:32 AM, cvishnuid wrote:
>
> Hi I am having 0.9.8 open ssl libraries in my server and 1.0.1 in my client.
> Am I venerable to heart bleed attach? Regards, Vishnu.
> View this message in context: Heart bleed with 0.9.8 and 1.0.1
> Sent from the OpenSSL - User mailing list archive at Nabble.com.
e only exception I see is sigalgs which only makes sense for D/TLS1.2.
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of cvishnuid
Sent: Sunday, April 13, 2014 12:24
To: openssl-users@openssl.org
Subject: *** Spam *** Re: Heart bleed with 0.9.8 and
Now i understood the concept .. Till now i am assuming that attacker will
send only the heart beat request with out performing any SSL handshake
messages.
I was wrong . Attacker will establish a new connection and send all the
handshake messages and then the faked heart beat request .
-
In my scenario if the client don't respond for heart beat request then my
client is safer ?
--
View this message in context:
http://openssl.6102.n7.nabble.com/Heart-bleed-with-0-9-8-and-1-0-1-tp49300p49402.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
_
hi,
>Will client respond for heart beat request even if server doesn't support
>heart beat . ?
no. both systems need to have some heartbeat code present.
>Which version of ssl this heart beat in introduced ?
same as all the original advisories have said 1.0.1 - fixed in 1.0.1g but
patches to
ttp://user/SendEmail.jtp?type=node&node=49373&i=0>
> > wrote:
>
>> Hi I am having 0.9.8 open ssl libraries in my server and 1.0.1 in my
>> client. Am I venerable to heart bleed attach? Regards, Vishnu.
>> ------
>> View this mes
Vishnu.
> --
> View this message in context: Heart bleed with 0.9.8 and
> 1.0.1<http://openssl.6102.n7.nabble.com/Heart-bleed-with-0-9-8-and-1-0-1-tp49300.html>
> Sent from the OpenSSL - User mailing list
> archive<http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html>at Nabble.com.
>
HiI am having 0.9.8 open ssl libraries in my server and 1.0.1 in my client.Am
I venerable to heart bleed attach?Regards,Vishnu.
--
View this message in context:
http://openssl.6102.n7.nabble.com/Heart-bleed-with-0-9-8-and-1-0-1-tp49300.html
Sent from the OpenSSL - User mailing list archive at N