Someone in the seclists questions, the new Heartbleed is true? And provide an original link http://pastebin. com/qPxR9BRv to turnthe wallyou know)
The original of the brief meaning is:
They found that the OpenSSL patch scheme to throw the natural vulnerability exists in the processing variables DOPENSSL_NO_HEARTBEATS, not for border checks, so that they successfully cover the"DOPENSSL_NO_HEARTBEATS" variable, and then continue to get 64kb of data memory.
Then continued, they spent much effort, to complete the attack.
And until the bug fixes not released related to the vulnerability.
If you want to get to the POC, then can contact them, [email protected]
To pay them
(Bitcoin / BTC): 2.5 BTC - 1BKRqnmWNfK5qjhouMaBFHwjHK9ibfrKhx
(Litecoin / LTC): 1 0 0 LTC - LWCtRokVZYwCRGL4xksi4KCwTjSerg8uey
You will get the POC of the download link.
Really like the Struts2 the same patch Oolong, or a Scam. I can start it!