







About The Bug - HeartBleed

The Bug was named as "Heartbleed bug" vulnerability is located in HeartBeat extension and it leads to memory leak. This Critical Bug with a code ID CVE-2014-0160 , allows the attacker to expose up to 64kB of memory from the server or a connected client computer running a vulnerable version of OpenSSL software. In other words, attacker can steal the private or encrypted important information as like username and passwords and other confidential data remotely.

The flaw is in the popular OpenSSL cryptographic software library and its weakness allows cyber criminals to steal the information protected, under normal conditions, by the SSL (Secure Sockets Layer) or TLS (Transport Security Layer) encryption used to secure the Internet.OpenSSL is an open-source implementation of the SSL and TLS protocols. It is a cryptographic library which is used for encrypting communication between web server and users. It is being used by almost all popular organisation websites including Yahoo, Google, Twitter and even Apache web server that powers almost half of the websites over internet utilizes OpenSSL.