HolyGhost logoHolyGhost

#heartbleed

1 post

AnalysisCVE-2014-0160

Heartbleed: When Asking Nicely Leaked the Server's Secrets

A missing length check in OpenSSL let anyone read chunks of a server's memory, including private keys and passwords. Here is how Heartbleed (CVE-2014-0160) worked and why it was so serious.

7 min read·#heartbleed#openssl#tls