Overview Edit

Heartbleed is a security bug in the OpenSSL cryptography library that gained widespread attention in April 2014. OpenSSL is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be exploited whether the party using a vulnerable OpenSSL instance for TLS is a server or a client. Heartbleed results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, the heartbeat being the basis for the bug's name. The vulnerability is classified as a buffer overread, a situation where software allows more data to be read than should be allowed.

External resource Edit

  • Robert McMillan, "It's Crazy What Can Be Hacked Thanks to Heartbleed," Wired, Apr. 28, 2014 (full-text).

This page uses Creative Commons Licensed content from Wikipedia (view authors). Smallwikipedialogo.png

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.