Difference between revisions of "NST Heartbleed Detection"
From NST Wiki
Jump to navigationJump to search (→Heartbleed Detection - NST Public System) |
(→Overview) |
||
| Line 4: | Line 4: | ||
[[Image:heartbleed.png]] This page shows how to use '''NST''' and '''[http://nmap.org/ nmap]''' to detect the '''[http://en.wikipedia.org/wiki/Heartbleed heartbleed]''' vulnerability. Heartbleed is a software bug in the open-source cryptography library '''[http://en.wikipedia.org/wiki/OpenSSL OpenSSL]''', which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data. | [[Image:heartbleed.png]] This page shows how to use '''NST''' and '''[http://nmap.org/ nmap]''' to detect the '''[http://en.wikipedia.org/wiki/Heartbleed heartbleed]''' vulnerability. Heartbleed is a software bug in the open-source cryptography library '''[http://en.wikipedia.org/wiki/OpenSSL OpenSSL]''', which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data. | ||
| − | See the following sites for technical detail on | + | See the following sites for technical detail on this vulnerability: |
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 CVE (Common Vulnerabilities and Exposures) CVE-2014-0160] | * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 CVE (Common Vulnerabilities and Exposures) CVE-2014-0160] | ||
Revision as of 17:09, 11 April 2014
Contents
Overview
This page shows how to use NST and nmap to detect the heartbleed vulnerability. Heartbleed is a software bug in the open-source cryptography library OpenSSL, which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data.
See the following sites for technical detail on this vulnerability:
- CVE (Common Vulnerabilities and Exposures) CVE-2014-0160
- OpenSSL Security Advisory 20140407
- CVE Details
