Newly discovered flaw undermines HTTPS connections for almost 1,000 sites

[Wingman]

Encrypted connections established by at least 949 of the top 1 million websites are leaking potentially sensitive data because of a recently discovered software vulnerability in appliances that stabilize and secure Internet traffic, a security researcher said Thursday.

The bug resides in a wide range of firewalls and load balancers marketed under the F5 BIG-IP name. By sending specially crafted packets to vulnerable sites, an attacker can obtain small chunks of data residing in the memory of connected Web servers

 

[Ink]

What kind of data chunks, can someone explain this in layman's term?

 

[Wingman]

What kind of data chunks, can someone explain this in layman's term?

It only affects F5 appliances with specific code release. Basically - as per CVE- A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory.

more info as well as techy talk : Finding Ticketbleed

 

[509322]

What kind of data chunks, can someone explain this in layman's term?

A persistent, determined attacker could potentially obtain the SSL encryption key. Have key, can man-in-the-middle and decrypt traffic. Also, can get data out of memory for other connections - like passwords, credentials, etc.

I want to MitM ancestry.com and learn all about your family heritage... (@Spawn I think you will understand what I am getting at here) but there could be other valuable datas on the server.

 

[Dirk41]

But MITM can be performed only if the attacker uses the same network right ? Or not ?

Thank you

 

[vemn]

interesting!