Vulnerabilities / Threats
6/5/2014
11:00 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
100%
0%

New OpenSSL Flaw Exposes SSL To Man-In-The-Middle Attack

Security advisory includes fixes for six newly discovered bugs in OpenSSL.

Don't look now, but it's time to patch OpenSSL again: A critical flaw discovered in the open-source encryption software could allow an attacker to hijack an SSL/TLS session and decrypt and alter the traffic sent between the client and server machines.

The OpenSSL team today released an update that patches the flaw, classified as critical by SANS Internet Storm Center, as well as five other vulnerabilities.

The SSL/TLS man-in-the middle flaw (CVE-2014-0224) centers around a weakness in the "handshake" between client and server in an OpenSSL SSL/TLS session. "I also rated CVE-2014-0224 critical, since it does allow for MiTM attacks, one of the reasons you use SSL. But in order to exploit this issue, both client and server have to be vulnerable, and only openssl 1.0.1 is vulnerable on servers,"  SANS Internet Storm Center head Johannes Ullrich said today in a blog post.

Vulnerable OpenSSL server versions include OpenSSL 1.0.1 and 1.0.2-beta1, and the OpenSSL Project recommends OpenSSL servers earlier than the 1.0.1 update to a newer version "as a precaution." A security advisory issued today by the OpenSSL Project says OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za; OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m; and OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.

The vulnerability also affects the most recent versions of OpenSSL server software, notes Nicholas J. Percoco, vice president of strategic services at Rapid7, in an emailed statement:

This likely contains the majority of systems on the Internet, given that most rushed to upgrade OpenSSL after the Heartbleed disclosure in early April of this year. A Man-in-the-middle attack is dangerous because it can allow an attacker to intercept data that was presumed to be encrypted between a client (eg. an end user) and a server (eg. the online bank, etc.). This attack is also passive in nature and will may not be detected by a client, server or network based security controls.

The latest security holes in OpenSSL reflect a new scrutiny of encryption software, post-Heartbleed, something that most security experts predicted would occur.

Tal Klein, vice president of strategy at Adallom, tells us:

I don't think the roof is on fire, but this is a further reminder that companies using open-source components like OpenSSL as part of mission-critical enterprise infrastructure need to invest and participate in those projects. We should get ourselves out of the mindset that open-source software is free just because there are no licensing fees. When adopting open-source software for core functionality, companies should allocate some of the money they're saving by not having to pay for licensing and support to funding, and ideally participating in the project.

The new OpenSSL update also includes patches for a DTLS handshake recursion flaw (CVE-2014-0221) that could result in a denial-of-service attack; a DTLS invalid fragment vulnerability (CVE-2014-0195) that could be exploited in a buffer overrun attack that could run remotely executable code on targeted machines; a null pointer flaw (CVE-2014-0198) that could result in a DoS; a race condition flaw (CVE-2010-5298) that could result in a DoS; and another DoS-related bug (CVE-2014-3470) in OpenSSL clients that use the software's anonymous ECDH cipher suites.

Kelly Jackson Higgins is Senior Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
6/19/2014 | 2:11:01 AM
Re: A serious threat
Well, I totally agree with you. Heartbleed is more difficult to exploit and anyway the effect of a MITM attack is even more serious. The approach you propose is the correct one.

Regards

Pierluigi
Carrdev
50%
50%
Carrdev,
User Rank: Apprentice
6/18/2014 | 6:20:44 PM
Re: A serious threat
Yes sir, I agree, it is not as bad as heartbleed.  However, a man in the middle attack is much easier to take advantage of than a heartbleed attack.  The heartbleed attack would allow an attacker to gain access to information stored in memory.  You can then take this information and parse it out and come up with something useful in most cases, most likely allowing you to hijack a user's session or get their credentials at least.

 

The man in the middle attack is a problem because of script kiddies.  It is much simpler to implement.  You can download a kit that will walk you through hijacking a session via what version of SSL a server is using and what vulnerabilities are available for that version.  

 

I believe it is best to rebuild any way.  Why not be safe?  I work at an enterprise support company, we rebuild openssl and other native libraries built using the insecure openssl builds.  Contact me if you would like more information, or if you would like to learn FOR FREE, how to patch your ssl/apache/tomcat or anything else.   I am always happy to help.  My blog is at carrdevelopers.com
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
6/6/2014 | 9:09:34 AM
Re: OH COME ON!!!
Let me share my last post on the topic where I resume all the recent cases

 

Vulnerabilities in OpenSSL and GnuTLS: An Earthquake in Internet Encryption
http://resources.infosecinstitute.com/vulnerabilities-openssl-gnutls-earthquake-internet-encryption/
#securityaffairs #OperSSL #encryption #SSL
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
6/6/2014 | 3:48:44 AM
Re: A serious threat
Yes OpenSSL is flawed again and probably the flaws are existent since its origin.

Resuming we have for OpenSSL

Hearbleed bug + 6 new vulnerabilities (at least one of them considered critical) that allow MiTM attacks, DoS and remote code execution.

for the GnuTLS implementation it ha s been discovered the Hello vulnerability considered as critical.

None of the above flaws are comparable to the impact of Heatbleed anyway they are critical and represent a serious menace for Internet encryption and affect cyphered communications over unsecure channels.

Patch/updade your system asap, before someone could exploit the flaws.

 

 
JCHANDLER840
50%
50%
JCHANDLER840,
User Rank: Apprentice
6/5/2014 | 4:40:55 PM
Re: A serious threat
Great point, Kelly. I think with more people analyzing OpenSSL, we'll see it get stronger over time. Also, none of today's reported vulnerabiliies involved digital certificates or private keys. With patches available, server remedies can be applied now. This certainly is not Heartbleed. I like the optimism. Thanks for adding some perspective.
Thomas Claburn
100%
0%
Thomas Claburn,
User Rank: Moderator
6/5/2014 | 3:37:28 PM
Re: A serious threat
If I'm not mistaken, OpenSSL got some full-time developers through funding from affected organizations in the wake of Heartbleed.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
6/5/2014 | 1:15:39 PM
OH COME ON!!!
Really? Another SSL vulnerabiliity?! Ugh. I'm so sick of SSL.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
6/5/2014 | 11:41:29 AM
Re: A serious threat
The good news here--if there is some--is that researchers are now looking more closely at OpenSSL. That ideally should lead to better code, and thus more secure encryption software. #optimism
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
6/5/2014 | 11:38:50 AM
A serious threat
It is another serious issue that is threatening encryption over unsecure channel. Fortunately the principal consortiums have immediately released the necessary patch. It is fundamental to spread the news.

for the readers let me resume the situation

Heartbleed bug is related to the OpenSSL library, affects both server and clients.

The GnuTLS Hello flaw affects GnuTLS implementation and in the attack scenarios malicious servers are used to exploit the flaw in the client.

 

Impact of Heartbleed is wider thanks GnuTLS 

 

Stay sharp!
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0972
Published: 2014-08-01
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write ...

CVE-2014-2627
Published: 2014-08-01
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.

CVE-2014-3009
Published: 2014-08-01
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct ph...

CVE-2014-3302
Published: 2014-08-01
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CVE-2014-3534
Published: 2014-08-01
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a c...

Best of the Web
Dark Reading Radio