SECADV 20140407
From OpenSSLWiki
Jump to navigationJump to searchThe printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
SECADV_20140407
A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server.
Date | Advisory | Description | CVE | Affected Versions | Fixed In Versions |
---|---|---|---|---|---|
07-Apr-2014 | SECADV_20140407 | TLS heartbeat read overrun | CVE-2014-1060 | OpenSSL-1.0.1a to OpenSSL-1.0.1f
OpenSSL-1.0.2 betas |
OpenSSL-1.0.1g
OpenSSL-1.0.2-beta2 |
Abstract
Due to a missing / incorrect bounds check in the code it is possible to return chunks of memory from a TLS peer (client or server) by sending invalid requests which are incorrectly processed.
The memory returned may contain sensitive information such as the private key, account names and/or passwords.
Technical Details
Either party in an SSL/TLS channel can request a heartbeat response from the peer. This means a client can send a request to a server or a server can send a request to a client making each vulnerable to attach from the other end.
Solutions and Workarounds
- Upgrade to OpenSSL 1.0.1g.
- This is the recommended option from the OpenSSL team.
- Rebuild your affected OpenSSL release with the heartbeat feature disabled
- This is as simple as a recompilation with -DOPENSSL_NO_HEARTBEATS
- Block the heartbeat processing in your application code
- heartbeat_block.c Example application code showing msg_cb use to block heartbeat
- Upgrade to OpenSSL 1.0.1g.
Detecting Vulnerability
- heartbleed.c Rob Stradling
- C code exampling using OpenSSL library to detect if a server is vulnerable. Requires completed handshake prior to sending invalid heartbeat probe.
- check-ssl-heartbleed.pl Steffen Ullrich
- Standalone perl script to detect if a server is vulnerable. Sends a ClientHello message and then an invalid heartbeat probe without waiting for the handshake to complete.
- heartbleed_test.c Mike Bland (git pull request)
- Regression / Unit Test Suite
- Standalone Python script to detect if a server is vulnerable.
References
- HeartBleed CodeNomicon
- Cloudflare Challenge Writeup Jeremi M Gosney
- RedHat fix commit
- Timeline Mark J Cox
- Heartbleed disclosure timeline: who knew what and when Sydney Morning Herald
- Bugs in Heartbleed detection scripts