CVE-2014-0160 ( HeartBleed bug)
chaser7783
Member Posts: 154
in Off-Topic
There was a new vulnerability posted recently pertaining to OpenSSL. The attack will allow a remote attacker to read up to 64kBytes of system memory from your system per attack attempt. The attack works against servers as well as against clients. Sadly yahoo.com and even Eff.org are vulnerable.
Here is a site to test if a web server is vulnerable: Test your server for Heartbleed (CVE-2014-0160)
Sample list of vulnerable sites: Heartbleed Exposure Alexa Top 1000 - Pastebin.com
Information on vulnerability: Heartbleed Bug
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
Fix: https://www.openssl.org/news/secadv_20140407.txt
Here is a site to test if a web server is vulnerable: Test your server for Heartbleed (CVE-2014-0160)
Sample list of vulnerable sites: Heartbleed Exposure Alexa Top 1000 - Pastebin.com
Information on vulnerability: Heartbleed Bug
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
Fix: https://www.openssl.org/news/secadv_20140407.txt
Comments
-
YFZblu
Member Posts: 1,462 ■■■■■■■■□□
Nice post - I have yet to read the technical deets on this, I'll have to check it out later today. -
chaser7783
Member Posts: 154
Seems Yahoo account credentials are already hitting pastebin as a result from this vuln.
-
docrice
Member Posts: 1,706 ■■■■■■■■■■
Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
5ekurity
Member Posts: 346 ■■■□□□□□□□
Apparently an NMAP script has been built to identify the vulnerability. Has anyone tried it out yet?
-
chaser7783
Member Posts: 154
I run a python script to see if it returns any data on a ssl hello request. Also so far have successful IDS signatures alert on this and have verified the alert by looking at the payloads and seeing if the tls layer hellos client/server is present and sending data.