3% of Government Websites Still Remain Unpatched Against the OpenSSL "Heartbleed Bug"

Yesterday, I collected over 1,200 .GOV TLD domains and ran checks against them.  Of that, 58 were affected by the OpenSSL bug, aka, Heartbleed.  This morning, upon checking again, only 39 remain unpatched of that initial 58 affected.

During my testing I was able to inadvertently obtain login credentials for a particular .GOV website illustrated in the screenshot below.

Heartbleed affected .GOV website showing user credentials

Heartbleed affected .GOV website showing user credentials


I collected the .GOV domains from http://www.data.gov/.  I cooked a simple bash script loop against this list and passed it to a Proof of Concept “check” tool to determine if the site was unpatched.  The tool I used is https://gist.github.com/takeshixx/10107280 (python).

Here is my loop script.

#!/bin/bash
echo "Start"
while read s; do
        echo -n $s,`python poc.py $s -p 443 2>/dev/null | grep VULN`
        echo ""
done < dotgov.csv

.gov website list: csv

Affected as of April 8, 2014 6PM EST

www.AMTRAKOIG.GOV
www.NATIONALSERVICERESOURCES.GOV
www.VISTACAMPUS.GOV
www.SYMBOLS.GOV
www.BLDRDOC.GOV
www.CIVILRIGHTSUSA.GOV
www.DNSOPS.GOV
www.GLOBALCHANGE.GOV
www.NIST.GOV
www.OEA.GOV
www.BFELOB.GOV
www.ARM.GOV
www.ENERGYCODES.GOV
www.NREL.GOV
www.SMARTGRID.GOV
www.CHILDCARE.GOV
www.CLINICALTRIAL.GOV
www.CLINICALTRIALS.GOV
www.CLUBDRUGS.GOV
www.DRUGABUSE.GOV
www.FATHERHOOD.GOV
www.NNLM.GOV
www.PAPERWORKREDUCTION.GOV
www.SMOKEFREE.GOV
www.STEROIDABUSE.GOV
www.NMSC.GOV
www.ANSTASKFORCE.GOV
www.BIOECO.GOV
www.C3.GOV
www.FGDC.GOV
www.FRCC.GOV
www.FWS.GOV
www.GEOMAC.GOV
www.JEM.GOV
www.KLAMATHRESTORATION.GOV
www.LACOAST.GOV
www.LCA.GOV
www.MRGO.GOV
www.NEMI.GOV
www.NIFTT.GOV
www.NOLAENVIRONMENTAL.GOV
www.SCIENCEBASE.GOV
www.MDA.GOV
www.NTDPROGRAM.GOV
www.UNITEDWERIDE.GOV
www.SAVE.GOV
www.SAVEAWARD.GOV
www.HSR.GOV
www.ARCTICGAS.GOV
www.CONSUMERACTION.GOV
www.FEDRAMP.GOV
www.FEDROOMS.GOV
www.INFO.GOV
www.KIDS.GOV
www.USGEO.GOV
www.NCPC.GOV
www.NGA.GOV
www.TISSUEENGINEERING.GOV

Affected as of April 9, 2014 10AM EST

www.AMTRAKOIG.GOV
www.SYMBOLS.GOV
www.BLDRDOC.GOV
www.CIVILRIGHTSUSA.GOV
www.DNSOPS.GOV
www.NIST.GOV
www.BFELOB.GOV
www.ARM.GOV
www.ENERGYCODES.GOV
www.NREL.GOV
www.CLINICALTRIAL.GOV
www.CLINICALTRIALS.GOV
www.NNLM.GOV
www.PAPERWORKREDUCTION.GOV
www.SMOKEFREE.GOV
www.NMSC.GOV
www.ANSTASKFORCE.GOV
www.BIOECO.GOV
www.C3.GOV
www.FGDC.GOV
www.FRCC.GOV
www.FWS.GOV
www.JEM.GOV
www.KLAMATHRESTORATION.GOV
www.LACOAST.GOV
www.LCA.GOV
www.MRGO.GOV
www.NEMI.GOV
www.NIFTT.GOV
www.NOLAENVIRONMENTAL.GOV
www.SCIENCEBASE.GOV
www.MDA.GOV
www.SAVE.GOV
www.SAVEAWARD.GOV
www.HSR.GOV
www.USGEO.GOV
www.NCPC.GOV
www.NGA.GOV
www.TISSUEENGINEERING.GOV

Affected as of April 10, 2014 10:24EST

www.PAPERWORKREDUCTION.GOV
www.SMOKEFREE.GOV
www.ANSTASKFORCE.GOV
www.BIOECO.GOV
www.FGDC.GOV
www.FRCC.GOV
www.GEOMAC.GOV
www.JEM.GOV
www.LACOAST.GOV
www.LCA.GOV
www.MRGO.GOV
www.NEMI.GOV
www.NIFTT.GOV
www.NOLAENVIRONMENTAL.GOV
www.SCIENCEBASE.GOV
www.MDA.GOV
www.HSR.GOV
www.NCPC.GOV
www.NGA.GOV

Leave a Reply

Your email address will not be published. Required fields are marked *