Tuesday, April 29, 2014

Cisco ASA: How Can You Tell If Your ASA Is Affected By The Heartbleed Vulnerability/Bug

Ive been real busy lately, but I have now taken the time to really investigate the Heartbleed bug for the Cisco ASA.  Here is how you can know for sure IF your ASA is affected.  Here is the versions of OpenSSL affected, according to the CVE site:
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
With that said, you find out your version of ASA.  For example, if your ASA version is 8.4.5.  Then go to Cisco's site at this location: http://www.cisco.com/c/en/us/td/docs/security/asa/roadmap/asaroadmap.html#wp54064
Find your version and click on that link.  Then click on the "Open Source License" link and search for 'openssl' and verify your version of openssl.  Some versions dont appear to report the openssl version.  Not sure why.

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.