Heartbleed OpenSSL vulnerability

Tuesday, 8. 04. 2014  –  Category: stash, sw

OpenSSL advisory CVE-2014-0160 Heartbleed Here’s a oneliner to check if a remote server might be vulnerable by checking if it advertises the Heartbeat TLS extention during connection negotiation. $ openssl version OpenSSL 1.0.1e-freebsd 11 Feb 2013 $ < /dev/null openssl s_client -connect example.com:443 -tlsextdebug 2>&1 | grep -i heartbeat TLS server extension "heartbeat" (id=15), len=1 […]