Summary
Just recently, a vulnerability involving the Heartbeat extension of OpenSSL has been released. This vulnerability, dubbed as the Heartbleed Bug, exists on all OpenSSL implementations that use the Heartbeat extension. When exploited on a vulnerable server, it can allow an attacker to read a portion — up to 64 KB’s worth — of the computer’s memory at a time, without leaving any traces.
Read more here:
Who are Affected:
1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1.
Details
For customers using Deep Security, we have released DSRU14-009, which includes coverage for the OpenSSL Heartbeat Information Disclosure Vulnerability (CVE-2014-0160).
We recommend customers to download and apply the latest rule update, released on April 8, 2014.
You can double-check and make sure the latest rule has been applied by going to Administration > Updates > Security Updates.
Also ensure that the related rules are also properly assigned to the policy and/or affected computers:
1006010 – Restrict OpenSSL TLS/DTLS Heartbeat Request
1006011 – OpenSSL TLS/DTLS Heartbeat Information Disclosure Vulnerability
1006012 – Identified Suspicious OpenSSL TLS/DTLS Heartbeat Request
Note: These rules are not subject to being recommended by Recommendation scans because we cannot detect the embedded OpenSSL version. Customers are advised to assign the rules manually to affected machines.
