Heartbleed is a critical bug in OpenSSL that allows attackers to read portions of an affected server's memory. It impacts OpenSSL versions 1.0.1 and 1.0.2. The bug is in the OpenSSL implementation of the TLS/DTLS heartbeat extension, which is supposed to keep connections alive but can be exploited to read server memory. This allows attackers to eavesdrop on encrypted communications, access sensitive server data like passwords, and impersonate users and services. The fix is to upgrade OpenSSL and change passwords for affected websites and services.
2. “Catastrophic is the right word.
On the scale of 1 to 10, this is
an 11.”
--Bruce Shneier
3. What is Heartbleed?
O What is Hearbleed?
O It is a critical bug in the OpenSSL’s
implementation of the TLS/DTLS heartbeat
extension that allows attackers to read
portions of the affected server’s memory.
O What is OpenSSL?!
O It is open source software that is used by
Apache and Nginx webservers, 66%
Market share to do encryption through the
Internet
O Affected Versions: OpenSSL 1.0.1 and
1.0.2
6. What is Heartbleed
O What is Heartbeat ??
1- Used to keep connection Alive
2- Client Sends data to the Server, server
echoes it back
3-Similar to ICMP ping but within HTTP
Web Server
Running OpenSSL
Client
Heartbeat “Hello” 6
Heartbeat “Hello” 6
9. Heartbleed Explained
O Non Technical
O Ask for 100-photo box
O Seller doesn’t know how to count
O Two scenarios
O Actual 100-photos
O Only 1 photo
10. Heartbleed Explained
O Technical:
“memcpy(bp, p1, payload);” Actual BUG :(
void * memcpy ( void * destination, const void *
source, size_t num );
O The function does not check for any terminating null
character in source - it always copies exactly num
bytes.
O To avoid overflows, the size of the arrays pointed by
both the destination and source parameters, shall be
at least num bytes, and should not overlap (for
overlapping memory blocks, memmove is a safer
approach).