{"id":1215,"date":"2021-04-05T17:15:26","date_gmt":"2021-04-05T15:15:26","guid":{"rendered":"https:\/\/parlonstechs.com\/all\/?p=1215"},"modified":"2021-04-05T17:15:27","modified_gmt":"2021-04-05T15:15:27","slug":"une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises","status":"publish","type":"post","link":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/","title":{"rendered":"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s"},"content":{"rendered":"\n
\"Une<\/figure>\n\n\n\n

Les utilisateurs d\u2019OpenSSL ont int\u00e9r\u00eat \u00e0 rapidement mettre \u00e0 jour cette librairie, car une faille (CVE-2021-3449) a \u00e9t\u00e9 d\u00e9couverte dans ce code permettant de faire planter les serveurs qui l\u2019utilisent, en particulier les serveurs Web et les serveurs de messagerie.<\/strong><\/p>\n\n\n\n

En effet, OpenSSL est l\u2019un des logiciels cryptographiques les plus utilis\u00e9s sur la Toile, car il permet de facilement impl\u00e9menter le protocole de chiffrement TLS qui assure la confidentialit\u00e9 des \u00e9changes sur Internet.<\/p>\n\n\n\n

Il suffit pour cela d\u2019envoyer une requ\u00eate de type \u00ab\u00a0ClientHello\u00a0\u00bb mal form\u00e9e. Compte tenu de la popularit\u00e9 d\u2019OpenSSL, cette vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 class\u00e9e comme \u00ab\u00a0importante\u00a0\u00bb.<\/p>\n\n\n\n

Il suffisait d\u2019envoyer une requ\u00eate malform\u00e9e vers un serveur OpenSSL pour le faire crasher, mettant en p\u00e9ril les serveurs de sites Web ou de messagerie \u00e9lectronique. Heureusement, un patch est disponible.<\/strong><\/p>\n\n\n\n

<\/p>\n\n\n\n

\u00ab On dirait qu\u2019il est possible de faire planter la plupart des serveurs OpenSSL sur Internet \u00bb<\/em>, souligne le chercheur en s\u00e9curit\u00e9 Filippo Valsorda<\/a>, sur Twitter.<\/p><\/blockquote>\n\n\n\n

<\/p>\n\n\n\n

Une seconde faille (CVE-2021-3450) a \u00e9galement \u00e9t\u00e9 patch\u00e9e. Elle permettait, dans certains cas, de court-circuiter la v\u00e9rification du certificat cryptographique, et donc de briser la cha\u00eene de confiance.<\/p>\n\n\n\n

