OpenSSL leaks server-Keys / The Heartbleed Bug
mex
nginx-forum at nginx.us
Tue Apr 8 10:50:33 UTC 2014
A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or
server.
https://www.openssl.org/news/secadv_20140407.txt
http://heartbleed.com/
http://www.reddit.com/r/netsec/comments/22gym6/diagnosis_of_the_openssl_heartbleed_bug/
http://security.stackexchange.com/search?q=heartbleed
regards,
mex
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,249102,249102#msg-249102
More information about the nginx
mailing list