TMCnet News
Critical flaw found in Internet encryption [ITWeb](ITWeb Via Acquire Media NewsEdge) There will be a worldwide long tail of sites vulnerable for years to come, says Dominic White, SensePost CTO. A critical vulnerability (http://www.kb.cert.org/vuls/id/720951) has been discovered in encryption software powering hundreds of thousands of Web sites, prompting security experts to call for urgent action, including changing passwords, updating server software, and reissuing encryption keys. The flaw, dubbed "Heartbleed (http://heartbleed.com/)" by the researchers who discovered it, allows an attacker to retrieve chunks of memory, which should normally be protected, from a vulnerable server. By repeatedly invoking the flaw, large amounts of memory can be captured, which may contain highly sensitive data such as users' passwords or personal data, or even the server's private key, which would allow hackers to impersonate the server or decrypt communications. Netcraft estimates (http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html) the number of sites vulnerable to this flaw could number about half a million. Some 50 of the top 1 000 sites (https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt) (as ranked by Alexa) were found to be vulnerable, including high-profile names like Yahoo and StackExchange – most have moved quickly to update their services. Of SensePost's managed security clients, 18% of IP addresses had port 443 (the standard port for HTTPS) open, CTO Dominic White says, and of those only 1.8% were vulnerable to the Heartbleed flaw. A small number of additional IPs were vulnerable via other services as well, such as SSL-encrypted e-mail, he notes. The flaw has been present in OpenSSL for two years, in versions 1.0.1 through 1.0.1f. At present, it is not known whether the flaw was used in the wild prior to disclosure. An updated version, 1.0.1g, fixes the flaw, and Web site operators should update immediately. Alternatively, recompiling the software with the "heartbeat" feature disabled will also prevent the flaw from being used. The heartbeat service is used to keep SSL connections alive: vulnerable versions of OpenSSL correctly check that heartbeat packets it sends are the correct size, but fail to check incoming packets. An attacker can set the size of the packet to 64kb, then send much less data. The server will fill up the missing data from its own memory space and return it. Attackers using the flaw capture random chunks of memory, but repeating the process fast and often, will result in plenty of raw data from which private information can be retrieved. "It's dumping data from the heap space of the targeted process," says White. The flaw in a nutshellOpenSSL's implementation of the SSL heartbeat mechanism can be exploited to capture memory from vulnerable servers in 64kb chunks, which may contain valuable data such as passwords or personal information. Several tools are already available to automatically detect vulnerable sites, and to rapidly conduct exploits against them to maximise the chance of capturing valuable data."On a busy site, that will change often, and making lots of requests quickly will give you lots of data. So, while you can't target data explicitly, you can grab a bunch of data that can be analysed for juicy stuff." White notes that exploit tools are already available, demonstrating ways to capture specific data such as session IDs (https://www.michael-p-davis.com/using-heartbleed-for-hijacking-user-sessions/) via the Heartbleed flaw. High-profile local sites like financial institutions were quick to respond, White says, but many sites, and many specialised services which embed OpenSSL, may remain vulnerable, and may be easy targets for attack. "There will be a worldwide long tail of sites that remain vulnerable for years after this. OpenSSL is a widely-used library, and all the funny proprietary stuff that never gets patches released, let alone updated, will have this vulnerability sticking around for some time. But if the service isn't being actively maintained, there's also a good chance it isn't being actively used, which will hopefully reduce the risk of this over time." mass-scanning tools (http://blog.erratasec.com/2014/04/using-masscan-to-scan-for-heartbleed.html) available to identify vulnerable sites, and automated tools to conduct attacks, patching servers should be a top priority for any operator, White says. "If your users authenticate to your site and you were vulnerable, then there's a good chance user credentials were exposed. In other cases, there's a good chance user sessions (ie, cookies) were exposed. Changing passwords and killing server sessions would be strongly recommended in that case, and not an overreaction. Given the propensity for users to re-use credentials, having them change their 'shared password' may be a good idea too." ITWeb Security Summit 2014A showcase for infosec thought leaders, featuring interactive workshops that provide intensive information for company executives, ITWeb Security Summit 2014 takes place from 27 to 29 May at the Sandton Convention Centre. Book (../index.php?option=com_content&view=article&id=68611&Itemid=2882) your spot now.Although the early reports suggested servers' private keys may be leaked through this vulnerability, White notes he has not seen any evidence of that in action and it may be a lower risk than originally described. However, the easy access to user data is not overblown, and warrants urgent attention. And while there are several (http://filippo.io/Heartbleed/)tools (http://rehmann.co/projects/heartbeat/) available to check whether a site is vulnerable, the results may not be reliable – so even if your site gets a green light, you should take steps to update services and warn users, White concludes. Securing against Heartbleed All users should change passwords as a high priority. Since sites may have leaked passwords, users should change passwords immediately, especially any that have been reused across multiple sites. While at it, stop reusing passwords! If you operate a Web site, or any service or product which uses a vulnerable version of OpenSSL, update the encryption library immediately, restart server sessions and encourage users to change credentials. Revoking and reissuing server keys may not be necessary, but can be done as a precaution. If you can't update OpenSSL, recompile it with the heartbeat facility disabled. (c) 2014 ITWeb Limited. All rights reserved. Provided by Syndigate.info, an Albawaba.com company |