What type of key does this bug leave exposed to the Int…

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities
and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the transport layer
security (TLS) protocols defined in RFC6520.
What type of key does this bug leave exposed to the Internet making exploitation of any compromised system
very easy?

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities
and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the transport layer
security (TLS) protocols defined in RFC6520.
What type of key does this bug leave exposed to the Internet making exploitation of any compromised system
very easy?

A.
Private

B.
Public

C.
Shared

D.
Root

Explanation:
The data obtained by a Heartbleed attack may include unencrypted exchanges between TLS parties likely to be
confidential, including any form post data in users’ requests. Moreover, the confidential data exposed could
include authentication secrets such as session cookies and passwords, which might allow attackers to
impersonate a user of the service.An attack may also reveal private keys of compromised parties.
https://en.wikipedia.org/wiki/Heartbleed



Leave a Reply 0

Your email address will not be published. Required fields are marked *