Forum Discussion

Admin

Jun 06, 2014

New OpenSSL vulnerability - CVE-2014-0224

Hey community, there's a new OpenSSL vulnerability out there in the wild. I say new, but...newly discovered. Turns out it's been there a while. Anyway, F5 solution 15325 for the details. A quick note...

Historic F5 Account

Jun 06, 2014

The threat surface is very similar to Heartbleed - only the management port (which uses openssl) and users of the COMPAT ciphers in the dataplane. In our most recent survey, less than 1% of customers use those.

Possible iRule for extra credit: Because the attack appears to involve the use of an additional ChangeCipherSpec (CCS) message within in handshake, one could conceivable write an iRule that looked for this and then discarded the connection. Look to the Heartbleed iRules as a template.

For a very detailed explanation of 0224, here is a post Adam Langely from Google: https://www.imperialviolet.org/2014/06/05/earlyccs.html

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

New OpenSSL vulnerability - CVE-2014-0224

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

CVE-2014-0224 Change Cipher Spec detection tools

June 2014 OpenSSL Vulnerabilities

Coordinated Vulnerability Disclosure: A Balanced Approach

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Building an OpenSSL Certificate Authority - Creating Your Root Certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS