[TriLUG] Heartbleed on my desktop?
Igor Partola
igor at igorpartola.com
Wed Apr 9 10:19:41 EDT 2014
I apologize for the misinformation. Looks like you all are correct, it is
symmetric.
BTW, the patch for this vulnerability is here:
https://github.com/openssl/openssl/commit/731f431497f463f3a2a97236fe0187b11c44aead
The basics of the bug seem to be that either side of the connection can
send a heartbeat/ping type request to the other end, with up to a 64 KB
payload. The payload is there to allow you to distinguish one request from
another. So the request consists of a header with the payload length and
the payload itself. The response to this request is to send the same
payload right back to the requester.
The problem is that in the OpenSSL implementation the code that crafts the
response blindly trusted the length of the payload in the request header
(it's an unsigned short, hence the 64 KB limit). So you can send a very
short payload and set the length to be 64 KB in the header, and the
response will contain your short payload followed by random memory from the
other end.
Using this technique by repeatedly sending these requests you can obtain
lots of data from the other end, including things like private keys,
passwords, etc. Whatever is in the memory next to the request you just
sent. Using this technique at least some people claim to have gotten
private TLS keys. Moreover, you have no idea if you were compromised this
way as there would be no indication of this attack in any logs, etc.
Because of all this, it is recommended to create new private keys for all
HTTPS services you run, change all passwords, etc. You do not want to
assume you are secure just because you patched libssl: your private SSL key
could be out there for someone to abuse.
Igor
More information about the TriLUG
mailing list