热门搜索:
vulnerables/cve-2014-0160
自动构建
vulnerables
HeartBleed vulnerable Apache for your exploitation ! (CVE-2014-0160)
3 次收藏下载次数: 0状态:自动构建维护者:vulnerables仓库类型:镜像最近更新:8 年前
让 AI 帮你使用轩辕镜像? · 展开查看说明
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
!Logo
Heartbleed exploit
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL ***graphic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (***s).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows ***ers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
At the time of disclosure, some 17% (around half a million) of the Internet's secure web servers certified by trusted authorities were believed to be vulnerable to the ***, allowing theft of the servers' private keys and users' session cookies and passwords.
Run
To run this exploit you will need to start the vulnerable image with
docker run --rm -it -p 8080:443 vulnerables/cve-2014-0160
Bugfix
Bodo Moeller and Adam Langley of Google prepared the fix for Heartbleed. The resulting patch was added to Red Hat's issue tracker on March 21, 2014. Stephen N. Henson applied the fix to OpenSSL's version control system on 7 April. The first fixed version, 1.0.1g, was released on the same day. As of June 21, 2014, 309,197 public web servers remained vulnerable.
Original author
According to Mark J. Cox of OpenSSL, Neel Mehta of Google's security team secretly reported Heartbleed on April 1, 2014 11:09 UTC.
Disclaimer
This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (opsxcq) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not opsxcq's responsibility.
镜像拉取方式
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
轩辕镜像加速拉取命令点我查看更多 cve-2014-0160 镜像标签
docker pull docker.xuanyuan.run/vulnerables/cve-2014-0160:<标签>
DockerHub 原生拉取命令
docker pull vulnerables/cve-2014-0160:<标签>
更多 cve-2014-0160 镜像推荐
octopusdeploy/mssql-server-2014-express-windows
octopusdeploy
基于Windows Server Core容器的Microsoft SQL Server 2014 Express安装版本,为官方镜像的克隆版并添加了健康检查功能。
4 次收藏9.2千+ 次下载
9 年前更新
rocm/dev-manylinux2014_x86_64
rocm
暂无描述
1 次收藏4.3千+ 次下载
1 年前更新
vulnerables/cve-2014-6271
vulnerables
该镜像提供ShellShock漏洞(CVE-2014-6271)的易受攻击环境,用于教育目的,帮助用户学习该漏洞的原理、利用方式及修复措施。
14 次收藏100万+ 次下载
8 年前更新
khal0160/giftr-api-w21
khal0160
暂无描述
50万+ 次下载
5 年前更新
cifah30160/morena
cifah30160
暂无描述
10万+ 次下载
1 年前更新
2016065258/t48
2016065258
暂无描述
10万+ 次下载
7 年前更新
镜像拉取常见问题
功能
排错
用户好评
来自真实用户的反馈,见证轩辕镜像的优质服务
oldzhang
运维工程师
Linux服务器
5
"Docker访问体验非常流畅,大镜像也能快速完成下载。"