Signature Detail

SSL: OpenSSL TLS DTLS Heartbeat Information Disclosure

This signature detects attempts to exploit a known flaw in OpenSSL. An information disclosure vulnerability exists in OpenSSL. The vulnerability is due to an error when handling TLS/DTLS heartbeat packets. An attacker can leverage this vulnerability to disclose memory contents of a connected client or server. This version only protects OpenSSL SERVERS. For client protection (not Recommended, and for most customers, not needed), please use SSL:OPENSSL-HEARTBEAT-ALTERNATE *instead* of this signature. NOTE: This is a performance-impacting signature, and therefore will NOT be in the pre-defined dynamic group "[Recommended]SSL" but instead in the "[Recommended]Misc_SSL". Alternatively, you can add this signature directly by name to your policy to ensure you have the correct protection.

References

• BugTraq: 66690
• CVE: CVE-2014-0160
• URL: http://www.openssl.org/news/secadv_20140407.txt
• URL: http://heartbleed.com/