Sign in / up

Reply to post: Re: Don't like IIS?

Sysadmins, patch now: HTTP 'pings of death' are spewing across web to kill Windows servers

steeple
Reply Icon

Re: Don't like IIS?

Lee

Overall, I agree with you. However, I am uncertain about the emphasis in: "Heartbleed etc. is an information disclosure attack. It doesn't crash your servers." For me, information disclosure is probably the biggest risk I have.

Naive question: does this vulnerability only allow the attacker to crash servers? Or does it enable elevated privileges or other compromises to the target?

Rgds

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon