Certified Ethical Hacker (CEH v10) — Question 32

Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library? This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.

Answer options

• A. SSL/TLS Renegotiation Vulnerability
• B. Shellshock
• C. Heartbleed Bug
• D. POODLE

Correct answer: C

Explanation

The Heartbleed Bug is a significant vulnerability in OpenSSL that allows attackers to read sensitive memory of systems protected by SSL/TLS. The other options, while they represent vulnerabilities, are not related to OpenSSL and do not specifically allow for the theft of information in this manner.