OpenSSL ‘heartbleed’ bug live blog

Blog, News from the FoxLab 3 Minutes

heartbleedA bug has been identified in OpenSSL, all details can be found at heartbleed.com. The bug has been assigned CVE-2014-0160. OpenSSL versions 1.0.1 – 1.0.1f are vulnerable. We advise to upgrade OpenSSL to version 1.0.1g or higher

Test if you are vulnerable

You can test if you are vulnerable by requesting a heartbeat response with a large response. If the server replies your SSL service is probably vulnerable. You can use any of the tests below:

This vulnerability only applies to OpenSSL versions 1.0.1-1.0.1f. Other SSL libraries, such as PolarSSL, are not vulnerable. OpenVPN-NL, which is depending on PolarSSL, is not affected.

Advice

We advise to perform the following steps for every vulnerable SSL service

  • Upgrade the OpenSSL version to 1.0.1g
  • Request revocation of the current SSL certificate
  • Regenerate your private key
  • Request and replace the SSL certificate

Indicator of Compromise

It is possible to detect successful exploitation of this vulnerability by inspecting the network traffic. We have developed 2 sets of Snort signatures to detect succesful exploitation of the ‘heartbleed bug’. The first set has a higher detection rate but also quite a few false positives:

alert tcp any [!80,​!445] -> any [!80,​!445] (msg:"FOX-SRT - Suspicious - Possible SSLv3 Large Heartbeat Response"; flow:established; ssl_version:sslv3; content:"|18 03 00|"; depth:3; byte_test:2,​>,​200,​3; byte_test:2,​<,​17000,​3; threshold:type limit,​ track by_src,​ count 1,​ seconds 600; reference:cve,​2014-0160; classtype:bad-unknown; sid: 21001126; rev:8;)
alert tcp any [!80,​!445] -> any [!80,​!445] (msg:"FOX-SRT - Suspicious - Possible TLSv1 Large Heartbeat Response"; flow:established; ssl_version:tls1.0; content:"|18 03 01|"; depth:3; byte_test:2,​>,​200,​3; byte_test:2,​<,​17000,​3; threshold:type limit,​ track by_src,​ count 1,​ seconds 600; reference:cve,​2014-0160; classtype:bad-unknown; sid: 21001127; rev:8;)
alert tcp any [!80,​!445] -> any [!80,​!445] (msg:"FOX-SRT - Suspicious - Possible TLSv1.1 Large Heartbeat Response"; flow:established; ssl_version:tls1.1; content:"|18 03 02|"; depth:3; byte_test:2,​>,​200,​3; byte_test:2,​<,​17000,​3; threshold:type limit,​ track by_src,​ count 1,​ seconds 600; reference:cve,​2014-0160; classtype:bad-unknown; sid: 21001128; rev:8;)
alert tcp any [!80,​!445] -> any [!80,​!445] (msg:"FOX-SRT - Suspicious - Possible TLSv1.2 Large Heartbeat Response"; flow:established; ssl_version:tls1.2; content:"|18 03 03|"; depth:3; byte_test:2,​>,​200,​3; byte_test:2,​<,​17000,​3; threshold:type limit,​ track by_src,​ count 1,​ seconds 600; reference:cve,​2014-0160; classtype:bad-unknown; sid: 21001129; rev:8;)

The second set has a lower false positive ratio but might also have a slightly lower detection rate:

