AnalysisCVE-2014-0160
Heartbleed: When Asking Nicely Leaked the Server's Secrets
A missing length check in OpenSSL let anyone read chunks of a server's memory, including private keys and passwords. Here is how Heartbleed (CVE-2014-0160) worked and why it was so serious.
7 min read·#heartbleed#openssl#tls