Tags

, , , ,

heartbleed

A Heartbleed Bug is a vulnerability in OpenSSL Cryptographic library.

This library is used in transport layer security (TLS) protocol. It results from invalid input validation from attacker which can lead to memory leaks leading to staeling of accounts and passwords. The following post explains in detail about the bug, how it works and why one should care about it?

More About Bug.

The bug was discovered in April 2014 and by then it affected many of the servers worldwide. Generally OpenSSL is implemented on Apache and nginx . Unfortunately Apache remains most popular and widely used server. So there was greater threat on majority of world’s servers.

How it Works?

The SSL server should accept the “heartbeat” message that it echoes back.

The heartbeat message specifies the length of it message that it should echo back. But the buggy SSL software did not check the length was accurate.

Now the adversary can take advantage of this in manner that is can provide format specifiers (like %s %d) in message and larger length that would lead to echoing back the data beyond the buffer. The data beyond buffer might contain past activity data of server like passwords, account Ids etc.

Why does one should care about it?

Like I said, OpenSSL is implemented in Apache Servers and Apache is widely used in the world. It means there are almost full chances of being your data in anyof Apache Server.

Second, The some versions of OS like Ubuntu still comes shipped with this buggy software. Your OS might be one of them.

Heartbleed Bug is easy to exploit compared to other attacks. So again vulnerability of stealing of your data increases.

Check out the list below which system are among one.

http://en.wikipedia.org/wiki/Heartbleed  

Check if your site is vulnerable to Hearbleed Attack at  

HeartBleed Test Page

Test Page

My Site runs on HTTPS. Do I need to worry about it? What else is at risk?

Yes. Just because your site runs on HTTPS doesn’t mean you are secure. Anything that has OpenSSL dependency is at risk. It can also be email client, chat messagers, apps using internet etc.

So what next?

It’s very early days right now and a number of different things could happen next. One likelihood is that we’ll see impacted sites requesting password resets.

Liked this article? Share it with your friends!

Advertisements