Security researchers have released details of a serious vulnerability in the popular OpenSSL cryptographic library which exposes encrypted internet services to information disclosure attacks.
Continuing a terrible year for information security, what with the verification flaw in GnuTLS
and Apple's infamous goto fail bug
, the OpenSSL project has confirmed that versions of its software since 2011 have held a serious vulnerability which has been dubbed the 'Heartbleed Bug,' and which can be used to read a system's memory remotely - gathering secret keys which can then be used to decrypt previously-transmitted information.
It's a serious flaw; OpenSSL is the standard library for driving SSL and TLS encryption in a variety of software packages and information appliances; Apache and nginx, two of the most popular server packages around accounting for an estimated 66 per cent of all web servers, use OpenSSL; the library is also commonly used in other encrypted systems such as virtual private network (VPN) appliances, point-of-sale (PoS) systems and messaging servers.
The Heartbleed Bug works by exploiting the heartbeat extension of the Transport Security Layer (TLS) protocol; attackers are able to read unlimited system memory in 64KB chunks, with exploitation leaving no trace on the system. These memory chunks can be reassembled and analysed to gather usernames, passwords, encryption keys, and other privileged information which should not be exposed to the public.
The OpenSSL project has confirmed that the code responsible for the flaw has been present in its software since 2011 and available to the public since the release of OpenSSL 1.0.1 in March 2012. Since then, the 1.0.1 branch has become widespread, shipping by default with numerous operating systems including Ubuntu Linux and OpenBSD. While the project has released a fixed version, OpenSSL 1.0.1g, this will take time to distribute - leaving servers with less proactive admins vulnerable to attack.
Ironically, those who have not upgraded in a while may be protected against the flaw: the older OpenSSL 1.0.0 and 0.9.8 branches are unaffected, having been frozen before the bug was introduced.
More details of the flaw are available at Heartbleed.com