News archive

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL 8 Apr


The OpenSSL Project staff released security bulletin CVE-2014-0160, which states about the critical vulnerability in the popular cryptographic library OpenSSL. Vulnerability is related to the lack of adequate bounds check in one of the procedures of expanding Heartbeat (RFC6520) protocol for TLS / DTLS. Because of this little error of one programmer anyone gets direct access to the RAM of computers whose communication is “protected” by the vulnerable version of OpenSSL.