-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2014-034 Title: UPDATE OpenSSL CRITICAL vulnerability [1] Version history: 08.04.2014 Initial advisory. 09.04.2014 Additional vendors patches. 10.04.2014 Additional recommendations for system administrators and tools to check the vulnerability. Summary ======= OpenSSL library is vulnerable to a memory leakage. Both servers and clients are affected. It can lead to a leak of the content of the memory allowing access to private keys, credentials, or any other confidential data . There are already some proofs of concept of this vulnerability available in the wild exploiting servers and clients. Eventhough, the CVSS v2 base score is 5.0, this vulnerability is CRITICAL and it is highly recommended to patch as soon as possible. CVE numbers: CVE-2014-0160 CVSS v2 Base Score:5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:N) [2] Affected Versions ================= OpenSSL 1.0.1 to 1.0.1f and 1.0.2-beta to 1.0.2-beta1. [1] OpenSSL 1.0.1g is NOT affected Original Details ================ The bug is in the OpenSSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited, it leads to a leak of memory content from the server to the client and from the client to the server. A missing bound check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory at a time. (CVE-2014-0160) What can you do? ================ Affected systems should be upgraded to OpenSSL 1.0.1g. Those unable to immediately upgrade, can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS. [1] OpenSSL is widely used in third party applications and appliances. Please check your vendor site for adequate patch. Here are some examples: - - DEBIAN http://www.debian.org/security/2014/dsa-2896 - - REDHAT https://rhn.redhat.com/errata/RHSA-2014-0376.html - - UBUNTU http://www.ubuntu.com/usn/usn-2165-1/ - - JUNIPER https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10623&cat=SIRT_1&actp=LIST - - CISCO http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed - - F5 http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html - - FORTIGATE http://www.fortiguard.com/advisory/FG-IR-14-011/ There have been some IDS rules published to detect the incident: http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ There are some sites that allow to verify whether any given site is vulnerable: * https://www.ssllabs.com/ssltest/ * http://filippo.io/Heartbleed/ Due to the fact that cryptographic keys may be found in memory, it is highly recommended to change them. The keys should be regenerated, certificates revoked, and new certificates issued. All these changes should be done AFTER the system have been patched. Priority should be given to the most critical systems. In addition, an impact assessment on your IT Infrastructure of this incident should be done. Attention should focus on which sensitive information could be in the memory of the affected process. It is also important to consider that both the clients and the servers are using this cryptographic library, and the memory leak can affected every process which imports it. Some points to considered during the assessment: - - Sensitivity of the information that can be transfered inside the SSL connections without other protection. Both public or internal application protected by SSL and remote access over SSL must be taken in account. - - The sort of credentials that are used by the client to authenticate against the server. Authentication based on Two-factor can be considered as a mitigation against this issue. - - The vulnerability is not limited to HTTPS. Consider any service using OpenSSL like SMTP, IMAP, POP3 and SSL-VPN. What to tell your users ======================= - - Depending on the result of the impact assessment, you may have to ask your users to change their credentials (ie. passwords or client certificates). This change must be done AFTER the service is patched. Use your internal communication policy to request the renewal. - - Inform on good practices with regards to password management including using different passwords for different services. More information ================ [1] https://www.openssl.org/news/secadv_20140407.txt [2] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160 [3] http://heartbleed.com/ Best regards, CERT-EU Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJTRtC5AAoJEPpzpNLI8SVokfYP/3Fb3n9TS6qrUJzXFmbfT1iu 995JuntpcqnSRkP28ocqUoLqTISosZVl4RoGdAeX7EOxkglgiIzj0AeR+vm7/5tG BSBEaosimdNjqzmWOvyfSEqrXD6BM8qQhNTUp9ibS6OPCQZaU0kc5amtBInPU9Jl FpcxzTe+CQXfpR2z8IBsU8MvSbF2UzojXY1yTqid619DbXnCnfIMdt2YtlqKRqva jvtd00g8KtLfOUa6yVlAHmZlDrnvE01Ggl08LPt446zVQsRjb9nanDBeheqtiJvk nuAkApKmRux2UzmKuwhpmqBxFgrT+eZgqBs3spINah8oiiGlzdZ1Fena6s1elYml jJkzvHimbJ7sWwnpwq9HoTMK3F1HNNFnnOZpMkySb3u+gRRzfS1CzPTrA9NNmtIq ByJU8cqU2+0c5ojXQPYgkD3l1T3W6aIA99NbA0BibFpNcuSugK815bdTBiN8HJ2z hCf6+gRNrHixyQh/xgnrhvwcMcTxZmE7m3DIwMbZg48PftPfXbjEmhw1Oa9zeODB YJN7xxdZqXlM2NZyGacR2iNtfkulm2ijUfKHsJjdgQj9lOABUTbn38NteHL8c48W WpaZTWR5+O+uftgSLj9eHXLL8MpCODCcTB0DmzoT8UZTj/5FsYvzzYKAqsSJ6JFc UFnG7hCptLNrEDjoMv0Y =4TIv -----END PGP SIGNATURE-----