Heartbleed:

6 views
Skip to first unread message

Manu Balakrishna Pillai

unread,
Apr 11, 2014, 9:47:21 AM4/11/14
to

HI All,

This regarding a vulnerability discovered - "CVE-2014-0160". Trust me, its worse than ever.

This one is the worst one I've ever seen for information leakage. The only one I've seen that had a bigger impact was the Welchia worm and Code Red, but those were denial of service.  You KNEW you were getting hit with these.  Heartbleed is so horrible because it could have been exploited for years and information collected and you'd
never know. 
Wow!

http://heartbleed.com/

The developer who introduced the error regrets 'oversight', submitted just seconds before new year in 2012, the bug 'slipped through' – but discovery 'validates' open source The developer who introduced the "Heartbleed" vulnerability to the open-source code used by thousands of websites has told the Guardian it was an "oversight" – but that its discovery ...

http://www.theguardian.com/technology/2014/apr/11/heartbleed-developer-error-regrets-oversight



Regards,

Manu

Reply all
Reply to author
Forward
0 new messages