The Heartbleed Bug – A vulnerability in the OpenSSL Cryptographic Library

Authors: Ionut – Daniel BARBU & Cristian PASCARIU



The purpose of this is to present various aspects of the Heartbleed bug including a general overview of the vulnerability, details related to how it works, affected software distributions and statistical observations. Moreover, the paper presents the exploitation of a vulnerable version of an Apache server. The targeted machine is represented by a Linux image for ARM architecture installed on a RaspberryPI device. The vulnerability was erroneously introduced in the code and released on the 14th of March 2012. More than 2 years later, on April 1st it was discovered and publically disclosed. The SSL/TLS encryption, by design and implementation it’s meant to protect the information. Statistically speaking two thirds of the internet’s web servers use OpenSSL. Studying this vulnerability and performing tests in the informational environment is critical and we highly recommend it.

The summary of the presentation can be found here: The Heartbleed Bug on

Leave a comment

Filed under General

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s