Wie sich Heartbleed in der Enterprise Mobility verhält und wie MobileIron helfen kann 29. April 2014 Martin Cygan Server Within TLS there is the support for DTLS (TLS over UDP – User Datagram Protocol) and a Heartbeat Extension. This Heartbeat Extension allows a keep-alive functionality for the connection without the need for renegotiation. When a user performs the attack on a vulnerable OpenSSL server, they send a packet with a larger than expected payload (i.e. custom payload). This then allows scraping of up to 64KB of memory from the web server outside the bounds of what Heartbeat is supposed to access. Martin Cygan Martin ist Gründer des Blogs und berät Unternehmen im Umfeld der mobilen Lösungen. Seine Spezialthemen sind iOS, Mobile Device Management und Enterprise Mobility, sowie Apps.
