A new security vulnerability was discovered by a team of researchers from Google that affects SSL v3. This vulnerability, dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), while nowhere as serious as Heartbleed or Shellshock, can still wreak havoc on your machine or in your environment if the right set of circumstances were to put you in the crosshairs of an attacker.
I say “right set of circumstances” because this vulnerability isn’t that easy to exploit. First off, the target would have to be in a session using SSL v3, an older protocol that has been replaced in most configurations with TLS. The fact that a client/server uses TLS, though, doesn’t mean you’re out of harm’s way. Many web servers and web browsers that use TLS as the default for connection still supports SSL v3 when the TLS connection fails or is not available. Also, some older browsers (IE v6 for Windows XP) only use SSL v3. With that being said, an attacker might try to use the older XP machines as their entry point or force the TLS connection to fail and then use the POODLE exploit to take control of your session.
What does that mean to you? As a user – it means that you are unlikely to be exploited at home or in the office unless the attacker has access to your personal network. However, on public Wi-Fi at your favorite coffee shop, you could definitely be susceptible (if the planets align and you meet all of the criteria described above). As an IT admin, though, you should really only be worried about incoming connections originating from public wi-fi (or similar) connections.
Am I vulnerable?
This issue affects any software that supports SSLv3. It includes not only web servers and browsers but also any software that uses SSLv3 to encrypt communications: Mail, XMPP, etc.
To check if your web server is affected you can use one of the Nmap's scripts to enumerate the supported protocols. Example:
$ nmap --script ssl-enum-ciphers 10.60.100.1 -p 443 PORT STATE SERVICE 443/tcp open https | ssl-enum-ciphers: | SSLv3: | ciphers: | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - strong | TLS_RSA_WITH_RC4_128_SHA - strong | compressors: | NULL | TLSv1.0: | ciphers: | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - strong | TLS_RSA_WITH_RC4_128_SHA - strong | compressors: | NULL |_ least strength: strong
In this case the server is vulnerable because the SSLv3 is included in the list of supported ciphers. On the other hand, if you receive the following message "SSLv3: No supported ciphers found" it means the server does not support SSLv3 and it is not affected.
What can I do to patch my systems?
Most browsers and vendors are starting to publish instructions that include information to mitigate this vulnerability.
In Firefox you can go into about:config and set security.tls.version.min to 1. I expect that other browser vendors will publish similar instructions over the coming days -in the meantime, here is an article on how to protect common server applications:
For all of the USM/OSSIM users out there, though, don’t fret. While the USM and OSSIM products used the SSL protocol in the web server and in the vulnerability scanner, the way it is used makes it extremely difficult to exploit this vulnerability. Regardless, we have already issued a patch to address this and users are able to update via the web UI.
Our AlienVault Labs team has also been hard at work. Jaime Blasco and team have already released Intrusion Detection signatures as well as two correlation rules that will alert when a client or a server is affected by this vulnerability or if an attacker is exploiting it.
- Environmental Awareness, Vulnerable software, SSL server - POODLE
- Environmental Awareness, Vulnerable software, SSL client - POODLE
While this exploit does not seem nearly as wide reaching as others we have seen recently, do some investigation to confirm that your environment is not open to this attack. Don’t sweep it under the rug – you never know when this POODLE will bite…