The HeartBleed Bug
Posted on April 10, 2014 (Last modified on July 14, 2022) • 2 min read • 356 wordsTwo days ago new OpenSSL Security Advisory was released title TLS heartbeat read overrun (CVE-2014-0160) OpenSSL 1.0.1 to 1.0.1f and 1.0.2beta1 are affected. Old version like 0.98 is not affected by this bug. This bug is also known as Heartbleed bug.
Two days ago new OpenSSL Security Advisory was released title TLS heartbeat read overrun (CVE-2014-0160) OpenSSL 1.0.1 to 1.0.1f and 1.0.2beta1 are affected. Old version like 0.98 is not affected by this bug. This bug is also known as Heartbleed bug.
Heartbleed bug occur on OpenSSL implementation of the TLS/DTLS (Transport Layer Security Protocol) Heatbeat extension ( RFC6520), when exploited it leads to leak of the memory contents from the server to the client and from client to server. The content of this memory could be your private key or any content on your memory including password or another sensitive information.
Security community says this is catastrophic bug because it is worse than not having SSL at all. People can get your SSL keys without a trace of intrusion was happened.
If you have service, website, mail server etc that use SSL you should check. For website, the easiest way is using Online checker by Filippo.io. You can also use the command line version but you’ll need go to use this command line tool.
For IDS you can also use Suricata to check Heartbleed, Bro IDS, Snort (and updated ruleset)
References :