Slashdot Mirror


OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

Bismillah (993337) writes "A potentially very serious bug in OpenSSL 1.0.1 and 1.0.2 beta has been discovered that can leak just about any information, from keys to content. Better yet, it appears to have been introduced in 2011, and known since March 2012." Quoting the security advisory: "A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server." The attack may be repeated and it appears trivial to acquire the host's private key. If you were running a vulnerable release, it is even suggested that you go as far as revoking all of your keys. Distributions using OpenSSL 0.9.8 are not vulnerable (Debian Squeeze vintage). Debian Wheezy, Ubuntu 12.04.4, Centos 6.5, Fedora 18, SuSE 12.2, OpenBSD 5.4, FreeBSD 8.4, and NetBSD 5.0.2 and all following releases are vulnerable. OpenSSL released 1.0.1g today addressing the vulnerability. Debian's fix is in incoming and should hit mirrors soon, Fedora is having some trouble applying their patches, but a workaround patch to the package .spec (disabling heartbeats) is available for immediate application.

3 of 303 comments (clear)

  1. Re:Things are starting to turn around by Anonymous Coward · · Score: -1, Flamebait

    Agree. This pretty much drives the final nail to the coffin of open source in security critical applications. The bug is a simple bounds check, which a professional security programmer should have gotten right. But unfortunately open source is not written by professionals, but ideologically driven amateurs and other random hobbyists. Fixing this bug will be humongous amount of work, and there are likely to be even more like it in OpenSSL. I am sure NSA know several more bugs like this that remain undisclosed.

  2. Linux is illegal! You are breaking the law, and hu by Anonymous Coward · · Score: -1, Flamebait

    Linux is illegal! You are breaking the law, and hurting yourself and your family with your ILLEGAL SOFTWARE. Your ip has been noted and is being forwarded to the SPA with a reccomendation that they investigate your CRIMINAL ACTIVITY. Please destroy all your unpatriotic linux software before the government finally cracks down on you people and you all end up as lampshades or soap.

  3. Re:Yet again C bites us in the ass by santax · · Score: 0, Flamebait

    Hi, if you don't mind, I like to do with my computers what I want. Including direct memory access. If I want to be limited I would buy something from Apple. Thanks.