NST Heartbleed Detection: Difference between revisions

From MediaWiki
Jump to navigationJump to search
Line 3: Line 3:


[[Image:heartbleed.png]] This page shows how to use '''NST''' and '''[http://nmap.org/ nmap]''' to detect the '''[http://en.wikipedia.org/wiki/Heartbleed heartbleed]''' vulnerability. Heartbleed is a software bug in the open-source cryptography library '''[http://en.wikipedia.org/wiki/OpenSSL OpenSSL]''', which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data.
[[Image:heartbleed.png]] This page shows how to use '''NST''' and '''[http://nmap.org/ nmap]''' to detect the '''[http://en.wikipedia.org/wiki/Heartbleed heartbleed]''' vulnerability. Heartbleed is a software bug in the open-source cryptography library '''[http://en.wikipedia.org/wiki/OpenSSL OpenSSL]''', which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data.
See the following sites for technical detail on the vulnerability:
+ [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 CVE (Common Vulnerabilities and Exposures) CVE-2014-0160]
+ [http://www.openssl.org/news/secadv_20140407.txt OpenSSL Security Advisory 20140407]
+ [http://cvedetails.com/cve/2014-0160/ CVE Details]

Revision as of 16:05, 11 April 2014

Overview

This page shows how to use NST and nmap to detect the heartbleed vulnerability. Heartbleed is a software bug in the open-source cryptography library OpenSSL, which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data.

See the following sites for technical detail on the vulnerability:

+ CVE (Common Vulnerabilities and Exposures) CVE-2014-0160 + OpenSSL Security Advisory 20140407 + CVE Details