alert tcp any any -> any any (msg:"FOX-SRT - Flowbit - TLS-SSL Client Hello"; flow:established; dsize:< 500; content:"|16 03|"; depth:2; byte_test:1,​ <=,​ 2,​ 3; byte_test:1,​ !=,​ 2,​ 1; content:"|01|"; offset:5; depth:1; content:"|03|"; offset:9; byte_test:1,​ <=,​ 3,​ 10; byte_test:1,​ !=,​ 2,​ 9; content:"|00 0f 00|"; flowbits:set,​foxsslsession; flowbits:noalert; threshold:type limit,​ track by_src,​ count 1,​ seconds 60; reference:cve,​2014-0160; classtype:bad-unknown; sid: 21001130; rev:10;)
alert_testing tcp any any -> any any (msg:"FOX-SRT - Suspicious - TLS-SSL Large Heartbeat Response"; flow:established; flowbits:isset,​foxsslsession; content:"|18 03|"; depth: 2; byte_test:1,​ <=,​ 3,​ 2; byte_test:1,​ !=,​ 2,​ 1; byte_test:2,​ >,​ 200,​ 3; byte_test:2,​<,​16409,​3; threshold:type limit,​ track by_src,​ count 1,​ seconds 600; reference:cve,​2014-0160; classtype:bad-unknown; sid: 21001131; rev:6;)

Note: if you want to detect vulnerable SMTP servers that are being exploited via STARTTLS, make sure that you do not have “ignore_tls_data” enabled on your SMTP preprocessor.

Impact

An attacker can retrieve a block of memory of the server up to 64kb. There is no limit on the number of attacks that can be performed. The attacker has no control over the memory region where the block is read from. Sensitive information that can be obtained is:

  • SSL private keys
  • Basic authorization strings (username / password combinations)
  • Source code

This bug affects both sides of the connection. Not only will client certificates not save you from having to update your server certificate, they can be read from the client (along with your username, password etc.) by any server you connect to. DNS poisoning, MitM etc. can be used to direct clients to a malicious server – it seems that this vulnerability can be exploited before the server has to authenticate itself.

According to http://www.openssl.org/news/openssl-1.0.1-notes.html the heartbeat extension was introduced in March 2012 with the release of version 1.0.1 of OpenSSL. This implies the vulnerability has been around for 2 years.

Updates

OpenSSL has provided an updated version (1.0.1g) of OpenSSL at https://www.openssl.org/source/.

Linux distributions are providing updates right now, so check your system for updates. Some Linux distributions have backported the fix to previous versions, ie Debian’s OpenSSL 1.0.1e-2+deb7u5 package has incorporated the fix.

Examples

When running the ssltest.py script against yahoo.com we were presented with this (censored) output. It shows clearly that the ‘heartbleed bug’ has serious consequences.

heartbleed example

 

 

 

Published

114 thoughts on “OpenSSL ‘heartbleed’ bug live blog

  1. Pingback: ウェブ・セキュリティを脅かす重大なバグ「Heartbleed」について知っておくべきこと | ASCII.jp
  2. Pingback: After Heartbleed, We’re Overreacting to Bugs That Aren’t a Big DealDigital Era | Digital Era
  3. Pingback: After Heartbleed, We’re Overreacting to Bugs That Aren’t a Big Deal | Nagg
  4. Pingback: HeartBleed | Arkdev: Our Blog
  5. Pingback: Administrator Ike » Heartbleed: Why aren’t certificates being revoked?
  6. Pingback: Kizz MyAnthia » Blog Archive » Heartbleed: Why aren’t certificates being revoked?
  7. Pingback: Has the NSA Been Using the Heartbleed Bug as an Internet Peephole?Privacy in Digital Era | Privacy in Digital Era
  8. Pingback: VU#720951: OpenSSL TLS heartbeat extension read overflow discloses sensitive information
  9. Pingback: Blog do Márcio d'Ávila » Heartbleed Bug: Vulnerabilidade no OpenSSL afeta 2/3 dos sites Internet
  10. Pingback: OpenSSL 'Heartbleed' Bug Leaks Sensitive Data - GeekYet
  11. Pingback: OpenSSL ‘heartbleed’ bug | Nathan
  12. Pingback: Falla Heartbleed: Cos'è e come proteggersi | GloboGuida
  13. Pingback: Heartbleed Testing and Detecting - FantaGhost FantaGhost
  14. Pingback: Heartbleed Critical Vulnerability in OpenSSL | SecTechno
  15. Pingback: La falla di Heartbleed che minaccia 2/3 degli utenti del web
  16. Pingback: Qué podemos hacer ante "Heartbleed" el mayor fallo de seguridad de la historia de Internet / SGM HostSGM Host
  17. Pingback: Heartburn….. I mean Heartbleed | EI BlackOps

  18. the highlight is also a hideous green which really just defeats the purpose.