Source <\/strong>: Ars Technica<\/a><\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Les utilisateurs d\u2019OpenSSL ont int\u00e9r\u00eat \u00e0 rapidement mettre \u00e0 jour cette librairie, car une faille (CVE-2021-3449) a \u00e9t\u00e9 d\u00e9couverte dans ce code permettant de faire planter les serveurs qui l\u2019utilisent, […]<\/p>\n","protected":false},"author":1,"featured_media":1216,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,11,12],"tags":[],"class_list":["post-1215","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualite","category-cybersecurite","category-logiciels"],"yoast_head":"\nUne faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s - Parlons Techs - Store<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s - Parlons Techs - Store\" \/>\n<meta property=\"og:description\" content=\"Les utilisateurs d\u2019OpenSSL ont int\u00e9r\u00eat \u00e0 rapidement mettre \u00e0 jour cette librairie, car une faille (CVE-2021-3449) a \u00e9t\u00e9 d\u00e9couverte dans ce code permettant de faire planter les serveurs qui l\u2019utilisent, […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/\" \/>\n<meta property=\"og:site_name\" content=\"Parlons Techs - Store\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-05T15:15:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-05T15:15:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-5.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"265\" \/>\n\t<meta property=\"og:image:height\" content=\"119\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"wisdom\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"wisdom\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/\"},\"author\":{\"name\":\"wisdom\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#\\\/schema\\\/person\\\/a93526e9c6c72ccb484abb7008892823\"},\"headline\":\"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s\",\"datePublished\":\"2021-04-05T15:15:26+00:00\",\"dateModified\":\"2021-04-05T15:15:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/\"},\"wordCount\":226,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-5.jpg\",\"articleSection\":[\"Actualit\u00e9\",\"CyberS\u00e9curit\u00e9\",\"Logiciels\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/\",\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/\",\"name\":\"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s - Parlons Techs - Store\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-5.jpg\",\"datePublished\":\"2021-04-05T15:15:26+00:00\",\"dateModified\":\"2021-04-05T15:15:27+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#\\\/schema\\\/person\\\/a93526e9c6c72ccb484abb7008892823\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#primaryimage\",\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-5.jpg\",\"contentUrl\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-5.jpg\",\"width\":265,\"height\":119},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/05\\\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#website\",\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/\",\"name\":\"Parlons Techs - Store\",\"description\":\"Toute L'Actualit\u00e9 sur La Technologie et La Science\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#\\\/schema\\\/person\\\/a93526e9c6c72ccb484abb7008892823\",\"name\":\"wisdom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g\",\"caption\":\"wisdom\"},\"sameAs\":[\"https:\\\/\\\/parlonstechs.com\\\/all\"],\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/author\\\/wisdom\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s - Parlons Techs - Store","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/","og_locale":"fr_FR","og_type":"article","og_title":"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s - Parlons Techs - Store","og_description":"Les utilisateurs d\u2019OpenSSL ont int\u00e9r\u00eat \u00e0 rapidement mettre \u00e0 jour cette librairie, car une faille (CVE-2021-3449) a \u00e9t\u00e9 d\u00e9couverte dans ce code permettant de faire planter les serveurs qui l\u2019utilisent, […]","og_url":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/","og_site_name":"Parlons Techs - Store","article_published_time":"2021-04-05T15:15:26+00:00","article_modified_time":"2021-04-05T15:15:27+00:00","og_image":[{"width":265,"height":119,"url":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-5.jpg","type":"image\/jpeg"}],"author":"wisdom","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"wisdom","Dur\u00e9e de lecture estim\u00e9e":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#article","isPartOf":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/"},"author":{"name":"wisdom","@id":"https:\/\/parlonstechs.com\/all\/#\/schema\/person\/a93526e9c6c72ccb484abb7008892823"},"headline":"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s","datePublished":"2021-04-05T15:15:26+00:00","dateModified":"2021-04-05T15:15:27+00:00","mainEntityOfPage":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/"},"wordCount":226,"commentCount":0,"image":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#primaryimage"},"thumbnailUrl":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-5.jpg","articleSection":["Actualit\u00e9","CyberS\u00e9curit\u00e9","Logiciels"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/","url":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/","name":"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s - Parlons Techs - Store","isPartOf":{"@id":"https:\/\/parlonstechs.com\/all\/#website"},"primaryImageOfPage":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#primaryimage"},"image":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#primaryimage"},"thumbnailUrl":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-5.jpg","datePublished":"2021-04-05T15:15:26+00:00","dateModified":"2021-04-05T15:15:27+00:00","author":{"@id":"https:\/\/parlonstechs.com\/all\/#\/schema\/person\/a93526e9c6c72ccb484abb7008892823"},"breadcrumb":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#primaryimage","url":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-5.jpg","contentUrl":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-5.jpg","width":265,"height":119},{"@type":"BreadcrumbList","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/05\/une-faille-dans-openssl-permettait-de-faire-planter-les-sites-web-securises\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/parlonstechs.com\/all\/"},{"@type":"ListItem","position":2,"name":"Une faille dans OpenSSL permettait de faire planter les sites Web s\u00e9curis\u00e9s"}]},{"@type":"WebSite","@id":"https:\/\/parlonstechs.com\/all\/#website","url":"https:\/\/parlonstechs.com\/all\/","name":"Parlons Techs - Store","description":"Toute L'Actualit\u00e9 sur La Technologie et La Science","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/parlonstechs.com\/all\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/parlonstechs.com\/all\/#\/schema\/person\/a93526e9c6c72ccb484abb7008892823","name":"wisdom","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g","caption":"wisdom"},"sameAs":["https:\/\/parlonstechs.com\/all"],"url":"https:\/\/parlonstechs.com\/all\/author\/wisdom\/"}]}},"_links":{"self":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts\/1215","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/comments?post=1215"}],"version-history":[{"count":1,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts\/1215\/revisions"}],"predecessor-version":[{"id":1217,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts\/1215\/revisions\/1217"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/media\/1216"}],"wp:attachment":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/media?parent=1215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/categories?post=1215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/tags?post=1215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}