Heartbleed exploit, patch, both released


As the Heartbleed fallout continues, the good news is that code to fix the problem in OpenSSL has been released. The bad news is that exploit code is also available.

Let’s start with the latter, released by a chap who took up Cloudlare’s challenge to coders in the hope someone, somewhere, would be able to use Heartbleed to extract a private SSL key from an undefended server it erected.


Read more: Heartbleed exploit, patch, both released

Story added 14. April 2014, content source with full text you can find at link above.