This is particularly of interest to those of us who e.g. have a web application with an embedded HTTP client for e.g. processing web hooks, hitting APIs, downloading image files for avatars, etc. If your application can be coerced into fetching either a) an attacker-chosen URL or b) any HTTP URL, you can be sent to a malicious server which heartbleeds you. (If the attacker can specify the URL it's trivial, if you get any HTTP URL then the attacker can use a privileged vantage point to MITM the HTTP connection then 301 redirect you to a better URL.) Can you imagine any freed memory in your appserver's process which you wouldn't want an attacker to have? Good answer!
3 comments
[ 3.0 ms ] story [ 15.3 ms ] threadThanks to @patio11 and others for point out the 'other half' of this vulnerability and motivating us to get a quick fix out.