  19. Pingback: IT-Security-Links – Week 14/15 | SWITCH Security-Blog
  20. Pingback: Has the NSA been using the Heartbleed Bug as an Internet Peephole? | Tek-Dude Systems
  21. Pingback: OpenSSL vulnerability lets attackers quietly steal servers' private keys - Pakistan E Magazine
  22. Pingback: Heartbleed & NSA Exploits Secure Sockets Layer (SSL), Encryption Protocol | usnewsghost
  23. Pingback: Heartbleed test for OpenVPN | falstaff – yet another tech blog
  24. Pingback: What You Need To Know About Heartbleed, A Really Major Bug That Short-Circuits Web Security | DIGIZENS
  25. Pingback: Apple: ‘iOS, OS X en webdiensten niet getroffen door Heartbleed’ - iPhoneclub.nl
  26. Pingback: What You Need To Know About Heartbleed
  27. Pingback: Has the NSA Been Using the Heartbleed Bug as an Internet Peephole? - Wired 2014
  28. Pingback: » Heartbleed zebrał niezłe żniwo… Jak wygląda internet 2 dni po? Skąd już wyciekły hasła i ciasteczka? -- Niebezpiecznik.pl --
  29. Pingback: Has the NSA Been Using the Heartbleed Bug as an Internet Peephole?Any News from Everywhere
  30. Pingback: After ‘Catastrophic’ Security Bug, The Internet Needs A Password Reset | The Quantix Corner
  32. Pingback: Heartbleed Check and Fix

  33. Thanks for sharing these Snort rules.

    As I understand them, you’re only testing the first 5 bytes of the TLS records, hence they should also detect encrypted heartbeat records. Correct?

    To trigger the rule, a heartbeat record has to have more than 200 bytes of data and less than 16385.
    Why do you need this second condition (smaller than 16385)? Isn’t 16384 the maximum size of a TLS record?

  34. Pingback: The Heartbleed bug! | Libel
  35. Pingback: Has the NSA Been Using the Heartbleed Bug as an Internet Peephole? – Wired | Headline News Extra
  36. Pingback: Has the NSA Been Using the Heartbleed Bug as an Internet Peephole? – Wired | Everyday News Update
  37. Pingback: Heartbleed: Separating FAQ From FUD | InsideMySQL
  38. Pingback: Due terzi dei siti web mondiali colpiti | Nadia Germano
  39. Pingback: Webbeveiliging blijkt al twee jaar lek - Niks te verbergen
  40. Pingback: Come funziona la falla Heartbleed? Ce lo spiega wired | Tecnologia e ricerca
  41. Pingback: Heartbleed, jedno z największych naruszeń bezpieczeństwa w historii internetu | Dystopijna przyszłość, w której miasta zostały zniszczone przez potwory

  42. How about advicing users to change their passwords for affected sites after having verified that the OpenSSL library has been patched and that the certificates have been renewed?

