Ten years ago, the Heartbleed vulnerability (CVE-2014-0160) was publicly disclosed, revealing a critical flaw in OpenSSL versions 1.0.1 to 1.0.1f, a widely used cryptography library. OpenSSL is used as the basis for TLS in many Linux-based operating systems such as Ubuntu, Fedora, CentOS, OpenSUSE, and more. Open source web servers like Apache and nginx, email servers, chat servers and VPNs all used OpenSSL as well (The Heartbleed Bug).
What did Heartbleed affect?
The Heartbleed vulnerability affects two legs of the CIA triad, namely confidentiality and integrity. At the time of its disclosure, about 17% of the Internet’s secure web servers were believed to be vulnerable to Heartbleed. More servers than this used OpenSSL, some were just using versions older versions of Open SSL that were not vulnerable. Windows servers use Schannel SSP instead of OpenSSL for their TLS/DTLS. However, just because you were running Windows servers did not mean that you got to breathe a sigh of relief. Load balancers, proxies, WAFs, VPNs, firewalls, etc. in many networks were also using OpenSSL.
Heartbeat Extension
Heartbleed allows attackers to extract sensitive data from memory, posing significant risks to millions of websites and their users. In the case of Heartbleed, the TLS/DTLS encryption itself didn’t fail. The “heart” in Heartbleed refers to the heartbeat extension (RFC6520), which would periodically send heartbeat messages between a client and a server to maintain a session. The Heartbeat Extension is where the Heartbleed vulnerability was discovered.
Heartbeats are messages sent to a web server, which resets a session timer and causes the server to respond to the client an identical message. In-between heartbeats, the server lives in-memory, which gets overwritten after every heartbeat. A Heartbeat message can be any length up to 64 kb. The first part of a heartbeat message shows how large the message is. The second part is the message itself.
How It Works
“HeartBleed resulted from a missing bounds check before a memcpy() call that used non-sanitized user input as the length parameter in the Heartbeat extension implemented in OpenSSL.” (OWASP) In plain English, the Heartbleed vulnerability takes advantage of a missing bounds check that allows attackers to specify the length of a heartbeat message, without the Heartbeat extension checking how large the message is. The server allocates 64 KB of memory based on the expected size of the heartbeat, but the message is much smaller. The server repeats back the message and then leaks whatever the previous program left behind in-memory to fill up the rest of the 64 KB. While 64 KB of data is not a lot, these attacks could essentially be launched continuously and with no way of being detected, making it extremely dangerous in the wrong hands. The memory dumps could include program code, credentials, PII or just noise. Since Heartbleed affects an encryption protocol, a lot of the information dumped were primary key material.
Mini Case Study
An Edgescan client was convinced that Heartbleed would not affect them, because they used Windows servers across their organization. Edgescan leveraged a firewall using OpenSSL 1.0.1 that sat in front of one of their Microsoft Servers to exploit Heartbleed. After memory dumping the client’s mail server, we found a vacation request form that the skeptic submitted earlier that day. After we asked our skeptical stakeholder about his vacation request that he submitted at 10:47 AM that morning, he understood the severity of HeartBleed immediately.
Technical Fixes and Long-Term Solutions
The remedy involved updating OpenSSL to version 1.0.1g, which fixed the vulnerability, or recompiling OpenSSL with specific options to remove the vulnerable code. Heartbleed is untraceable and, in many cases, Heartbleed memory dumps contained primary and secondary key materials. Organizations had to perform remediation under the assumption that primary and secondary key materials had been dumped, because there was no way to tell whether this was the case. That meant revoking certificates and contacting your Certificate Authority (CA) to reissue certificates, resetting login credentials, among other steps.
Impact and Response
Once news about HeartBleed spread, affected websites were urged to update their software and renew their security certificates. Subsequent analyses showed that many websites were slow to respond, with some servers remaining vulnerable for years after the patch was released. While this may seem hard to believe, currently 55% of vulnerabilities with a CVSS Score greater than seven are between 1 and 4 years old (Edgescan 2024 Stats Report). There are also around 34,000 devices in the United States that are still vulnerable to Heartbleed (Understanding SSL by Country)
Conclusion
Heartbleed highlights the continued importance of supporting open-source infrastructure initiatives. OpenSSL remains one of the most widely used open-source cryptography libraries and highlights the necessity of upkeeping open-source tools and libraries, namely because they are so widely used that a single vulnerability affects a mindboggling myriad of different software being deployed in the wild. Heartbleed led to the Core Infrastructure Initiative, which aimed to fund and support essential open-source projects to prevent similar vulnerabilities in popular open-source projects.
Popular open-source libraries such as OpenSSL continue to experience particularly devastating zero-day vulnerabilities, another standout example is Log4J. OpenSSL was severely underfunded and running off about $2,000 in donations a year and only one full-time employee. (Tech giants, chastened by Heartbleed, finally agree to fund OpenSSL) Ten years later the lasting effects and lessons remain relevant. It’s important that we continue to invest in open-source projects that ensure the security and resilience of the Internet infrastructure.
Citations
The Heartbleed Bug: https://heartbleed.com/
Edgescan 2024 Stats Report: https://www.edgescan.com/intel-hub/stats-report/
OWASP: https://owasp.org/www-community/vulnerabilities/Heartbleed_Bug
Tech giants, chastened by Heartbleed, finally agree to fund OpenSSL: https://arstechnica.com/information-technology/2014/04/tech-giants-chastened-by-heartbleed-finally-agree-to-fund-openssl/
Understanding SSL by Country: https://help.shodan.io/data-analysis/ssl-analysis-by-country