Signature Detail

SSL: OpenSSL TLS DTLS Heartbeat Information Disclosure

This signature detects attempts to exploit a known flaw in OpenSSL. An information disclosure vulnerability exists in OpenSSL. The vulnerability is due to an error when handling TLS/DTLS heartbeat packets. An attacker can leverage this vulnerability to disclose memory contents of a connected client or server. This version only protects OpenSSL SERVERS. For client protection (not Recommended, and for most customers, not needed), please use SSL:OPENSSL-HEARTBEAT-ALTERNATE *instead* of this signature. NOTE: This is a performance-impacting signature, and therefore will NOT be in the pre-defined dynamic group "[Recommended]SSL" but instead in the "[Recommended]Misc_SSL". Alternatively, you can add this signature directly by name to your policy to ensure you have the correct protection.

Extended Description

CVSS V2 scoring evaluates the impact of the vulnerability on the host where the vulnerability is located. When evaluating the impact of this vulnerability to your organization, take into account the nature of the data that is being protected and act according to your organization’s risk acceptance. While CVE-2014-0160 does not allow unrestricted access to memory on the targeted host, a successful exploit does leak information from memory locations which have the potential to contain particularly sensitive information, e.g., cryptographic keys and passwords. Theft of this information could enable other attacks on the information system, the impact of which would depend on the sensitivity of the data and functions of that system.

Affected Products

• Canonical ubuntu_linux 12.04
• Canonical ubuntu_linux 12.10
• Canonical ubuntu_linux 13.10
• Debian debian_linux 6.0
• Debian debian_linux 7.0
• Debian debian_linux 8.0
• Fedoraproject fedora 19
• Fedoraproject fedora 20
• Filezilla-project filezilla_server 0.9.21
• Filezilla-project filezilla_server 0.9.22
• Filezilla-project filezilla_server 0.9.26
• Filezilla-project filezilla_server 0.9.27
• Filezilla-project filezilla_server 0.9.28
• Filezilla-project filezilla_server 0.9.29
• Filezilla-project filezilla_server 0.9.30
• Filezilla-project filezilla_server 0.9.31
• Filezilla-project filezilla_server 0.9.32
• Filezilla-project filezilla_server 0.9.33
• Filezilla-project filezilla_server 0.9.34
• Filezilla-project filezilla_server 0.9.35
• Filezilla-project filezilla_server 0.9.36
• Filezilla-project filezilla_server 0.9.37
• Filezilla-project filezilla_server 0.9.38
• Filezilla-project filezilla_server 0.9.39
• Filezilla-project filezilla_server 0.9.40
• Filezilla-project filezilla_server 0.9.41
• Filezilla-project filezilla_server 0.9.42
• Filezilla-project filezilla_server 0.9.43
• Filezilla-project filezilla_server 0.9.6
• Intellian v100_firmware 1.20
• Intellian v100_firmware 1.21
• Intellian v100_firmware 1.24
• Intellian v60_firmware 1.15
• Intellian v60_firmware 1.25
• Mitel micollab 6.0
• Mitel micollab 7.0
• Mitel micollab 7.1
• Mitel micollab 7.2
• Mitel micollab 7.3
• Mitel micollab 7.3.0.104
• Mitel mivoice 1.1.2.5
• Mitel mivoice 1.1.3.3
• Mitel mivoice 1.2.0.11
• Mitel mivoice 1.3.2.2
• Mitel mivoice 1.4.0.102
• Openssl openssl 1.0.1
• Openssl openssl 1.0.1a
• Openssl openssl 1.0.1b
• Openssl openssl 1.0.1c
• Openssl openssl 1.0.1d
• Openssl openssl 1.0.1e
• Openssl openssl 1.0.1f
• Opensuse opensuse 12.3
• Opensuse opensuse 13.1
• Redhat enterprise_linux_desktop 6.0
• Redhat enterprise_linux_server 6.0
• Redhat enterprise_linux_server_aus 6.5
• Redhat enterprise_linux_server_eus 6.5
• Redhat enterprise_linux_server_tus 6.5
• Redhat enterprise_linux_workstation 6.0
• Redhat gluster_storage 2.1
• Redhat storage 2.1
• Redhat virtualization 6.0
• Siemens application_processing_engine_firmware 2.0
• Siemens cp_1543-1_firmware 1.1
• Siemens simatic_s7-1500_firmware 1.5
• Siemens simatic_s7-1500t_firmware 1.5
• Siemens wincc_open_architecture 3.12

References

• BugTraq: 66690
• CVE: CVE-2014-0160
• URL: http://heartbleed.com/
• URL: http://www.openssl.org/news/secadv_20140407.txt