Search found 2 matches

by stankyjim
Wed Apr 09, 2014 11:48 am UTC
Forum: Individual XKCD Comic Threads
Topic: 1353: "Heartbleed"
Replies: 99
Views: 32002

Re: 1353: "Heartbleed"

wouldn't an attacker still need command line access on the web server? Getting such access should be hard, right? Doesn't that make this problem less severe than it is drummed up to be? Security expert here! Nope command line access is not needed, after a connection is established and TLS encryptio...
by stankyjim
Wed Apr 09, 2014 8:28 am UTC
Forum: Individual XKCD Comic Threads
Topic: 1353: "Heartbleed"
Replies: 99
Views: 32002

Re: 1353: "Heartbleed"

It is pretty important to realise that this isn't a web security bug. It is an issue with the TLS implementation of openssl versions 1.0.1a-f.

This impacts email, web, irc, databases, performance monitoring daemons, anything that uses the openssl TLS implementation and is of a vulnerable version.

Go to advanced search