SSL Heart Bleed

Check your SSL/TLS configuration for Heartbleed vulnerability. We want to make sure that you are using correct openSSL libraries that does not have any weakness.

Short Info

Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

6 sec

Scan only one

Domain, Ipv4

Parent Category

SSL Heart Bleed Detail

What is Heartbleed Vulnerability

It is a weakness caused by the vulnerability in OpenSSL's library. When this vulnerability is exploited, unauthorized access to the 64kb instant memory space can be accessed on the Server or Client. In this way, all of the data that is said to be encrypted on the RAM memories of the server can be read.

OpenSSL, which enables data to be sent and received in encrypted form for secure communication, sends a HeartBeat message that reflects the data back to verify that the data was received correctly during communication. The attacker sends 1KB of data to the Server & Client where this weakness exists, but tricks it by telling that Server & Client has 64KB of data to check and mirror the data, that is, "HeartBeat". The system then reflects back 64KB of data to the attacker.

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.

Try it yourself,
control security posture

Get free usage

Learn More About Product