Statement on OpenSSL security bug

Alan DeKok aland at deployingradius.com
Fri Apr 11 20:22:30 CEST 2014

Previous message: Statement on OpenSSL security bug
Next message: FreeRadius + OpenLDAP server
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dave Duchscher wrote:
> Do you know if we will see this message:
> 
>  Invalid ACK received: 24
> 
> with freeradius using openssl 1.0.1g when a heartbleed attack is attempted?

  No.  Because OpenSSL will discard the bad data, and not give it to
FreeRADIUS.

  Alan DeKok.

Previous message: Statement on OpenSSL security bug
Next message: FreeRadius + OpenLDAP server
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Freeradius-Users mailing list