Steven,
On 4/12/14, 2:15 PM, Steven Siebert wrote:
> I think it would be unlikely because the httpd configuration data
> would be read into memory early on the heap (and in a very low
> volatile area where that memory wouldn't often be freed up), whereas
> the heartbeat would be much later in the
I think it would be unlikely because the httpd configuration data
would be read into memory early on the heap (and in a very low
volatile area where that memory wouldn't often be freed up), whereas
the heartbeat would be much later in the heap, and thus the buffer
overflow would very unlikely effec
Hi - I have a question regarding heartbleed and httpd configuration data
leakage.
Should someone have been exploting this bug, would it be possible that httpd
configuration data, derived via httpd confg files and in apache's memory, could
have been leaked out through these openssl malloc calls?