Yes. Multiple vulnerabilities have been discovered in OpenSSL 1.0.0, including high-profile ones like Heartbleed (CVE-2014-0160), TLS padding oracle (CVE-2016-2107), and others. This version is considered insecure and deprecated. Immediate upgrade is strongly recommended.
Function ghidra_open_server called with arguments: {"filepath":"/sandbox/libssl.so.1.0.0"}
Tool result
json
Function ghidra_search_functions_by_name called with arguments: {"filepath":"/sandbox/libssl.so.1.0.0","query":"heartbeat"}
Tool result
json
Function ghidra_decompile_function called with arguments: {"filepath":"/sandbox/libssl.so.1.0.0","name_or_address":"tls1_heartbeat"}
Tool result
json
Function ghidra_decompile_function called with arguments: {"filepath":"/sandbox/libssl.so.1.0.0","name_or_address":"tls1_process_heartbeat"}
Tool result
json
Yes. Heartbleed vulnerability code (improper length validation in tls1_process_heartbeat) is present in this binary.
- Function: tls1_process_heartbeat
- Evidence:
- Lacks boundary/length checks:
- Allocates buffer: ptr = CRYPTO_malloc(num,...); num = uVar7 + 0x13;
- Copies payload: memcpy(ptr + 3, pcVar4 + 3, (ulong)uVar7);
- uVar7 value is attacker-controlled, parsed from incoming heartbeat message
- No validation that uVar7 (payload length) is less than or equal to the received message size, enabling out-of-bounds read
- Lacks boundary/length checks:
- Location: tls1_process_heartbeat @ 0x00134290, decompilation confirms the vulnerable logic
- Conclusion: Vulnerability matches CVE-2014-0160 (“Heartbleed”) pattern exactly