Ssl Tls Server Vulnerable To Heartbleed Attacks

Description

This detector identifies servers vulnerable to the Heartbleed attack (CVE-2014-0160), which allows attackers to read protected memory contents from vulnerable OpenSSL systems. The vulnerability enables extraction of sensitive data like private keys, passwords, and session tokens by exploiting a buffer over-read in OpenSSL's TLS heartbeat extension.

Weakness:

016 - Insecure encryption algorithm - SSL/TLS

Category: Information Collection

Detection Strategy

• Establishes a TLS connection with the target server offering multiple cipher suites

• Sends a malformed heartbeat request with a payload length of 16384 bytes

• Reports a vulnerability if the server responds with a heartbeat message (record type 24), indicating it is leaking memory contents

• Tests this attack vector across all supported TLS versions on the target server

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.