httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mi2 co2 <>
Subject [users@httpd] heartbleed and httpd configuration
Date Sat, 12 Apr 2014 17:55:56 GMT
Hi - I have a question regarding heartbleed and httpd configuration data leakage.

Should someone have been exploting this bug, would it be possible that httpd configuration
data, derived via httpd confg files and in apache's memory, could have been leaked out through
these openssl malloc calls? Or is the memory space those malloc calls for the openssl encryption/decryption
layer isolated from the memory where httpd configuration would be stored?

View raw message