SSLv3 Protocol Vulnerability 'Poodle'

Google has announced the discovery of a protocol vulnerability in SSLv3. This vulnerability allows an attacker to read contents of connections secured by SSLv3.



See full Google information here

SSLv3 is a Transport Layer Security (TLS) protocol that has been ratified in 1996. TLS is used to encrypt communications between clients and servers. It is usually integrated with webservers, mailservers or other software that use secure communications.

SSLv3 has been succeeded by TLS v1.0 in 1999 and later by TLS v1.1 and v1.2 in 2006 and 2008 respectively. SSLv3 is still supported on most of the servers for compatibility with clients that have no TLS support such as IE6 on older Windows XP machines for example.

What is it? (Technical)

An attacker can perform a man-in-the-middle attack on SSLv3. This is dependable on a few mitigation factors:

  • Make sure the client and server agree on using SSLv3
  • Exploit vulnerabilities in SSLv3 to obtain (plaintext) traffic
  • The attacker must make several hundred HTTPS requests before the attack could be successful.
  • TLS 1.0, TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.

The vulnerability has been explained perfectly as CVE 2014-3566 on these websites:

Is my environment affected?

All software supporting SSLv3 is affected by CVE 2014-3566. To see if your servers support the SSLv3 protocol you can use several (online) tools:

You can even use OpenSSL to handshake and check whether your server is using SSLv3. See an example here:

openssl s_client -ssl3 -connect [host]:[port]

Or with Nmap:

nmap --script ssl-enum-ciphers -p [port] [host] |grep "SSLv3: No supported" ||echo "Site vulnerable to poodle"

To give you an idea of the numbers of servers that are vulnerable please see this image – quite a lot:



What can be done on servers?

Disable the SSLv3 protocol on your servers. You can use this document if needed.

Please note that disabling SSLv3 on your servers could impact older operating systems and clients, such as Internet Explorer 6 users on Windows XP.

Instructions for disabling SSLv3 on Nginx and Apache can be found here.

If for some reason that is not possible, Google recommends supporting TLS_FALLBACK_SCSV, which prevents downgrade attacks. Yesterday, OpenSSL released a patch that adds support for TLS_FALLBACK_SCSV.

And about the browser?

As for the browser please note again some websites could stop working due the support for SSLv3. Change the following regkeys/settings –>


Internet Explorer (change in registry):

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client] "Enabled"=dword:00000000

Mozilla Firefox (about:config)

Set security.tls.version.min 1

Google Chrome (command line)

--ssl-version-min=tls1

Mozilla Firefox announced that it has fixed the Poodle vulnerability in the latest build 34, best for Mozilla Firefox users will be to update.

Detection

Fox-IT has made a SNORT IDS signature to detect SSLv3 in your network, you can find it on their blog or use this (very useful thanks):

alert tcp $HOME_NET 443 -> any any (msg:"FOX-SRT - SSLv3 Server Hello Detected (Poodle)"; flow:established,to_client; ssl_version:sslv3; ssl_state:server_hello; content:"|16 03 00|"; depth:3; threshold: type limit, track by_src, seconds 300, count 1; reference:cve,2014-3566; classtype:policy-violation; reference:url,http://blog.fox-it.com/2014/10/15/poodle/; sid:1; rev:1;)


Comments