heartbleed and httpd configuration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "users@xxxxxxxxxxxxxxxx" <users@xxxxxxxxxxxxxxxx>
Subject: heartbleed and httpd configuration
From: mi2 co2 <techline1776@xxxxxxxxxxx>
Date: Sat, 12 Apr 2014 11:55:56 -0600
Importance: Normal
Reply-to: users@xxxxxxxxxxxxxxxx

Hi - I have a question regarding heartbleed and httpd configuration data leakage.

Should someone have been exploting this bug, would it be possible that httpd configuration data, derived via httpd confg files and in apache's memory, could have been leaked out through these openssl malloc calls? Or is the memory space those malloc calls for the openssl encryption/decryption layer isolated from the memory where httpd configuration would be stored?

thanks

Follow-Ups:
- Re: heartbleed and httpd configuration
  - From: Steven Siebert

Prev by Date: Re: mod ssl
Next by Date: Re: heartbleed and httpd configuration
Previous by thread: mod ssl
Next by thread: Re: heartbleed and httpd configuration
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]