  43. Pingback: pfSense : Faille OpenSSL heartbeat ( Heart Bleed bug ) – CVE-2014-0160 | Blog des télécoms
  44. Pingback: Que sait-on de « Heartbleed », l’inquiétante faille de sécurité sur Internet ? | Les raisons du citron
  45. Pingback: After ‘Catastrophic’ Security Bug, the Internet Needs a Password Reset – Wired | Computers Lookup
  46. Pingback: Heartbleed, the OpenSSL vulnerability. What Should I Do? - Koen Van Impe - vanimpe.eu
  47. Pingback: Heartbleed Vulnerability: What Should You Do? » Cigital
  48. Pingback: After ‘Catastrophic’ Security Bug, the Internet Needs a Password Reset
  49. Pingback: Heartbleed - What can you do about it? | IT Done RightIT Done Right
  50. Pingback: After ‘Catastrophic’ Security Bug, the Internet Needs a Password Reset – Wired | Top Computers Outlet
  51. Pingback: Best laptops online store
  52. Pingback: After ‘Catastrophic’ Security Bug, the Internet Needs a Password Reset – Wired | Home Gadget Deals
  53. Pingback: After ‘Catastrophic’ Security Bug, the Internet Needs a Password Reset – Wired | Right laptop mart
  54. Pingback: « Heartbleed », l’inquiétante faille de sécurité sur Internet | Nancy Roc
  55. Pingback: After ‘Catastrophic’ Security Bug, the Internet Needs a Password Reset – Wired | Top Computer Mart
  56. Pingback: After ‘Catastrophic’ Security Bug, the Internet Needs a Password Reset – Wired | You Buy Computers
  57. Pingback: INITCON (Schweiz) GmbH » Schwachstelle in OpenSSL
  58. Pingback: Massive Security Bug Making SA Sites Vulnerable heartbleed | Tropical Post
  59. Pingback: Heartbleed: Separating FAQ From FUD - MySQL Performance Blog
  61. Pingback: Heartbleed: Hundreds of thousands of servers at risk from catastrophic bug
  62. Pingback: Does the Internet Need One Giant Password Reset? | News In Marketing
  63. Pingback: Qué podemos hacer ante el mayor fallo de seguridad de la historia de Internet | TODOSOBREMOVIL
  64. Pingback: Critical Vulnerability In OpenSSL – Have You Patched? | Lunarline Blog

  65. What *precisely* could be leaked when a vulnerable client (e.g. Debian stable or unstable) connected to a not vulnerable server (e.g. MirBSD or Debian oldstable)?

  66. Pingback: The Heartbleed Bug | RISC Consulting

  67. To whom it may concern. the problem lies in mod_ssl_with_npn.so in the spdy package. Just checked out the code, only built the mod_ssl_with_npn.so against a fixed openssl version, replaced it and the problem is solved.

  69. Pingback: VU#720951: OpenSSL heartbeat extension read overflow discloses sensitive information
  70. Pingback: Qué podemos hacer ante el mayor fallo de seguridad de la historia de Internet | TecnoAR Computacion
  71. Pingback: Snort Rules for OpenSSL's Heartbleed Bug (Will Untangle implement them?)
  72. Pingback: Qué podemos hacer ante el mayor fallo de seguridad de la historia de Internet - Descubridores de Tecnologia, Motor y Actualidad
  74. Pingback: Qué podemos hacer ante el mayor fallo de seguridad de la historia de Internet | FantecnolFantecnol
  75. Pingback: Qué podemos hacer ante el mayor fallo de seguridad de la historia de Internet | recolector.de {tecnologia}
  76. Pingback: Heartbleed, le bug-catastrophe qui menace nos données
  77. Pingback: Qué podemos hacer ante el mayor fallo de seguridad de la historia de Internet - TecNoticiero
  78. Pingback: DR Data Security, LLC » Everything you need to know about the OpenSSL Heartbleed bug.

  80. The ssltest.py script is not accessible for me (the error code below):

    AccessDeniedAccess DeniedAE8C30D9277A61F9so784tBi6TND0n4gX+ys7TxdvPcZU7G4OuTW0ej2lZW8MUR1v34kXm2oiMsM7HAN

  81. Pingback: Come funziona la falla Heartbleed | Notizya.it

  82. Just got an update from Filippo, and he pointed me out that SPDY is statically linked in most cases (I totally
    missed that). So you are indeed vulnerable if the test tool says so! But next to upgrading openssl, you also need to rebuild/update mod_spdy or disable it until it’s fixed up-stream.

