Difference between revisions of "NST Heartbleed Detection"
From NST Wiki
Jump to navigationJump to search (→Overview) |
(→Overview) |
||
| Line 3: | Line 3: | ||
[[Image:heartbleed.png]] This page shows how to use '''NST''' and '''[http://nmap.org/ nmap]''' to detect the '''[http://en.wikipedia.org/wiki/Heartbleed heartbleed]''' vulnerability. Heartbleed is a software bug in the open-source cryptography library '''[http://en.wikipedia.org/wiki/OpenSSL OpenSSL]''', which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data. | [[Image:heartbleed.png]] This page shows how to use '''NST''' and '''[http://nmap.org/ nmap]''' to detect the '''[http://en.wikipedia.org/wiki/Heartbleed heartbleed]''' vulnerability. Heartbleed is a software bug in the open-source cryptography library '''[http://en.wikipedia.org/wiki/OpenSSL OpenSSL]''', which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data. | ||
| + | |||
| + | See the following sites for technical detail on the vulnerability: | ||
| + | |||
| + | + [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 CVE (Common Vulnerabilities and Exposures) CVE-2014-0160] | ||
| + | + [http://www.openssl.org/news/secadv_20140407.txt OpenSSL Security Advisory 20140407] | ||
| + | + [http://cvedetails.com/cve/2014-0160/ CVE Details] | ||
Revision as of 17:05, 11 April 2014
Contents
Overview
This page shows how to use NST and nmap to detect the heartbleed vulnerability. Heartbleed is a software bug in the open-source cryptography library OpenSSL, which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data.
See the following sites for technical detail on the vulnerability:
+ CVE (Common Vulnerabilities and Exposures) CVE-2014-0160 + OpenSSL Security Advisory 20140407 + CVE Details
