POODLE

POODLE

October 16, 2014

TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are protocols that provide data encryption and authentication between applications and servers in scenarios where the data is being sent across an insecure network, such as checking an email. The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is in-fact the predecessor of the other — SSL 3.0 served as the basis for TLS 1.0, where TLS v1.0 is marginally more secure than SSL v3.0.

Flaw

Google’s Security team discovered a serious vulnerability in SSL 3.0 that can be exploited to steal certain confidential information, such as cookies. This vulnerability is known as POODLE (Padding Oracle On Downgraded Legacy Encryption).

Impact

By exploiting this vulnerability, an attacker can gain access to passwords and cookies, by enabling the user to access a private data on a website.

Exploitation

The attack depends on the fact that most Web servers and Web browsers allow the use of the ancient SSL version 3 protocol to secure communications. Although SSL has been superseded by Transport Layer Security, it's still widely supported on both servers and clients. SSLv3, unlike TLS 1.0 or newer, omits validation of certain pieces of data that accompany each message. Attackers can use this feebleness to de-cipher an individual byte, time of the encrypted data, and extract the plain text of the message byte by byte.

Mitigation

  • Disable SSL 3.0 support, or CBC-mode ciphers with SSL 3.0 in server configuration. Doing this will significantly cause compatibility problems with servers/applications which uses SSLv3 for transactions.
  • Check if the server/client use the TLS_FALLBACK_SCSV to allow applications to block the ability for a attacker to force a protocol downgrade.
  • OpenSSL 1.0.1 users should upgrade to 1.0.1j, OpenSSL 1.0.0 users should upgrade to 1.0.0o and OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
  • Update your browsers to the latest versions : Firefox users should upgrade to 34, Chrome already supports TLS_FALLBACK_SCSV.

Healthcare IT Enterprise IT