S E C U R I T Y

Loading

Details
Stay Up To Date
Parent Checks

  • SSL Vulnerabilities

Need Membership

No

Need Proof Of Ownership

No

Estimate Time (Second)

6

SSL Heart Bleed Detail

Check your SSL/TLS configuration for Heartbleed vulnerability. We want to make sure that you are using correct openSSL libraries that does not have any weakness.

What is Heartbleed Vulnerability

It is a weakness caused by the vulnerability in OpenSSL's library. When this vulnerability is exploited, unauthorized access to the 64kb instant memory space can be accessed on the Server or Client. In this way, all of the data that is said to be encrypted on the RAM memories of the server can be read.

OpenSSL, which enables data to be sent and received in encrypted form for secure communication, sends a HeartBeat message that reflects the data back to verify that the data was received correctly during communication. The attacker sends 1KB of data to the Server & Client where this weakness exists, but tricks it by telling that Server & Client has 64KB of data to check and mirror the data, that is, "HeartBeat". The system then reflects back 64KB of data to the attacker.

Some Advice for Common Problems

Heartbleed attack can be avoided by validating the message length and ignoring packages asking for more data than their payload needs.