This paper discusses the technique of Heartbleed
vulnerability and its affect on the web servers of Bangladesh after the patch is available.
The name "Heartbleed
" given to the bug is a play on the word "heartbeat."
The year 2014 witnessed some of the most notorious security breaches with major attacks from Heartbleed
, Bash, Poodle and Drupal core SQL injection vulnerabilities.
Security experts compared this latest flaw to other significant problems that had come to light this year such as the Heartbleed
Shellshock comes only months after the discovery of Heartbleed
, a massive vulnerability in the Internet's cryptography protocol, Open SSL.
Given that the flaw has been around for more than ten years, almost all Linux and Unix machines running will be vulnerable and this could have a bigger impact than Heartbleed
which we saw earlier this year," said Wolfgang Kandek, chief technical officer for Qualys, Inc.
Raimund Genes, chief technology officer, said: "Shellshock could be notably more widespread than the infamous Heartbleed
from earlier this year.
, which was quite hard to exploit properly, Shellshock can be exploited with just a couple of lines of code, giving just about anyone the ability to run arbitrary code on an affected computer.
Shellshock's impact could be far worse than the Heartbleed
bug earlier this year.
With the cloud comes questions about data security, and never were those questions louder or more urgent than this past spring when the Heartbleed
bug hit the headlines.
bug, which may have affected more than 500,000 PCs and mobile devices, enabled attackers to steal secure data and pose as genuine users, for instance.
New bugs found in software that caused "Heartbleed
" cyber threat Security researchers have uncovered new bugs in the Web encryption software that caused the pernicious "Heartbleed
" Internet threat that surfaced in April.