Why is Address Space Layout Randomization not effective against the Open SSL Heartbleed Vulnerability?
My understanding is that ASLR randomly arranges the key data areas of a process, and so reading contiguously above a buffer as is done in heartbleed would not be enough to achieve the exploit.