Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/10/2014
01:50 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

Crypto In The Crosshairs Again

"POODLE" attack extends to newer versions of SSL/TLS encryption as well.

More than 10 percent of servers running one of the newer versions of SSL encryption on the web so far have been found vulnerable to an attack that originally was thought to only affect servers and browsers supporting the older encryption protocol.

It turns out a serious flaw in the nearly 15-year-old SSL 3.0 extends to a newer generation of SSL -- Transport Layer Security (TLS) 1.0, 1.1, and 1.2 -- researchers have found. The so-called POODLE (Padding Oracle On Downgraded Legacy Encryption) attack abuses the bug and could allow man-in-the-middle attacks against a user's encrypted web and other online sessions.

The attack was first revealed in October, prompting security experts to call for disabling SSL 3.0 in browsers and servers, and Google and Mozilla removing the older SSL 3.0 altogether from their browsers. Although SSL encryption on the Net today now employs the newer TLS 1.0 and 1.2, most websites still offer SSL 3.0 mainly to support older client machines and browsers.

Like Heartbleed, the bug is based on an implementation issue, which lately has become the bane of open-source software -- and especially the SSL/TLS encryption protocols.

POODLE's bark may be worse than its bite, however, since it takes a determined attacker to pull off the exploit: An attacker must be physically near his or her target, such as in a coffee shop or other public WiFi location. It forces the use of the vulnerable protocol, and an attacker then injects malicious JavaScript into the victim's browser via code planted on a non-encrypted website the user visits, for instance. Once the user's browser is infected, the attacker wages a man-in-the-middle attack and steals credentials and cookies from the SSL session.

Ivan Ristic, director of engineering at Qualys, says this new POODLE attack affects a smaller number of servers than the SSL 3.0, which affected nearly all servers. "But it's still more than 10% of the web," he says of the TLS systems now vulnerable to POODLE.

The good news is that the latest versions of SSL -- known as Transport Layer Security (TLS) in standards parlance -- are stronger and becoming more streamlined to avoid potential implementation problems like Heartbleed and POODLE.

The Internet Engineering Task Force (IETF) is working on a brand-new version of the encryption protocol, TLS 1.3, which is expected to be completed next year. The new version is all about trimming the fat and keeping the protocol as simple as possible to avoid future implementation errors.

[One of the first steps in making encryption the norm across the Net is an update to the protocol itself and a set of best-practices for using encryption in applications. Read New TLS/SSL Version Ready In 2015.]

Russ Housley, chair of the Internet Architecture Board, says the Internet Engineering Task Force's Using TLS in Applications (UTA) working group's effort in creating best-practices for using TLS in applications, as well as guidance on how certain applications should use the encryption protocol, also should help application developers know when to stop using older security protocols or algorithms that could leave systems vulnerable.

"With the initial POODLE attack against SSLv3, we saw pretty quick reaction among server operators, with about 20% of the servers being fixed within a couple of weeks. This new variation of the POODLE attack is hitting an even larger population of servers, and we hope that the operators are paying more attention," Housley said in an email exchange with Dark Reading.

F5 Networks and A10 Networks have issued advisories and fixes for models of their load balancers that are vulnerable to the new POODLE problem.

Google security engineer Adam Langley said in a post this week confirming the new POODLE problem: "This seems like a good moment to reiterate that everything less than TLS 1.2 with an AEAD cipher suite is cryptographically broken. Thankfully, TLS 1.2 support is about to hit 50% at the time of writing."

TLS 1.2 is immune to POODLE when the AEAD cipher option it offers is deployed.

Qualys's SSL Labs project is offering an online test to check if a server is vulnerable to the new POODLE.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25820
PUBLISHED: 2020-10-21
BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF attacks via an uploaded Office document that has a crafted URL in an ODF xlink field.
CVE-2020-26895
PUBLISHED: 2020-10-21
Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. This can be exploited by any peer with an open channel regardless of the victim situation (e.g., routing node, payment-receiver,...
CVE-2020-26896
PUBLISHED: 2020-10-21
Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. While claiming on-chain a received HTLC output, it didn't verify that the corresponding outgoing off-chain HTLC was already settled before releasing the preimage. In the case of a hash-and-amount collis...
CVE-2020-5790
PUBLISHED: 2020-10-20
Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
CVE-2020-5791
PUBLISHED: 2020-10-20
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user.