Getting a grasp on Heartbleed and IDPs

Rich Graves rgraves at
Thu Apr 10 13:50:42 EDT 2014

I can confirm that was able to extract random fragments of RAM from my test IdP running RHEL6.5, tomcat6-6.0.24-62.el6.noarch, tomcat-native-1.1.29-1.el6.x86_64.

The data was less obviously interesting than, say, Moodle, which conveniently has session cookies right there on the heap, but I'm still happy not to have gone into production yet.

More information about the users mailing list