Vulnerabilities / Threats
11:00 AM
Connect Directly

New OpenSSL Flaw Exposes SSL To Man-In-The-Middle Attack

Security advisory includes fixes for six newly discovered bugs in OpenSSL.

Don't look now, but it's time to patch OpenSSL again: A critical flaw discovered in the open-source encryption software could allow an attacker to hijack an SSL/TLS session and decrypt and alter the traffic sent between the client and server machines.

The OpenSSL team today released an update that patches the flaw, classified as critical by SANS Internet Storm Center, as well as five other vulnerabilities.

The SSL/TLS man-in-the middle flaw (CVE-2014-0224) centers around a weakness in the "handshake" between client and server in an OpenSSL SSL/TLS session. "I also rated CVE-2014-0224 critical, since it does allow for MiTM attacks, one of the reasons you use SSL. But in order to exploit this issue, both client and server have to be vulnerable, and only openssl 1.0.1 is vulnerable on servers,"  SANS Internet Storm Center head Johannes Ullrich said today in a blog post.

Vulnerable OpenSSL server versions include OpenSSL 1.0.1 and 1.0.2-beta1, and the OpenSSL Project recommends OpenSSL servers earlier than the 1.0.1 update to a newer version "as a precaution." A security advisory issued today by the OpenSSL Project says OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za; OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m; and OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.

The vulnerability also affects the most recent versions of OpenSSL server software, notes Nicholas J. Percoco, vice president of strategic services at Rapid7, in an emailed statement:

This likely contains the majority of systems on the Internet, given that most rushed to upgrade OpenSSL after the Heartbleed disclosure in early April of this year. A Man-in-the-middle attack is dangerous because it can allow an attacker to intercept data that was presumed to be encrypted between a client (eg. an end user) and a server (eg. the online bank, etc.). This attack is also passive in nature and will may not be detected by a client, server or network based security controls.

The latest security holes in OpenSSL reflect a new scrutiny of encryption software, post-Heartbleed, something that most security experts predicted would occur.

Tal Klein, vice president of strategy at Adallom, tells us:

I don't think the roof is on fire, but this is a further reminder that companies using open-source components like OpenSSL as part of mission-critical enterprise infrastructure need to invest and participate in those projects. We should get ourselves out of the mindset that open-source software is free just because there are no licensing fees. When adopting open-source software for core functionality, companies should allocate some of the money they're saving by not having to pay for licensing and support to funding, and ideally participating in the project.

The new OpenSSL update also includes patches for a DTLS handshake recursion flaw (CVE-2014-0221) that could result in a denial-of-service attack; a DTLS invalid fragment vulnerability (CVE-2014-0195) that could be exploited in a buffer overrun attack that could run remotely executable code on targeted machines; a null pointer flaw (CVE-2014-0198) that could result in a DoS; a race condition flaw (CVE-2010-5298) that could result in a DoS; and another DoS-related bug (CVE-2014-3470) in OpenSSL clients that use the software's anonymous ECDH cipher suites.

Kelly Jackson Higgins is Executive Editor at She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
6/19/2014 | 2:11:01 AM
Re: A serious threat
Well, I totally agree with you. Heartbleed is more difficult to exploit and anyway the effect of a MITM attack is even more serious. The approach you propose is the correct one.


User Rank: Apprentice
6/18/2014 | 6:20:44 PM
Re: A serious threat
Yes sir, I agree, it is not as bad as heartbleed.  However, a man in the middle attack is much easier to take advantage of than a heartbleed attack.  The heartbleed attack would allow an attacker to gain access to information stored in memory.  You can then take this information and parse it out and come up with something useful in most cases, most likely allowing you to hijack a user's session or get their credentials at least.


The man in the middle attack is a problem because of script kiddies.  It is much simpler to implement.  You can download a kit that will walk you through hijacking a session via what version of SSL a server is using and what vulnerabilities are available for that version.  


I believe it is best to rebuild any way.  Why not be safe?  I work at an enterprise support company, we rebuild openssl and other native libraries built using the insecure openssl builds.  Contact me if you would like more information, or if you would like to learn FOR FREE, how to patch your ssl/apache/tomcat or anything else.   I am always happy to help.  My blog is at
User Rank: Ninja
6/6/2014 | 9:09:34 AM
Let me share my last post on the topic where I resume all the recent cases


Vulnerabilities in OpenSSL and GnuTLS: An Earthquake in Internet Encryption
#securityaffairs #OperSSL #encryption #SSL
User Rank: Ninja
6/6/2014 | 3:48:44 AM
Re: A serious threat
Yes OpenSSL is flawed again and probably the flaws are existent since its origin.

Resuming we have for OpenSSL

Hearbleed bug + 6 new vulnerabilities (at least one of them considered critical) that allow MiTM attacks, DoS and remote code execution.

for the GnuTLS implementation it ha s been discovered the Hello vulnerability considered as critical.

None of the above flaws are comparable to the impact of Heatbleed anyway they are critical and represent a serious menace for Internet encryption and affect cyphered communications over unsecure channels.

Patch/updade your system asap, before someone could exploit the flaws.


User Rank: Apprentice
6/5/2014 | 4:40:55 PM
Re: A serious threat
Great point, Kelly. I think with more people analyzing OpenSSL, we'll see it get stronger over time. Also, none of today's reported vulnerabiliies involved digital certificates or private keys. With patches available, server remedies can be applied now. This certainly is not Heartbleed. I like the optimism. Thanks for adding some perspective.
Thomas Claburn
Thomas Claburn,
User Rank: Moderator
6/5/2014 | 3:37:28 PM
Re: A serious threat
If I'm not mistaken, OpenSSL got some full-time developers through funding from affected organizations in the wake of Heartbleed.
Sara Peters
Sara Peters,
User Rank: Author
6/5/2014 | 1:15:39 PM
Really? Another SSL vulnerabiliity?! Ugh. I'm so sick of SSL.
Kelly Jackson Higgins
Kelly Jackson Higgins,
User Rank: Strategist
6/5/2014 | 11:41:29 AM
Re: A serious threat
The good news here--if there is some--is that researchers are now looking more closely at OpenSSL. That ideally should lead to better code, and thus more secure encryption software. #optimism
User Rank: Ninja
6/5/2014 | 11:38:50 AM
A serious threat
It is another serious issue that is threatening encryption over unsecure channel. Fortunately the principal consortiums have immediately released the necessary patch. It is fundamental to spread the news.

for the readers let me resume the situation

Heartbleed bug is related to the OpenSSL library, affects both server and clients.

The GnuTLS Hello flaw affects GnuTLS implementation and in the attack scenarios malicious servers are used to exploit the flaw in the client.


Impact of Heartbleed is wider thanks GnuTLS 


Stay sharp!
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-10-24
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.4.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted XMLRPC API request, as demonstrated using the client name.

Published: 2014-10-24 in Not Yet Commons SSL before 0.3.15 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Published: 2014-10-24
WP-Ban plugin before 1.6.4 for WordPress, when running in certain configurations, allows remote attackers to bypass the IP blacklist via a crafted X-Forwarded-For header.

Published: 2014-10-24
Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overflow with a mining.notify request.

Published: 2014-10-24
Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 uses world-writable permissions for (1) and (2), which allows local users to execute arbitrary Perl code by modifying these files.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.