its users. Vulnerable data include the server's private master key, which would enable attackers to decrypt current or stored traffic...
1 post • Page 1 of 1
- Protoss Stargate Concierge
- Posts: 1279
- Joined: Sat Aug 19, 2006 12:11 am