Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/10/2014
01:50 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
100%
0%

Crypto In The Crosshairs Again

"POODLE" attack extends to newer versions of SSL/TLS encryption as well.

More than 10 percent of servers running one of the newer versions of SSL encryption on the web so far have been found vulnerable to an attack that originally was thought to only affect servers and browsers supporting the older encryption protocol.

It turns out a serious flaw in the nearly 15-year-old SSL 3.0 extends to a newer generation of SSL -- Transport Layer Security (TLS) 1.0, 1.1, and 1.2 -- researchers have found. The so-called POODLE (Padding Oracle On Downgraded Legacy Encryption) attack abuses the bug and could allow man-in-the-middle attacks against a user's encrypted web and other online sessions.

The attack was first revealed in October, prompting security experts to call for disabling SSL 3.0 in browsers and servers, and Google and Mozilla removing the older SSL 3.0 altogether from their browsers. Although SSL encryption on the Net today now employs the newer TLS 1.0 and 1.2, most websites still offer SSL 3.0 mainly to support older client machines and browsers.

Like Heartbleed, the bug is based on an implementation issue, which lately has become the bane of open-source software -- and especially the SSL/TLS encryption protocols.

POODLE's bark may be worse than its bite, however, since it takes a determined attacker to pull off the exploit: An attacker must be physically near his or her target, such as in a coffee shop or other public WiFi location. It forces the use of the vulnerable protocol, and an attacker then injects malicious JavaScript into the victim's browser via code planted on a non-encrypted website the user visits, for instance. Once the user's browser is infected, the attacker wages a man-in-the-middle attack and steals credentials and cookies from the SSL session.

Ivan Ristic, director of engineering at Qualys, says this new POODLE attack affects a smaller number of servers than the SSL 3.0, which affected nearly all servers. "But it's still more than 10% of the web," he says of the TLS systems now vulnerable to POODLE.

The good news is that the latest versions of SSL -- known as Transport Layer Security (TLS) in standards parlance -- are stronger and becoming more streamlined to avoid potential implementation problems like Heartbleed and POODLE.

The Internet Engineering Task Force (IETF) is working on a brand-new version of the encryption protocol, TLS 1.3, which is expected to be completed next year. The new version is all about trimming the fat and keeping the protocol as simple as possible to avoid future implementation errors.

[One of the first steps in making encryption the norm across the Net is an update to the protocol itself and a set of best-practices for using encryption in applications. Read New TLS/SSL Version Ready In 2015.]

Russ Housley, chair of the Internet Architecture Board, says the Internet Engineering Task Force's Using TLS in Applications (UTA) working group's effort in creating best-practices for using TLS in applications, as well as guidance on how certain applications should use the encryption protocol, also should help application developers know when to stop using older security protocols or algorithms that could leave systems vulnerable.

"With the initial POODLE attack against SSLv3, we saw pretty quick reaction among server operators, with about 20% of the servers being fixed within a couple of weeks. This new variation of the POODLE attack is hitting an even larger population of servers, and we hope that the operators are paying more attention," Housley said in an email exchange with Dark Reading.

F5 Networks and A10 Networks have issued advisories and fixes for models of their load balancers that are vulnerable to the new POODLE problem.

Google security engineer Adam Langley said in a post this week confirming the new POODLE problem: "This seems like a good moment to reiterate that everything less than TLS 1.2 with an AEAD cipher suite is cryptographically broken. Thankfully, TLS 1.2 support is about to hit 50% at the time of writing."

TLS 1.2 is immune to POODLE when the AEAD cipher option it offers is deployed.

Qualys's SSL Labs project is offering an online test to check if a server is vulnerable to the new POODLE.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "The security team seem to be taking SiegeWare seriously" 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1114
PUBLISHED: 2019-12-05
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
CVE-2012-1115
PUBLISHED: 2019-12-05
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
CVE-2012-1592
PUBLISHED: 2019-12-05
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
CVE-2019-16770
PUBLISHED: 2019-12-05
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough.
CVE-2019-19609
PUBLISHED: 2019-12-05
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.