Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/10/2014
01:50 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
100%
0%

Crypto In The Crosshairs Again

"POODLE" attack extends to newer versions of SSL/TLS encryption as well.

More than 10 percent of servers running one of the newer versions of SSL encryption on the web so far have been found vulnerable to an attack that originally was thought to only affect servers and browsers supporting the older encryption protocol.

It turns out a serious flaw in the nearly 15-year-old SSL 3.0 extends to a newer generation of SSL -- Transport Layer Security (TLS) 1.0, 1.1, and 1.2 -- researchers have found. The so-called POODLE (Padding Oracle On Downgraded Legacy Encryption) attack abuses the bug and could allow man-in-the-middle attacks against a user's encrypted web and other online sessions.

The attack was first revealed in October, prompting security experts to call for disabling SSL 3.0 in browsers and servers, and Google and Mozilla removing the older SSL 3.0 altogether from their browsers. Although SSL encryption on the Net today now employs the newer TLS 1.0 and 1.2, most websites still offer SSL 3.0 mainly to support older client machines and browsers.

Like Heartbleed, the bug is based on an implementation issue, which lately has become the bane of open-source software -- and especially the SSL/TLS encryption protocols.

POODLE's bark may be worse than its bite, however, since it takes a determined attacker to pull off the exploit: An attacker must be physically near his or her target, such as in a coffee shop or other public WiFi location. It forces the use of the vulnerable protocol, and an attacker then injects malicious JavaScript into the victim's browser via code planted on a non-encrypted website the user visits, for instance. Once the user's browser is infected, the attacker wages a man-in-the-middle attack and steals credentials and cookies from the SSL session.

Ivan Ristic, director of engineering at Qualys, says this new POODLE attack affects a smaller number of servers than the SSL 3.0, which affected nearly all servers. "But it's still more than 10% of the web," he says of the TLS systems now vulnerable to POODLE.

The good news is that the latest versions of SSL -- known as Transport Layer Security (TLS) in standards parlance -- are stronger and becoming more streamlined to avoid potential implementation problems like Heartbleed and POODLE.

The Internet Engineering Task Force (IETF) is working on a brand-new version of the encryption protocol, TLS 1.3, which is expected to be completed next year. The new version is all about trimming the fat and keeping the protocol as simple as possible to avoid future implementation errors.

[One of the first steps in making encryption the norm across the Net is an update to the protocol itself and a set of best-practices for using encryption in applications. Read New TLS/SSL Version Ready In 2015.]

Russ Housley, chair of the Internet Architecture Board, says the Internet Engineering Task Force's Using TLS in Applications (UTA) working group's effort in creating best-practices for using TLS in applications, as well as guidance on how certain applications should use the encryption protocol, also should help application developers know when to stop using older security protocols or algorithms that could leave systems vulnerable.

"With the initial POODLE attack against SSLv3, we saw pretty quick reaction among server operators, with about 20% of the servers being fixed within a couple of weeks. This new variation of the POODLE attack is hitting an even larger population of servers, and we hope that the operators are paying more attention," Housley said in an email exchange with Dark Reading.

F5 Networks and A10 Networks have issued advisories and fixes for models of their load balancers that are vulnerable to the new POODLE problem.

Google security engineer Adam Langley said in a post this week confirming the new POODLE problem: "This seems like a good moment to reiterate that everything less than TLS 1.2 with an AEAD cipher suite is cryptographically broken. Thankfully, TLS 1.2 support is about to hit 50% at the time of writing."

TLS 1.2 is immune to POODLE when the AEAD cipher option it offers is deployed.

Qualys's SSL Labs project is offering an online test to check if a server is vulnerable to the new POODLE.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5735
PUBLISHED: 2020-04-08
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
CVE-2020-5736
PUBLISHED: 2020-04-08
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.
CVE-2017-18646
PUBLISHED: 2020-04-08
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. An attacker can bypass the password requirement for tablet user switching by folding the magnetic cover. The Samsung ID is SVE-2017-10602 (December 2017).
CVE-2020-5549
PUBLISHED: 2020-04-08
Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2020-5550
PUBLISHED: 2020-04-08
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors.