On 2014-04-11 16:41, Per Jessen wrote:
Wild guessing - if you have TSL enabled in your mail-server, I guess the vulnerability could have been used to extract data from it, but if your private key was never on that system ...
I know little of how the vulnerability works, but apparently they trick the machine (client? server? both?) to freely send a copy of 64 KB of RAM, which may contain anything. I don't clearly know if they can walk all memory, or just memory from the process that responds, or the memory assigned to the user of that process, or just one 64 KB block, where a particular buffer should have been assigned, but was not really assigned (ie, a non initialized pointer?). Or the block was assigned but not erased previous to been used. That RAM they get might contain data obtained from a different computer, so that the keys are on another computer, that's irrelevant. As long as the keys were retrieved and read on memory at some time, and they can read that memory block... And the vulnerability can be used even without accreditation for that server. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)