Answer the following questions based on your assignment 5 submission and understanding and relate your answers:
What is the purpose of the Heartbeat protocol based on your part 1 report?
Describe what the mistake is in the Heartbleed vulnerability.
What lessons do you learn from this vulnerability?
The figure shows where a malicious Heartbeat request packet is stored in the memory after it is received. The payload length field contains 0x700. Please in detailed explanation describe which credit card numbers will be stolen by the attacker.
Assume that the Heartbeat implementation uses the actual payload length when allocating memory for the response packet (i.e., the memory for the response packet will the same size as that for the request packet). However, during the memory copy, the claimed payload length is used. What kind of security problems does it have?
