April 8, 2014

Researchers have uncovered an extremely critical vulnerability in recent versions of OpenSSL, a technology that allows millions of Web sites to encrypt communications with visitors. Complicating matters further is the release of a simple exploit that can be used to steal usernames and passwords from vulnerable sites, as well as private keys that sites use to encrypt and decrypt sensitive data.

Credit: Heartbleed.com

Credit: Heartbleed.com

From Heartbleed.com:

“The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.”

An advisory from Carnegie Mellon University’s CERT notes that the vulnerability is present in sites powered by OpenSSL versions 1.0.1 through 1.0.1f. According to Netcraft, a company that monitors the technology used by various Web sites, more than a half million sites are currently vulnerable. As of this morning, that included Yahoo.com, and — ironically — the Web site of openssl.org. This list at Github appears to be a relatively recent test for the presence of this vulnerability in the top 1,000 sites as indexed by Web-ranking firm Alexa.

An easy-to-use exploit that is being widely traded online allows an attacker to retrieve private memory of an application that uses the vulnerable OpenSSL “libssl” library in chunks of 64kb at a time. As CERT notes, an attacker can repeatedly leverage the vulnerability to retrieve as many 64k chunks of memory as are necessary to retrieve the intended secrets.

Jamie Blasco, director of AlienVault Labs, said this bug has “epic repercussions” because not only does it expose passwords and cryptographic keys, but in order to ensure that attackers won’t be able to use any data that does get compromised by this flaw, affected providers have to replace the private keys and certificates after patching the vulnerable OpenSSL service for each of the services that are using the OpenSSL library [full disclosure: AlienVault is an advertiser on this blog].

It is likely that a great many Internet users will be asked to change their passwords this week (I hope). Meantime, companies and organizations running vulnerable versions should upgrade to the latest iteration of OpenSSL – OpenSSL 1.0.1g — as quickly as possible.

Update, 2:26 p.m.: It appears that this Github page allows visitors to test whether a site is vulnerable to this bug (hat tip to Sandro Süffert). For more on what you can do you to protect yourself from this vulnerability, see this post.

171 thoughts on “‘Heartbleed’ Bug Exposes Passwords, Web Site Encryption Keys

  1. Eric Miller

    There must be some relatively-popular website/organization out there that was using openSSL for the past two years and was paranoid to completely store and archive at least a portion of all the traffic passing through their routers. As far as I know, no one has come forward, but a HeartBleed attack would likely involve thousands of easily identifiable (claimed length longer than packet size) packets traversing the network. This would answer the big question of whether someone either intentionally inserted this backdoor or has been otherwise exploiting it for a long time.

    1. timeless

      One entity indicated that they have logs showing the attack. Their software was apparently misconfigured and thus was accidentally logging these requests.

      I don’t recall the entity…

  2. Jeff Huckaby

    I found the tools posted to Github are very buggy. We received a plugin from Tenable security for Nessus. If you have access to Nessus, I recommend this plugin as it properly tests for STARTTLS and direct SSL connections.

    On web servers using control panels like Plesk, cPanel or Webmin, you may need to restart email, ftp, database as well as http services.

    Also, the Neel Mehta, who discovered the exploit, tweeted:
    “Heap allocation patterns make private key exposure unlikely for #heartbleed #dontpanic.”

    I don’t know if you’ve seen any private keys floating around in the hacker circles, but I am not sure how effective getting an entire key would be using this exploit.

    1. Mike

      Oh, and don’t forget to hang your mouse over the comic graphic. There’s always another comment or second punchline in the mouseover text.

  3. Tony Orman

    ATT uses Yahoo for my email. Brian Krebs in the NY Times seems to think changing my password is easy. I am no expert and have absolutely no idea how this can be done easily. Perhaps Brian can enlighten me.

  4. Paranoid

    changing all my passwords because passwords should be changed regularly anyway, but just to be clear, is there any danger in visiting vulnerable sites for which you don’t have an account and don’t log in? for example, slate.com was vulnerable for awhile. but it seems like you would be fine simply reading an article on slate, assuming you didn’t mind the whole world knowing your reading preferences, right?

    1. timeless

      The only other risk is someone having used heartbleed to get an administrative account’s credentials and then using that to insert malware or similar. Roughly same risk you take visiting any website any day – if could be hacked and used for malware delivery.

  5. Joseph Elfelt

    Brian – Please publish something about home routers. No one has done this yet.

    I am a software developer and have read a bunch over the last few days. Here is the key question:

    Assuming a router has a ‘bad’ version of OpenSSL, can the heartbleed bug be exploited on the router if (1) the router is not operating as a VPN server and (2) remote management is ‘off’ on the router?

    If the answer is ‘no’ the bug cannot be exploited on a router configured as I have described, then 99.9999% of home users do not need to worry about their router (assuming the router was shipped with remote management ‘off’).

    I help family and friends maintain their systems. Right now I have no idea what to tell them about their routers.

    Thanks for any light you can shed on this.


    1. BrianKrebs Post author

      The only way this would be an issue is for people who have remote access turned on; on top of that, I’m not sure how many home routers are going to be using the vulnerable openssl component, which is relatively recent. My guess is most consumer-grade router hardware is going to be fairly old.

    2. John A

      Important things to note about home routers:

      1) Bug will not be present is the firmware is dated before March 14, 2012.
      2) Most router vendors lag well behind the bleeding (pun intended) edge so they would not just grab the latest release and bundle it in to firmware without testing. Vendors should provide updated firmware for affected routers. This is where you benefit from buying brand name gear.
      3) If the bug is present, it can only reveal the contents of the memory of the router. User traffic from ‘the wire’ could be revealed but financial transactions and the like are secured from end-to-end. Your data is not decrypted anywhere except at the destination. This is by design.

Comments are closed.