  83. Pingback: Heart Bleed Bug - a Major OpenSSL Security Leak - Egon Sarv Reviews - Egon Sarv Reviews

  84. Just run the fox py-script against our pfsense with openssl 0.9.8y: It says it is VULNERABLE. Seems to be a false positive isn’t it?

  85. Pingback: Celent Blog » Is the insurance industry facing a Cyber-Cat? Thousands of websites at risk to heartbleed bug…
  86. Pingback: » Une énorme faille de sécurité dans de nombreux sites internetConnaissances Informatiques
  87. Pingback: ウェブ・セキュリティを脅かす重大なバグ「Heartbleed」について知っておくべきこと | ReadWrite Japan
  88. Pingback: « Heartbleed », une énorme faille de sécurité OpenSSL dans de nombreux sites internet | Libertes & Internets
  89. Pingback: Blog: Opdater OpenSSL – og dit OS nu | Computer Viden information

  90. All, after some testing I found out the test tools test your Apache vulnerable when you have the SPDY module enabled even when you have disabled heartbeats or are running a correct version of OpenSSL. I contacted the developer of the original test tool to see why this happens, but until then to be safe, better disable SPDY.

  91. Pingback: « Heartbleed », une énorme faille de sécurité dans de nombreux sites internet | maadi gazette
  92. Pingback: Heartbleed OpenSSL security bug. Wat je moet weten, wat je kunt doen | Annemarie van Campen

  93. He’s talking about the color scheme of the website – you might disagree with him, but that seems pretty obvious.

  94. He’s talking about the color scheme for the website. You might disagree with him, but it’s pretty obvious that’s what he’s talking about.

  95. Pingback: "Heartbleed" bug in Web security exposes passwords | EBiz News
  96. Pingback: “Heartbleed”漏洞恐令数十万服务器泄密 | Since1991.me
  97. Pingback: Nevermore Protection | OpenSSL ‘Heartbleed’ Bug Leaks Sensitive Data
  98. Pingback: “Heartbleed”漏洞恐令数十万服务器泄密 | 国外资讯 | 36氪BLOG
  99. Pingback: “Heartbleed”漏洞恐令数十万服务器泄密 - 科技辣

  100. any idea why the script just stops working and exits after the 8th or 9th hosts?

    f = open(args[0])
    for host in f:
    host = host.strip()
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sys.stdout.flush()
    s.settimeout(5)
    try:
    s.connect((host, opts.port))
    except socket.error, e:
    print host + ‘|’ + str(e)
    continue

  102. Pingback: Yahoo!: vulnerabilidade causa vazamento de senhas de usuários | Boa Informação
  103. Pingback: Yahoo!: vulnerabilidade causa vazamento de senhas de usuários | Tecnologia
  106. Pingback: OpenSSL ‘Heartbleed’ Bug Leaks Sensitive Data | Cyber War News and Information

  107. The Script gives me the following error on connection refused:
    Traceback (most recent call last):
    File “./script.py”, line 132, in
    main()
    File “./script.py”, line 120, in main
    typ, ver, pay = recvmsg(s)
    File “./script.py”, line 75, in recvmsg
    hdr = recvall(s, 5)
    File “./script.py”, line 65, in recvall
    data = s.recv(remain)
    socket.error: [Errno 104] Connection reset by peer

  108. Pingback: OpenSSL 'Heartbleed' Bug Leaks Sensitive Data | IP tools - On Line
  109. Pingback: Fears over 'heartbleed' security bug found in software

  110. Please don’t use grey letters on white (or – in the snort-rules – even light grey!) backgrounds for sites with important information.

  111. Pingback: Detecting OpenSSL Heartbleed with Suricata | Inliniac

  113. Ha Hans. OpenVPN-NL maakt gebruik van PolarSSL als backend. PolarSSL is niet kwetsbaar voor deze aanval en dus OpenVPN-NL ook niet.

Leave a Reply to Paul

Your email address will not be published. Required fields are marked *