Test case 149042

Cves: CVE-2014-0160
Type: source code
State: bad
Author: Bolo -- Josef T. Burger
Status: candidate
Language: C
Submission Date: 17 Sep 2014

Description

CVE-2014-0160: This is "heartbit", a redacted version of the portions of openssl-1.0.1f that cause the now infamous "heartbleed" exploit to expose private memory of any process running a exploitable version of openssl. It easily compiles & runs on many current unix / linux boxes, including cygwin on win32. Source: https://www.mir-swamp.org/#resources/heartbit

Flaws

CWE-126 Buffer Over-read

Have any comments on this test case? Please, send us an email.