UPDATE (11/04/2014): Proof of Concept exploit module added to Appcheck NG: Screenshot
On 7th April 2014 a group of security researchers disclosed a critical security flaw in the popular cryptographic software library OpenSSL.
The Heartbleed Bug allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.
OpenSSL is the most popular open source library for providing encrypted SSL communications on the Internet and therefore there is a high chance that this flaw will affect your network and applications.
The Sec-1 AppCheck NG Web Application and Infrastructure vulnerability scanner has already been updated with a plugin to detect the flaw.
Heartbleed vulnerability discovery using AppCheck NG
- Scan IPs and URLs for the “Heartbleed” vulnerability
- Infrastructure and Web Applications will be scanned for all other classes of vulnerability including missing patches, SQL Injection, and Cross Site Scripting
- Register now for your scan – Click here
What does the flaw allow the attacker to achieve?
The vulnerability allows the attacker to read 64KB chunks of process memory form the affected OpenSSL implementation. This could allow the extraction of private keys, user credentials, web server session id’s and other sensitive information.
Which services are likely to be affected?
Common services affected by this flaw include:
- The Apache Web Server
- Various Mail Server Platforms
- VPN and Firewall SSL interfaces
- Proxy servers such as NGINX
What versions of the OpenSSL are affected?
- Status of different versions:
- OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
- OpenSSL 1.0.1g is NOT vulnerable
- OpenSSL 1.0.0 branch is NOT vulnerable
- OpenSSL 0.9.8 branch is NOT vulnerable
Where can I find further information?
Read more about this bug here, or for more information on AppCheck NG call us on 01924 284 240.
You can also download an AppCheck PDF here.