[cisco-voip] openSSL and heartbleed

Brian Meade bmeade90 at vt.edu
Tue Apr 8 19:49:18 EDT 2014 

Should all be the same underlying OS.  10.x would be the only one I'd worry
about until someone can check if it is vulnerable since it may have a newer
openssl version.
On Apr 8, 2014 7:34 PM, "Lelio Fulgenzi" <lelio at uoguelph.ca> wrote:

> Thanks Brian.
>
> Can we assume that ELM and UCCx is also not affected? Same 9.x train.
>
>
>
> Sent from my iPhone
>
> On 2014-04-08, at 7:21 PM, Brian Meade <bmeade90 at vt.edu> wrote:
>
> Here we can see CUCM does not respond to the Heartbeat Request with any
> data:
> <image.png>
>
> For the root inclined, we can find what openssl version is running:
> [root at CUCM912 ~]# openssl version
> OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
>
> This new heartbeat bug isn't valid as OpenSSL didn't even implement
> responding to the Heartbeat Requests until version 1.0.1.  This is why CUCM
> doesn't respond with any data.
>
> I don't have a 10.x box to check with right now.
>
> Brian
>
>
> On Tue, Apr 8, 2014 at 7:01 PM, Brian Meade <bmeade90 at vt.edu> wrote:
>
>> Here's what I found testing against 9.1.2.10000.28 with a slightly
>> modified python script:
>> bmeade at ubuntu:~$ python vulnscript 10.3.11.250
>> Connecting...
>> Sending Client Hello...
>> Waiting for Server Hello...
>>  ... received message: type = 22, ver = 0301, length = 1012
>> Sending heartbeat request...
>> Unexpected EOF receiving record header - server closed connection
>> No heartbeat response received, server likely not vulnerable
>>
>> This is assuming the released script is checking for the vulnerability
>> properly.
>>
>> Brian
>>
>>
>> On Tue, Apr 8, 2014 at 5:51 PM, Brian Meade <bmeade90 at vt.edu> wrote:
>>
>>> I haven't seen one.  Currently trying to run the example python script
>>> against one of my clusters but having some trouble.
>>>
>>>
>>> On Tue, Apr 8, 2014 at 5:24 PM, Lelio Fulgenzi <lelio at uoguelph.ca>wrote:
>>>
>>>> weird. for some reason i fixated on the date beneath the entry in the
>>>> search listing which had 2011, which made more sense.
>>>>
>>>> do you know if there is a more recent advisory?
>>>>
>>>>
>>>> ---
>>>> Lelio Fulgenzi, B.A.
>>>> Senior Analyst, Network Infrastructure
>>>> Computing and Communications Services (CCS)
>>>> University of Guelph
>>>>
>>>> 519‐824‐4120 Ext 56354
>>>> lelio at uoguelph.ca
>>>> www.uoguelph.ca/ccs
>>>> Room 037, Animal Science and Nutrition Building
>>>> Guelph, Ontario, N1G 2W1
>>>>
>>>> ------------------------------
>>>> *From: *"Brian Meade" <bmeade90 at vt.edu>
>>>> *To: *"Lelio Fulgenzi" <lelio at uoguelph.ca>
>>>> *Cc: *"cisco-voip voyp list" <cisco-voip at puck.nether.net>
>>>> *Sent: *Tuesday, April 8, 2014 5:16:32 PM
>>>> *Subject: *Re: [cisco-voip] openSSL and heartbleed
>>>>
>>>>
>>>> I don't think that's the correct advisory.  That's a DoS vulnerability
>>>> from 2004.
>>>>
>>>> Brian
>>>>
>>>>
>>>> On Tue, Apr 8, 2014 at 5:11 PM, Lelio Fulgenzi <lelio at uoguelph.ca>wrote:
>>>>
>>>>> nevermind... my first search did not produce results...
>>>>>
>>>>>
>>>>> http://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20040317-openssl.html
>>>>>
>>>>>
>>>>> ---
>>>>> Lelio Fulgenzi, B.A.
>>>>> Senior Analyst, Network Infrastructure
>>>>> Computing and Communications Services (CCS)
>>>>> University of Guelph
>>>>>
>>>>> 519‐824‐4120 Ext 56354
>>>>> lelio at uoguelph.ca
>>>>> www.uoguelph.ca/ccs
>>>>> Room 037, Animal Science and Nutrition Building
>>>>> Guelph, Ontario, N1G 2W1
>>>>>
>>>>> ------------------------------
>>>>> *From: *"Lelio Fulgenzi" <lelio at uoguelph.ca>
>>>>> *To: *"cisco-voip voyp list" <cisco-voip at puck.nether.net>
>>>>> *Sent: *Tuesday, April 8, 2014 5:09:01 PM
>>>>> *Subject: *openSSL and heartbleed
>>>>>
>>>>>
>>>>>
>>>>> Does anyone know if/when Cisco will be coming out with a security
>>>>> advisory about Open SSL and heartbleed?
>>>>>
>>>>>
>>>>> http://threatpost.com/seriousness-of-openssl-heartbleed-bug-sets-in/105309
>>>>>
>>>>>
>>>>>
>>>>> ---
>>>>> Lelio Fulgenzi, B.A.
>>>>> Senior Analyst, Network Infrastructure
>>>>> Computing and Communications Services (CCS)
>>>>> University of Guelph
>>>>>
>>>>> 519‐824‐4120 Ext 56354
>>>>> lelio at uoguelph.ca
>>>>> www.uoguelph.ca/ccs
>>>>> Room 037, Animal Science and Nutrition Building
>>>>> Guelph, Ontario, N1G 2W1
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> cisco-voip mailing list
>>>>> cisco-voip at puck.nether.net
>>>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140408/2ba782ad/attachment.html>

More information about the cisco-voip mailing list