Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OpenSSL Heartbeat Information Disclosure (Heartbleed)



The remote service is affected by an information disclosure vulnerability.


Versions of OpenSSL 1.0.1 prior to 1.0.1g may contain the following vulnerability:

- A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. (CVE-2014-0160)


Upgrade to OpenSSL 1.0.1g or later.<br><br>Alternatively, recompile OpenSSL with the '-DOPENSSL_NO_HEARTBEATS' flag to disable the vulnerable functionality.