OpenSSL - Wikipedia

OpenSSL Heartbeat 'Heartbleed' Vulnerability Apr 18, 2014 Skipping a Heartbeat: The Analysis of the Heartbleed The vulnerability, dubbed as the Heartbleed Bug, exists on all OpenSSL implementations that use the Heartbeat extension. When exploited on a vulnerable server, it can allow an attacker to read a portion — up to 64 KB’s worth — of the computer’s memory at a time, without leaving any traces. 'Heartbleed' OpenSSL vulnerability: A slow-motion train wreck

Apr 10, 2014

A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to a connected client or server (a.k.a. Heartbleed). This issue did not affect versions of OpenSSL prior to 1.0.1. Reported by Neel Mehta. Fixed in OpenSSL 1.0.1g (Affected 1.0.1-1.0.1f) CVE-2014-0076 (OpenSSL advisory) 14 February 2014: Technical Bulletin: Heartbleed - Raritan A critical security issue (CVE-2014-0160) was found in OpenSSL version 1.0.1 through 1.0.1f. Also, variably referred to as the Heartbleed or Heartbeat bug. The Heartbleed bug is in the implementation of the heartbeat TLS extension. /source/index.html - OpenSSL

centos - OpenSSL version for Heartbleed - Stack Overflow

Heartbleed Checker - Check whether your server is vulnerable Heartbleed OpenSSL Bug Checker is a quickly created tool to check whether a network service is vulnerable to a critical bug in OpenSSL. It has been announced that OpenSSL versions 1.0.1 through 1.0.1f (inclusive) are vulnerable. This affects a great number of web servers and many other services based on OpenSSL. Testing Heartbleed with the Nmap NSE script |