Statement on OpenSSL security bug
We've released a statement on the OpenSSL security issue: http://freeradius.org/security.html In short, Version 2 is not vulnerable. Version 3 using EAP or incoming RadSec is not vulnerable. Version 3 using outgoing RadSec is vulnerable. i.e. proxying over RadSec to a home server. But everyone using OpenSSL for anything *other* than RADIUS should assume that all secrets have been compromised. e.g. HTTPS user credentials, cookies, keys, passwords, etc. Thanks to Jouni Malinen for providing test cases and more detailed information about the bug. Alan DeKok.
On Tue, Apr 8, 2014 at 9:35 PM, Alan DeKok <aland@deployingradius.com> wrote:
Thanks to Jouni Malinen for providing test cases and more detailed information about the bug.
Unfortunately, it looks like this is not as clear as this statement seems to indicate. It turned out that my initial setup did not show the issue (and I still cannot reproduce it on that setup for some unknown reason). However, a fresh installation of the exact same FreeRADIUS version (and also couple of other versions I tested) on a virtual host with a different OS variant does seem to indicated limited form of this OpenSSL vulnerability being triggerable through FreeRADIUS EAP PEAP/TTLS implementation. This does not seem to open as large a window for getting useful data as other use cases with OpenSSL, but it is unknown whether some critical memory contents could be revealed. - Jouni
Jouni Malinen wrote:
Unfortunately, it looks like this is not as clear as this statement seems to indicate. It turned out that my initial setup did not show the issue (and I still cannot reproduce it on that setup for some unknown reason). However, a fresh installation of the exact same FreeRADIUS version (and also couple of other versions I tested) on a virtual host with a different OS variant does seem to indicated limited form of this OpenSSL vulnerability being triggerable through FreeRADIUS EAP PEAP/TTLS implementation. This does not seem to open as large a window for getting useful data as other use cases with OpenSSL, but it is unknown whether some critical memory contents could be revealed.
I've updated the security notification to reflect this information: http://freeradius.org/security.html Alan DeKok.
On Apr 8, 2014, at 3:36 PM, Alan DeKok <aland@deployingradius.com> wrote:
Jouni Malinen wrote:
Unfortunately, it looks like this is not as clear as this statement seems to indicate. It turned out that my initial setup did not show the issue (and I still cannot reproduce it on that setup for some unknown reason). However, a fresh installation of the exact same FreeRADIUS version (and also couple of other versions I tested) on a virtual host with a different OS variant does seem to indicated limited form of this OpenSSL vulnerability being triggerable through FreeRADIUS EAP PEAP/TTLS implementation. This does not seem to open as large a window for getting useful data as other use cases with OpenSSL, but it is unknown whether some critical memory contents could be revealed.
I've updated the security notification to reflect this information:
http://freeradius.org/security.html
Alan DeKok.
Do you know if we will see this message: Invalid ACK received: 24 with freeradius using openssl 1.0.1g when a heartbleed attack is attempted? Thanks for your time, — DaveD
participants (3)
-
Alan DeKok -
Dave Duchscher -
Jouni Malinen