Follow by Email

Wednesday, December 10, 2014

Version 2.0 of Heart Bleed The Poodlebleed Bug

Poodlebleed is a vulnerability in the design of SSL version 3.0. Poodle is actually an acronym for Padding Oracle On Downgraded Legacy Encryption. The vulnerability allows the decryption to plaintext of secure connections. The bug was discovered by Google Security Team researcher Bodo Möller in collaboration with Thai Duong and Krzysztof Kotowicz.

This bug has been found in the Secure Sockets Layer (SSL) 3.0 cryptography protocol (SSLv3) which could be exploited to intercept data that’s supposed to be encrypted between computers and servers. 

Although SSL 3.0 is almost 15 years old, many servers and web browsers still use it today. When web browsers fail at connecting on a newer SSL version (i.e. TLS 1.0, 1.1, or 1.2), they may fall back to a SSL 3.0 connection. This is where the trouble begins.
Because a network attacker can cause connection failures, including the failure of TLS 1.0/1.1/1.2 connections, they can force the use of SSL 3.0 and then exploit the poodle bug in order to decrypt secure content transmitted between a server and a browser. For nitty-gritty details on what exactly the poodlebleed bug is, please see the pdf announcement under resources.

Clients and Browsers

For the best client-end browser security, it is recommended to completely disable SSL 3.0. Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, however, this presents significant compatibility problems for servers running old encryption protocols. Therefore the recommended response is to support TLS_FALLBACK_SCSV. Most major browsers will support TLS_FALLBACK_SCSV in the coming months. Until then, you can protect yourself by disabling SSL 3.0 support in your browser.
In firefox, this can be done by going to about:config and setting security.tls.version.min to 1

This browser test by Qualys, Inc. can provide further details on the TLS and SSL methods supported by your browser. If your browser currently supports SSL 3.0 or SSL 2.0 and does not support TLS_FALLBACK_SCSV, you are vulnerable to the poodle bug and need to upgrade to Google Chrome or disable SSL 2/3 support. Currently, only Google Chrome version 33.0.1750 (February 2014 Build) and newer supports TLS_FALLBACK_SCSV, all other browsers are safest disabling SSL 3.0.

Servers

The below form can be used to test if your server is running with SSL 3.0 enabled. Although disabling SSL 3.0 may cause failed connections to your ssl service for small portion of users running older browsers, this action prevents the large portion of modern browsers from being eavesdropped while attempting to access your services in a secure manner. Here is a great resource on disabling SSL 3.0 on your server running apache or nginx.

It is important to note that this is NOT a flaw in SSL certificates, their private keys, or their design but in the old SSLv3 protocol.  SSL Certificates are not affected and customers with certificates on servers supporting SSL 3.0 do not need to replace them.
It’s believed to not be as serious as the Heartbleed bug in OpenSSL, since the attacker needs to have a privileged position in the network to exploit the latest.  The usage of Hotspots, public Wi-Fi, makes this attack a real problem. This type of attack falls into the “Man-in-the-middle” category.
Background
brook-4.png
While SSL 3.0 was introduced in 1996, it is currently supported by nearly 95% of Web browsers according to Netcraft’s latest report.  Many Transport Layer Socket (TLS) clients downgrade their cryptography protocol to SSL 3.0 when working with legacy servers. According to Google, an attacker that controls the network between the computer and server could interfere with the handshake process used to verify which cryptography protocol the server can accept using a “protocol downgrade dance”. This will force computers to use the older SSL 3.0 protocol to protect data that is being sent. Attackers can then exploit the bug by carrying out a man-in-the-middle (MITM) attack to decrypt secure HTTP cookies, which could let them steal information or take control of the victim’s online accounts.  Although, at the time to writing, webmasters have been disabling moving to TLSv1 and above and a rapid pace, there still remains a lot of work to be done.  If Heartbleed taught us anything, it’s that the largest companies act fast while many small companies drag their heels in patching critical vulnerabilities.
What Businesses Need to Do
In order to mitigate the bug there are a few courses of action:
  1. Check to see if your webservers are vulnerable using our free SSL Toolbox.
  2. Use tools that support TLS_FALLBACK_SCSV, a mechanism that prevents attackers from forcing Web browsers to use SSL 3.0.
  3. Disable SSL 3.0 altogether, or disable SSL 3.0 CBC-mode ciphers
  4. A cloud-based Web Application Firewall can help protect against this kind of vulnerability.  For more information please visit the website.
  5. Be leery of any spam messages from scammers trying to capitalize on uncertainty and a lack of technical knowledge.
 Christoffer Olausson gives a few tips on how to fix this on Apache:
> SSLProtocol All -SSLv2 -SSLv3                   <- Removes SSLv2 and SSLv3
> apachectl configtest                                   <- Test your configuration
> sudo service apache restart                      <- Restart server
Google added that it will remove SSL 3.0 support from all of its products in the next few months. Mozilla also said it would disable SSL 3.0 in FireFox 34, which will be released at the end of November.


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.