CERT mailing list archives
TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Tue, 08 Apr 2014 15:06:55 -0500
NCCIC / US-CERT National Cyber Awareness System: TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160) [ https://www.us-cert.gov/ncas/alerts/TA14-098A ] 04/08/2014 08:46 AM EDT Original release date: April 08, 2014 Systems Affected * OpenSSL 1.0.1 through 1.0.1f * OpenSSL 1.0.2-beta Overview A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the TLS heartbeat extension. Description OpenSSL versions 1.0.1 through 1.0.1f contain a flaw in its implementation of the TLS/DTLS heartbeat functionality. This flaw allows an attacker to retrieve private memory of an application that uses the vulnerable OpenSSL library in chunks of 64k at a time. Note that an attacker can repeatedly leverage the vulnerability to retrieve as many 64k chunks of memory as are necessary to retrieve the intended secrets. The sensitive information that may be retrieved using this vulnerability include: * Primary key material (secret keys) * Secondary key material (user names and passwords used by vulnerable services) * Protected content (sensitive data used by vulnerable services) * Collateral (memory addresses and content that can be leveraged to bypass exploit mitigations) Exploit code is publicly available for this vulnerability. Additional details may be found in CERT/CC Vulnerability Note VU720951 [ http://www.kb.cert.org/vuls/id/720951 ]. Impact This flaw allows a remote attacker to retrieve private memory of an application that uses the vulnerable OpenSSL library in chunks of 64k at a time. Solution OpenSSL 1.0.1g [ http://www.openssl.org/news/secadv_20140407.txt ] has been released to address this vulnerability. Any keys generated with a vulnerable version of OpenSSL should be considered compromised and regenerated and deployed after the patch has been applied. US-CERT recommends system administrators consider implementing Perfect Forward Secrecy [ http://en.wikipedia.org/wiki/Perfect_forward_secrecy ] to mitigate the damage that may be caused by future private key disclosures. References * OpenSSL Security Advisory [ http://www.openssl.org/news/secadv_20140407.txt ] * The Heartbleed Bug [ http://heartbleed.com/ ] * CERT/CC Vulnerability Note VU720951 [ http://www.kb.cert.org/vuls/id/720951 ] * Perfect Forward Secrecy [ http://en.wikipedia.org/wiki/Perfect_forward_secrecy ] * RFC2409 Section 8 Perfect Forward Secrecy [ http://tools.ietf.org/html/rfc2409section-8 ] Revision History * Initial Publication ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160) US-CERT (Apr 08)