Re: Some questions about E9A errors

[ Follow Ups ] [ Post Followup ] [ Signature.net Forum ]

Posted by Bob A on May 01, 2014 at 07:06:21:

In Reply to: Re: Some questions about E9A errors posted by Barbara Brazil on April 23, 2014 at 08:18:07:

BB:

don't beat yourself up... from what I can figure out this is a description of the HeartBleed bug in SSL.... the server sends a hearbeat, but doesn't check the size of the request for data in the heartbeat going back... basically gets a request for 8k of data and dumps 8k going back... since this is in a module with accounts/passwords in it... sends back a dump of "What's goin' on"

the pgmr fessed up that he never checked the size of the request...

AHHHHH 20/20 hind sight!

Bob "A"

Follow Ups:


Post a Followup

Name:
E-Mail:

Subject:

What is the name of the main Signature System's Product?  

Comments:

Optional Link URL:
Link Title:
Optional Image URL:

You may attach up to 5 files to your followup (see below):





Each file can be a maximum of 1MB in length Uploaded files will be purged from the server on a regular basis.

[ Follow Ups ] [ Post Followup ] [ Signature.net Forum ]