There’s a serious vulnerability in most versions of the OpenSSL technology that requires an immediate update to avoid exposing sensitive information and Internet traffic to snooping. In response, the SANS Internet Storm Center (ISC) has raised its InfoCon (threat) level to “Yellow,” indicating that…well…the Internet’s not as safe a place today as it was yesterday, before the vulnerability was released.
Here’s what we know right now:
+ Researcher Neel Mehta of Google Security discovered the vulnerability, which was apparently introduced with a OpenSSL update in December, 2011, but only fixed with the release of OpenSSL 1.0.1g on Monday.
+ Dubbed “heartbleed” (thank the Codenomicon marketing department for that one), the vulnerability (CVE-2014-0160) is described as a TLS heartbeat read overrun. TLS stands for Transport Layer Security. According to OpenSSL.org, vulnerable versions of the OpenSSL software have version numbers ranging from 1.0.1 and 1.0.2-beta.
+ Codenomicon described the vulnerability as an “implementation problem” in OpenSSL stemming from a programming mistake in the OpenSSL library that provides cryptographic services such as SSL/TLS to both applications and services.
+ Specifically: vulnerable OpenSSL packages are missing a bounds check in the handling of the TLS heartbeat extension requests that can be used to reveal up to 64K of memory on the machine running OpenSSL to a connected client or server.
+ The possible impact of the vulnerability is huge. Among the information that could be exposed is a OpenSSL users secret keys, which enable them to decrypt and read any protected traffic, bypassing “any protection given by the encryption and the signatures in the X.509 certificates.” By virtue of their ability to decrypt protected traffic, attackers could also retrieve valid user names and passwords or other sensitive information from a compromised service relying on a vulnerable version of OpenSSL. “This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users,” Codenomicon wrote.
+ The researchers identified the OpenSSL vulnerability on their own and verified it against their own services. However, given the length of time vulnerable OpenSSL implementations have been circulating (more than two years), they caution that it is possible that others have discovered the vulnerability and used it to attack vulnerable OpenSSL implementations. Replacing your SSL certificates will stop the bleeding (no pun intended). But, as SANS points out: the exploit is not limited to exposing secret SSL key data – all data in memory is potentially exposed. So: if you were attacked, the horse may have already left the barn, so to speak.
+ Recovery will be messy. First: vulnerable OpenSSL implementations need to be updated to the most recent version of OpenSSL (1.0.1g). Any secret keys used in vulnerable OpenSSL implementations need to be revoked, reissued and redistributed. Any users of potentially compromised services will need to be reissued and will need to obtain new encryption keys. Any session keys and session cookies created using vulnerable OpenSSL installations should be invalided and considered compromised, Codenomicon said.
According to a SANS ISC blog post on Tuesday, a proof of concept exploit can be used to remotely scan for vulnerable systems, but there isn’t yet evidence that attacks are taking place. Unfortunately, if attacks are taking place it will be difficult for victims to find out: there isn’t yet an intrusion detection system (IDS) signature that could identify such traffic.
Fortunately: Microsoft’s Windows operating system isn’t believed to be vulnerable to the attacks. Patches are available for some vulnerable client operating systems including Ubuntu and CentOS, however Apple’s Mavericks OS X has not yet been patched, nor are common client software packages like the Apache web server, which comes bundled with OpenSSL.