This paper discusses the technique of
Heartbleed vulnerability and its affect on the web servers of Bangladesh after the patch is available.
The name "
Heartbleed" given to the bug is a play on the word "heartbeat."
Security experts compared this latest flaw to other significant problems that had come to light this year such as the
Heartbleed bug.
Shellshock comes only months after the discovery of
Heartbleed, a massive vulnerability in the Internet's cryptography protocol, Open SSL.
Given that the flaw has been around for more than ten years, almost all Linux and Unix machines running will be vulnerable and this could have a bigger impact than
Heartbleed which we saw earlier this year," said Wolfgang Kandek, chief technical officer for Qualys, Inc.
Raimund Genes, chief technology officer, said: "Shellshock could be notably more widespread than the infamous
Heartbleed from earlier this year.
Unlike
Heartbleed , which was quite hard to exploit properly, Shellshock can be exploited with just a couple of lines of code, giving just about anyone the ability to run arbitrary code on an affected computer.
Shellshock's impact could be far worse than the
Heartbleed bug earlier this year.
With the cloud comes questions about data security, and never were those questions louder or more urgent than this past spring when the
Heartbleed bug hit the headlines.
The
Heartbleed bug, which may have affected more than 500,000 PCs and mobile devices, enabled attackers to steal secure data and pose as genuine users, for instance.
New bugs found in software that caused "
Heartbleed" cyber threat Security researchers have uncovered new bugs in the Web encryption software that caused the pernicious "
Heartbleed" Internet threat that surfaced in April.