cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable

Adtran Netvanta products affected by Heartbleed?

Jump to solution

Can anyone disclose if and which Adtran Netvanta products are affected by Heartbleed?

I would like to prepare for when our customers start calling.

Tags (2)
1 Solution

Accepted Solutions
Anonymous
Not applicable

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

You can find out more information in regards to Adtran products affected by heartbleed through the recent ADTRAN Heartbleed Advisory.

General security advisories are also posted on our support community in the section.

View solution in original post

4 Replies
jayh
Honored Contributor
Honored Contributor

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

You can test for this yourself, nothing here the bad guys don't already have: 

TCP Filter data needed to spot heartbleed:

Detect successful #heartbleed attacks with tshark:

tshark -i eth0 -R "ssl.record.content_type eq 24 and not ssl.heartbeat_message.type"

SNORT rules necessary to spot heartbleed:

http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/

NMAP NSE Script/Thread for mass scanning/detecting:

http://seclists.org/nmap-dev/2014/q2/22

Metasploit Module for it:

github.com/rapid7/metasploit-framework/pull/3206/files


Manual tool for validating:

http://gobuild.io/download/github.com/titanous/heartbleeder

Python based mass scanning tool:

http://www.garage4hackers.com/entry.php?b=2551

jayh
Honored Contributor
Honored Contributor

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

More general info here:  Heartbleed Bug

Anonymous
Not applicable

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

Thanks for that variety of tools, jayh!  We used the NMAP script to confirm that vWLAN ver 2.4.0.12 is vulnerable.  AOS-based products appear to be fine.  Just checked my email alert subscription for Bluesocket firmware updates!  I'm not sure about UC/voice products or any other of ADTRAN's many lines.

Perhaps it would be safest to block TCP 443 from the outside if you run vWLAN until it's patched.  Management would be isolated to administrators local to the controller to mitigate the issue in the short term.

CJ

Anonymous
Not applicable

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

You can find out more information in regards to Adtran products affected by heartbleed through the recent ADTRAN Heartbleed Advisory.

General security advisories are also posted on our support community in the section.