20140408 heartburn over heartbleed - plembo/onemoretech GitHub Wiki

title: heartburn over heartbleed link: https://onemoretech.wordpress.com/2014/04/08/heartburn-over-heartbleed/ author: phil2nc description: post_id: 7291 created: 2014/04/08 07:43:13 created_gmt: 2014/04/08 11:43:13 comment_status: closed post_name: heartburn-over-heartbleed status: publish post_type: post

heartburn over heartbleed

[UPDATED 4/16/2014] Heartbleed is the nickname of a 2 year-old flaw in the OpenSSL crypto library that was announced in CVE-2014-0160 thatand affects any SSL solution using the 1.0.1 - 1.0.1f versions of the library. Immediate action needs to be taken for all installations using the unpatched versions of those libraries. Red Hat has already pushed patches for the affected Red Hat Enterprise Linux 6, Fedora 19 and 20 releases of its operating systems (these updates were posted yesterday). The vulnerability exposed by this bug is real. [For anyone who needs to explain the threat to a non-technical audience, I'd recommend this excellent video as a resource.] The impact of this bug is still being assessed but system administrators and security analysts are urged to review their software inventories to determine if any of their systems need to be patched. Some researchers are suggesting that it may be necessary to revoke and reissue SSL certificates used with the vulnerable libraries because the bug may have exposed the cryptographic keys for those certificates. The good news is that although the bug was only announced yesterday, the major Linux vendors, including Red Hat, have responded quickly to issue the fix. There is a python script that can be used to detect if a system is vulnerable, thanks to Jared Stafford. Go here for a script that will audit your Perl5 installation for the vulnerability. Admins should keep in mind that this bug is very specifically targeted to the TLS heartbeat mechanism in the affected versions of OpenSSL. It does not affect every SSL-enabled service. For example, OpenSSH is safe. Anything using NSS (Netscape Security Services), like the old iPlanet and Sun products (e.g. SunONE Directory, Oracle Directory Server Enterprise Edition), would also not be affected. It should be noted that Red Hat, who owns a lot of Netscape's identity management and security code, has over the last few years been incorporating NSS in its products as an alternative to OpenSSL. Red Hat's distribution of the Apache HTTP Server, for example, can be configured to use NSS instead of OpenSSL. Applications using the Java pki framework, like Oracle Unified Directory, Sun's OpenDS and ForgeRock's OpenDJ would also be unaffected. This is also true of ForgeRock's OpenAM and OpenIDM. Google's Search Appliance v7 is affected, notice that a patch is available was e-mailed to customers on April 14, 2014 at 9:32 AM (GSA is a "black box" -- actually encased in bright yellow plastic -- so admins had no way of knowing it used OpenSSL apart from a blog post on April 9 by Google that said a patch was being worked on). Some excellent discussions about this all are here: Anatomy of OpenSSL's Heartbleed: Just four bytes trigger horror bug Existential Crisis: Diagnosis of the OpenSSL Heartbleed Bug (includes detailed analysis of the C code involved) How Exactly does the OpenSSL heartbeat (Heartbleed) exploit work? Heartbleed: are services other than HTTPS affected? List of Affected (and Unaffected) Oracle Products ForgeRock Software Not Affected by Heartbleed Note: For any of the "see, this is why keeping things up to date is a waste of time" crowd who may be out strutting like a peacock because they dodged this bullet due to laziness and stupidity, I would refer to the changelog for versions prior to 1.0.1, in reverse chronological order. People like you should be fired or reassigned to sales.

 Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:

    TLS/DTLS heartbeat support.
    SCTP support.
    RFC 5705 TLS key material exporter.
    RFC 5764 DTLS-SRTP negotiation.
    Next Protocol Negotiation.
    PSS signatures in certificates, requests and CRLs.
    Support for password based recipient info for CMS.
    Support TLS v1.2 and TLS v1.1.
    Preliminary FIPS capability for unvalidated 2.0 FIPS module.
    SRP support. 

Major changes between OpenSSL 1.0.0k and OpenSSL 1.0.0l [6 Jan 2014]

    Fix for DTLS retransmission bug CVE-2013-6450 

Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]:

    Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
    Fix OCSP bad key DoS attack CVE-2013-0166 

Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]:

    Fix DTLS record length checking bug CVE-2012-2333 

Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]:

    Fix for ASN1 overflow bug CVE-2012-2110 

Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:

    Fix for CMS/PKCS#7 MMA CVE-2012-0884
    Corrected fix for CVE-2011-4619
    Various DTLS fixes. 

Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:

    Fix for DTLS DoS issue CVE-2012-0050 

Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:

    Fix for DTLS plaintext recovery attack CVE-2011-4108
    Clear block padding bytes of SSL 3.0 records CVE-2011-4576
    Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
    Check parameters are not NULL in GOST ENGINE CVE-2012-0027
    Check for malformed RFC3779 data CVE-2011-4577 

Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:

    Fix for CRL vulnerability issue CVE-2011-3207
    Fix for ECDH crashes CVE-2011-3210
    Protection against EC timing attacks.
    Support ECDH ciphersuites for certificates using SHA2 algorithms.
    Various DTLS fixes. 

Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:

    Fix for security issue CVE-2011-0014 

Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:

    Fix for security issue CVE-2010-4180
    Fix for CVE-2010-4252
    Fix mishandling of absent EC point format extension.
    Fix various platform compilation issues.
    Corrected fix for security issue CVE-2010-3864. 

Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:

    Fix for security issue CVE-2010-3864.
    Fix for CVE-2010-2939
    Fix WIN32 build system for GOST ENGINE. 

Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:

    Fix for security issue CVE-2010-1633.
    GOST MAC and CFB fixes. 

Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:

    RFC3280 path validation: sufficient to process PKITS tests.
    Integrated support for PVK files and keyblobs.
    Change default private key format to PKCS#8.
    CMS support: able to process all examples in RFC4134
    Streaming ASN1 encode support for PKCS#7 and CMS.
    Multiple signer and signer add support for PKCS#7 and CMS.
    ASN1 printing support.
    Whirlpool hash algorithm added.
    RFC3161 time stamp support.
    New generalised public key API supporting ENGINE based algorithms.

Copyright 2004-2019 Phil Lembo