|21 Apr 2014||#1|
| || |
Testing for "reverse" Heartbleed
While patching our systems for the recent Heartbleed vulnerability, we found that some sites (including huge web properties), which had patched their servers were still vulnerable to a variant of the attack that we're calling "reverse heartbleed." This is a post about how the vulnerability works, what we found with our public tester tool, and how you might be affected.
What's Heartbleed and "reverse" Heartbleed?
The Heartbleed vulnerability in OpenSSL allows a malicious TLS implementation to extract random chunks of memory from an unpatched peer. If you're not up to speed on Heartbleed, check out the excellent documentation on that site and check your servers ASAP to see if you might be vulnerable.
Most of the attention around the Heartbleed attack has focused on the simplest and most obvious scenario: a malicious client attacking an HTTPS server to steal cookies, private keys, and other secrets. But this isn't the only attack possible: a malicious server can also send bad heartbeat packets to a client that uses OpenSSL and extract data from that client. The TLS heartbeats used in this attack are symmetric: they can be initiated by either the "client" or the "server" in a TLS connection, and both endpoints use the same vulnerable parsing code.
|My System Specs|
|Similar help and support threads for2: Testing for "reverse" Heartbleed|
|Need to add "TASKBARS" (MSese for "Launchpads", "Docks" NOT "Toolbars"||General Discussion|
|"Real time" testing of different Anti-Virus ........||Security News|
|Can't Reverse an Anti-"Pinning" Tweak & Eliminated Likely Suspects ...||General Discussion|
|How do you reverse the "Always Use This Program" error?||General Discussion|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 12:31 AM.