Geekly Articles each Day
📜 ⬆️ ⬇️

SSLv3 POODLE vulnerability - like BEAST, only easier

dogs
As you may know, SSLv3 has discovered the ability of the Padding Oracle attack, which allows an attacker who has any ability to send his data to the server using SSLv3 on behalf of the victim to decrypt 1 byte per 256 requests. This is due to the fact that in SSLv3 padding is not considered in the MAC.

Theoretically, it is possible to implement an attack on any service where there is an opportunity to influence the sent data from the side of the attacker. The easiest way to do this is, for example, if an attacker needs to get cookies on an HTTPS page, adding his own code to HTTP pages, which makes controlled requests to HTTPS pages, and replacing encrypted blocks.

In any case, the attacker must:

')
Vulnerability does not depend on the specific implementation, it is by design. Although the vulnerability affects only the CBC mode, it is better to disable SSLv3 completely. SSL time has passed.

How to protect yourself?


Disable SSLv3 on both clients and servers.

In Firefox <34, you need to either install the addon , or
about:config → security.tls.version.min=1
(and in> 34 SSLv3 is disabled)

Add to Chrome
 --ssl-version-min=tls1
as a startup key

In Internet Explorer, uncheck "SSLv3" in the security settings.

For nginx :
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

For Apache :
 SSLProtocol All -SSLv2 -SSLv3

For IIS

Links


poodlebleed.com - server check
www.poodletest.com - check browsers
poodlebleed.com/ssl-poodle.pdf - Whitepaper
blog.cloudflare.com/sslv3-support-disabled-by-default-due-to-vulnerability - Announcement of disabling SSLv3 on Cloudflare by default
googleonlinesecurity.blogspot.ru/2014/10/this-poodle-bites-exploiting-ssl-30.html - Announcement from Google
security.stackexchange.com/questions/70719/ssl3-poodle-vulnerability - Attack Details
www.imperialviolet.org/2014/10/14/poodle.html - Detailed description of the attack

Source: https://habr.com/ru/post/240499/

More articles:


All Articles