Don't look now, but it's time to patch OpenSSL again: A critical flaw discovered in the open-source encryption software could allow an attacker to hijack an SSL/TLS session and decrypt and alter the traffic sent between the client and server machines.
The OpenSSL team today released an update that patches the flaw, classified as critical by SANS Internet Storm Center, as well as five other vulnerabilities.
The SSL/TLS man-in-the middle flaw (CVE-2014-0224) centers around a weakness in the "handshake" between client and server in an OpenSSL SSL/TLS session. "I also rated CVE-2014-0224 critical, since it does allow for MiTM attacks, one of the reasons you use SSL. But in order to exploit this issue, both client and server have to be vulnerable, and only openssl 1.0.1 is vulnerable on servers," SANS Internet Storm Center head Johannes Ullrich said today in a blog post.
Vulnerable OpenSSL server versions include OpenSSL 1.0.1 and 1.0.2-beta1, and the OpenSSL Project recommends OpenSSL servers earlier than the 1.0.1 update to a newer version "as a precaution." A security advisory issued today by the OpenSSL Project says OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za; OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m; and OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
The vulnerability also affects the most recent versions of OpenSSL server software, notes Nicholas J. Percoco, vice president of strategic services at Rapid7, in an emailed statement:
This likely contains the majority of systems on the Internet, given that most rushed to upgrade OpenSSL after the Heartbleed disclosure in early April of this year. A Man-in-the-middle attack is dangerous because it can allow an attacker to intercept data that was presumed to be encrypted between a client (eg. an end user) and a server (eg. the online bank, etc.). This attack is also passive in nature and will may not be detected by a client, server or network based security controls.
The latest security holes in OpenSSL reflect a new scrutiny of encryption software, post-Heartbleed, something that most security experts predicted would occur.
Tal Klein, vice president of strategy at Adallom, tells us:
I don't think the roof is on fire, but this is a further reminder that companies using open-source components like OpenSSL as part of mission-critical enterprise infrastructure need to invest and participate in those projects. We should get ourselves out of the mindset that open-source software is free just because there are no licensing fees. When adopting open-source software for core functionality, companies should allocate some of the money they're saving by not having to pay for licensing and support to funding, and ideally participating in the project.
The new OpenSSL update also includes patches for a DTLS handshake recursion flaw (CVE-2014-0221) that could result in a denial-of-service attack; a DTLS invalid fragment vulnerability (CVE-2014-0195) that could be exploited in a buffer overrun attack that could run remotely executable code on targeted machines; a null pointer flaw (CVE-2014-0198) that could result in a DoS; a race condition flaw (CVE-2010-5298) that could result in a DoS; and another DoS-related bug (CVE-2014-3470) in OpenSSL clients that use the software's anonymous ECDH cipher suites.