‘Heartbleed’ Vulnerability Opens the Door to SSL Heartbeat Exploits

April 9, 2014

 

Update: 4/11/2014

McAfee’s Heartbleed Test tool has been posted and enables users to test sites for the presence of this vulnerability.

———-

A recent vulnerability in OpenSSL is causing quite a stir. Documented as CVE-2014-0160, this vulnerability has a significant impact on the perceived security of a number servers across the globe.

One of the keys to this vulnerability is SSL heartbeats, which are used to keep messages alive without the need to renegotiate the SSL session. Heartbeat messages can be sent without authenticating with the server.

The exploit

Taking advantage of this vulnerability, attackers can dump up to 64KB of memory near the memory allocated for the SSL heartbeat packet on an infected machine. The attackers won’t know what information they might gather but because the attack can be repeated many times, they can retrieve many 64KB chunks. The memory chunks could contain sensitive information such as passwords, session IDs, private keys, or any other type of data left in memory on the affected server.

One of the factors that makes this such a critical vulnerability is there are no files to detect. It’s completely network borne, and leaves no trace that a system has been attacked. For this reason, network tools are the primary means for mitigating this type of attack.

Further detail

This excerpt from http://Heartbleed.com provides more information:

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM), and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names, and passwords of the users and the actual content. This in turn may allow attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

Only products that use OpenSSL Versions 1.0.1a through 1.0.1f are vulnerable. This bug was introduced in OpenSSL in December 2011 and has been in the wild since OpenSSL 1.0.1 appeared, on March, 14, 2012. OpenSSL Version 1.0.1g, released on April 7, fixes the bug.

CVE-2014-0160

The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle heartbeat extension packets. This error allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, also known as the Heartbleed bug.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

CERT/CC Vulnerability Note VU#720951
OpenSSL heartbeat extension read overflow discloses sensitive information.
http://www.kb.cert.org/vuls/id/720951

CWE-119
Weakness Class Improper Restriction of Operations within the Bounds of a Memory Buffer (119).
http://cwe.mitre.org/data/definitions/119.html

Here is the general consensus about what is vulnerable and what is not. We’ll update this list as more information appears.

Vulnerable:

  • The full list of clients in not yet known
  • Android
  • Browsers on Linux platforms could be vulnerable
  • Third-party code using Python/Ruby/Perl OpenSSL libs may be vulnerable
  • Windows programs linked against vulnerable versions of OpenSSL may be vulnerable
  • OpenVPN
  • Many vendors are currently evaluating their position
  • Applications using OpenSSL 1.0.1

Not vulnerable:

  • Internet Explorer, Firefox, Chrome: all use the Windows Crypto implementation
  • Internet Information Server
  • Applications using OpenSSL 1.0.1g or later

Here’s a snapshot of the exploit in action:

heartbleed_screen2

The Metasploit module for CVE-2014-0160 (openssl_heartbleed.rb) is in use. Settings allow for the tweaking of TLS Versions 1.0 to 1.2 as well as ports, connection timeouts, and more.

Recommendations

  • Customers must upgrade  to OpenSSL version 1.0.1g or install a version of OpenSSL configured with -DOPENSSL_NO_HEARTBEATS
  • Customers should be aware that server certificates that are or were protecting data could have been leaked. Attackers with compromised server certificates can perform a man-in-the-middle-attack
  • Ensure that Internet browsers are set to check for revoked certificates
  • Any self-signed certs should be regenerated using an updated version of OpenSSL, as previous certs could be compromised

Mitigation by McAfee products

Taken from our MTIS report:

Network Security Platform: Signature 45c04400, “UDS-SSL: OpenSSL TLS DTLS Heartbeat Extension Packets Information Disclosure,” provides coverage.

McAfee Vulnerability Manager: The FSL/MVM package of April 9 includes a vulnerability check to assess if your systems are at risk.

Firewall Enterprise: McAfee NGFW (Stonesoft) Update Package 574-5211, released April 8, provides coverage.

 

The post ‘Heartbleed’ Vulnerability Opens the Door to SSL Heartbeat Exploits appeared first on McAfee.