bit-tech.net

Web hit by OpenSSL 'Heartbleed' vulnerability

Web hit by OpenSSL 'Heartbleed' vulnerability

Versions of cryptographic library OpenSSL since 2012 are vulnerable to the 'Heartbleed Bug,' which allows an attacker to silently steal the contents of system memory.

Security researchers have released details of a serious vulnerability in the popular OpenSSL cryptographic library which exposes encrypted internet services to information disclosure attacks.

Continuing a terrible year for information security, what with the verification flaw in GnuTLS and Apple's infamous goto fail bug, the OpenSSL project has confirmed that versions of its software since 2011 have held a serious vulnerability which has been dubbed the 'Heartbleed Bug,' and which can be used to read a system's memory remotely - gathering secret keys which can then be used to decrypt previously-transmitted information.

It's a serious flaw; OpenSSL is the standard library for driving SSL and TLS encryption in a variety of software packages and information appliances; Apache and nginx, two of the most popular server packages around accounting for an estimated 66 per cent of all web servers, use OpenSSL; the library is also commonly used in other encrypted systems such as virtual private network (VPN) appliances, point-of-sale (PoS) systems and messaging servers.

The Heartbleed Bug works by exploiting the heartbeat extension of the Transport Security Layer (TLS) protocol; attackers are able to read unlimited system memory in 64KB chunks, with exploitation leaving no trace on the system. These memory chunks can be reassembled and analysed to gather usernames, passwords, encryption keys, and other privileged information which should not be exposed to the public.

The OpenSSL project has confirmed that the code responsible for the flaw has been present in its software since 2011 and available to the public since the release of OpenSSL 1.0.1 in March 2012. Since then, the 1.0.1 branch has become widespread, shipping by default with numerous operating systems including Ubuntu Linux and OpenBSD. While the project has released a fixed version, OpenSSL 1.0.1g, this will take time to distribute - leaving servers with less proactive admins vulnerable to attack.

Ironically, those who have not upgraded in a while may be protected against the flaw: the older OpenSSL 1.0.0 and 0.9.8 branches are unaffected, having been frozen before the bug was introduced.

More details of the flaw are available at Heartbleed.com.

10 Comments

Discuss in the forums Reply
bigc90210 8th April 2014, 15:37 Quote
This is the reason the minecraft login servers are down :/
Gareth Halfacree 8th April 2014, 15:59 Quote
Quote:
Originally Posted by bigc90210
This is the reason the minecraft login servers are down :/
Any company that doesn't take its vulnerable servers down until they're patched (yes, like you, Yahoo, you naughty little company you) is doing its customers a distinct disservice; I can't stress enough how serious this vulnerability is. We're talking the keys to the kingdom, here; total and unfettered (read-only, I'll grant you) access to the contents of RAM. The sysadmin in me is puckering up just thinking about it.
bigc90210 8th April 2014, 16:07 Quote
Absolutely agree, they've just announced on Twitter that the servers are coming back up now

Sent from my GT-I9505 using Tapatalk
Umbra 8th April 2014, 19:14 Quote
Would NSA/GCHQ tell anyone if they knew?
mi1ez 8th April 2014, 23:53 Quote
Oh, wow.
r3loaded 9th April 2014, 11:34 Quote
Quote:
Originally Posted by Umbra
Would NSA/GCHQ tell anyone if they knew?
Definitely not. It's impossible to know whether they knew about this bug beforehand, but at least we're lucky now that a security researcher discovered this one.
will_123 11th April 2014, 11:59 Quote
As im aware OpenBSD was not actually affected due to the way they have implemented memory allocation in BSD. Instead of leaking the memory it initiates a dump file or crash I think. In my very first job at NHS as a student sys admin my manager swore by BSD. Maybe he was right!

Very interesting link below mail thread with openBSD founder replying.

Mail Thread
Gareth Halfacree 11th April 2014, 12:12 Quote
Quote:
Originally Posted by will_123
As im aware OpenBSD was not actually affected due to the way they have implemented memory allocation in BSD. Instead of leaking the memory it initiates a dump file or crash I think. In my very first job at NHS as a student sys admin my manager swore by BSD. Maybe he was right!
Sadly, if you re-read the link, you'll see that OpenBSD (and all other BSDs shipping affected OpenSSL variants) was affected. Basically, there is exploit mitigation in malloc which means that OpenSSL should crash instead of revealing its secrets; unfortunately, there's exploit mitigation mitigation in OpenSSL that means malloc doesn't get a look-in. (Basically, for performance reasons on one unnamed platform, a coder added internal caching to OpenSSL which bypasses malloc - meaning that the crash-instead-of-leaking feature never gets used, and the data is leaked instead.)
will_123 11th April 2014, 12:26 Quote
Quote:
Originally Posted by Gareth Halfacree
Sadly, if you re-read the link, you'll see that OpenBSD (and all other BSDs shipping affected OpenSSL variants) was affected. Basically, there is exploit mitigation in malloc which means that OpenSSL should crash instead of revealing its secrets; unfortunately, there's exploit mitigation mitigation in OpenSSL that means malloc doesn't get a look-in. (Basically, for performance reasons on one unnamed platform, a coder added internal caching to OpenSSL which bypasses malloc - meaning that the crash-instead-of-leaking feature never gets used, and the data is leaked instead.)

ah I misinterpreted it!

Cheers.
RTT 11th April 2014, 13:53 Quote
What's crap is that it's widely understood and considered that OpenSSL is a bit of a mess - and the team who run it aren't exactly open to accepting any help. A choice quotes from a thread on r/programming:
Quote:
The OpenSSL team has a strong NIH syndrome in their spirit though. I (the author of the LibTom projects) have actually talked to Ben Laurie (one of the main developers) about code quality and he scoffed at the notion that things like the math library in OpenSSL could be re-written to be much simpler and easier to audit.

... which is a shame, because while you probably wouldn't want any old joe submitting patches to such sensitive software, you absolutely could have less-qualified/trusted/whatever engineers start to unit test & fuzz-test the heck out of it
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums