Vulnerabilities / Threats

4/11/2014
10:00 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Free Heartbleed-Checker Released for Firefox Browser

Browser plug-ins arrive for Firefox and Chrome that scan websites for Heartbleed risk

A developer today released a free add-on for Mozilla Firefox that checks websites for vulnerability to the massive Heartbleed flaw. Tom Brennan, founder of ProactiveRISK, says he wrote the tool after getting an overwhelming number of requests from family and friends about how to protect themselves from websites that are vulnerable to Heartbleed. "They just wanted their browser to tell them, like a radar detector," Brennan says. 

The browser plug-in provides color-coding warnings for websites: Red means the site is vulnerable to Heartbleed. Green means it's safe. There's also a yellow warning for sites that may be vulnerable.

"Like a traffic light on the Internet, it is the users' responsibility to be proactive about risk in addition to the sysadmin defender working hard every day to put out the fire of the day," Brennan says.

"The code is open-source and a donation to the community," he says. "And maybe it will stop the phone calls from users asking for suggestions to something they don't control."

A similar tool for Chrome was released yesterday by developer Jamie Hoyle. The Chromebleed Checker add-in for the Chrome browser also warns users of Heartbleed-vulnerable sites.

"Whilst some servers have been patched already, many remain that have not been patched. Chromebleed uses a web service developed by Filippo Valsorda and checks the URL of the page you have just loaded," the Chromebleed description says. "If it is affected by Heartbleed, then a Chrome notification will be displayed."

Valsorda this week released one of the first tools to scan websites for Heartbleed vulnerability. Errata Security did an initial scan this week for vulnerable sites using its masscan tool. Vendors such as Qualys and LastPass have released free website scanners, and there is also a Metasploit module for Heartbleed.

Meanwhile, Apple told news site Recode that IOS and OS X do not use the vulnerable version of SSL and that its "key Web-based services were not affected."

 

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Randy Naramore
50%
50%
Randy Naramore,
User Rank: Ninja
4/14/2014 | 4:18:47 PM
Re: Great tools
Chrome Checker is doing well for me also.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
4/14/2014 | 9:11:54 AM
Re: Different Solutions
I second Ryan's question about where other DR community members are in their remediation efforts for Heartbleed. We've collected some data in our online flash poll (see column on the far right or click here). But so far about 65 percent of respondents have installed or in the process of installing the update and 40 percent are replacing digital certificates. 

If you haven't taken the poll, check it out. And also let's talk about what you are (or aren't doing about it) in the the comments. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/11/2014 | 6:13:59 PM
Different Solutions
These checkers are very nifty. From a corporate standpoint, my company ran vulnerability scans to check and see if any of our servers were running the OpenSSL with the HeartBeat extension. What are other methods people have been using and what steps were taken to remediate?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
4/11/2014 | 10:58:41 AM
Great tools
I just tried the Chromebleed checker. Very cool! Thanks Kelly for reportng this and also to Jamie Hoyle (Chromebleed) and Tom Brennan (Firefox) for developing these tools. 
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Shhh!  They're watching... And you have a laptop?  
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-9641
PUBLISHED: 2018-05-25
PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability.
CVE-2018-10350
PUBLISHED: 2018-05-25
A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs_bwlists_handler.php. Authentication is requi...
CVE-2018-6232
PUBLISHED: 2018-05-25
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the ability...
CVE-2018-6233
PUBLISHED: 2018-05-25
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the ability...
CVE-2018-6234
PUBLISHED: 2018-05-25
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first o...