A researcher has uncovered new ways to exploit the Heartbleed OpenSSL vulnerability, potentially exposing enterprise wireless networks, and the devices that connect to them, to a new wave of Heartbleed attacks.
Originally exposed in April, Heartbleed is a critical vulnerability in the OpenSSL encryption library that could expose up to 64 KB of memory on a vulnerable client or server if exploited, including keys used for X.509 certificates, authentication credentials and other communication protected by the open source encryption project.
The Heartbleed flaw was the result of a missing bounds check in the handling of the TLS heartbeat extension, and was thought to be exploitable only over TCP connections and after the TLS handshake. However, Luis Grangeia, a researcher with Portugal-based infosec consulting firm Sysvalue, found new ways to exploit the OpenSSL vulnerability.
In a May 30 blog post, Grangeia provided details on the new proof-of-concept, dubbed Cupid, which exposes TLS connections over the Extensible Authentication Protocol (EAP), and that allows for the deployment of authentication mechanisms like smart cards and one-time passwords over wireless networks. Grangeia explained that the EAP mechanisms potentially affected by Cupid include those that use TLS, namely EAP-PEAP, EAP-TLS and EAP-TTLS.
As for how an attack would work, Grangeia explained that Cupid — available in the form of two software patches on GitHub that modify aspects of the Linux operating system — can be used to exploit either clients or servers over TLS in a similar manner as the original Heartbleed flaw. Cupid does not rely on an attacker obtaining authentication credentials, according to Grangeia, because the vulnerability is triggered before a password is required.
Grangeia also emphasized that a fully established TLS connection is unnecessary for Cupid, and that no key or certificates need to be exchanged.
“To exploit vulnerable clients, hostapd [with the Cupid patch] can be used to setup an ‘evil’ network such that, when the vulnerable client tries to connect and requests a TLS connection, hostapd will send malicious heartbeat requests, triggering the vulnerability,” Grangeia wrote in his blog post. “To exploit vulnerable servers, we can use wpa_supplicant with the Cupid patch. We request a connection to a vulnerable network and then send a heartbeat request right after the TLS connection is made.”
“If you have a corporate wireless solution on your company you should look at this problem, since most of the managed wireless solutions use EAP-based authentication mechanisms– and some companies use OpenSSL. You should look at having your equipment tested or contacting your vendor [to] ask for more information,” Grangeia said. “You should also look at this issue if you have any type of EAP authentication mechanism on your corporate network. Note that 802.1x network access controlled wired networks might also suffer from this problem.”