Limited POODLE Attack Resurfaces in TLS
Back in October, we published an extensive article about an attack called POODLE that affected old versions of the SSL protocol (specifically, SSL 3.0). This attack had the potential to affect nearly 98% of the Internet, as many servers still supported this older version of the protocol.
But now it has been revealed that POODLE is back, this time with the ability to affect even the newest version of the protocol1.
Any time we visit the topic of SSL protocol attacks, we should remember this brief history lesson about SSL naming nomenclature: The earliest versions of the protocol were named SSL 2.0 and SSL 3.0. Then, in 1999, the next version of the protocol was renamed to TLS 1.0. Since then, all new versions have been named TLS, for Transport Layer Security, rather than Secure Socket Layer. Today, the newest version is TLS 1.2.
The POODLE attack was previously thought to only work on SSL v3.0 because it took advantage of a flaw where a section of the message (specifically, the message padding) could be changed by an attacker; this was due to under-specification of the early protocol. Successors to SSL 3.0 have since corrected this. However, some implementations of these new protocols may be vulnerable. This is because while the specifications of TLS 1.1 and 1.2 require that the message padding be verified, it’s impossible to ensure all implementations follow this rule, and clients (web browsers) cannot effectively check for this2.
Security researchers Brian Smith and Adam Langley have been quietly working since October3 , confirming the suspicion that the POODLE attack could be used on other versions of the SSL protocol. They found a few notable vulnerabilities on enterprise-level hardware, specifically devices made by two network equipment companies, F5 and A10.
The good news is that this new vulnerability is estimated to affect under 10% of servers.4 Unlike the first round of POODLE, this vulnerability is not due to a flaw in the protocol specification, but in specific implementations of it.
This attack can be executed with similar efficiency as POODLE with SSL 3.0, however with a much smaller number of potentially affected targets. Remember that both POODLE attacks require an active network attacker, the ability to inject JavaScript into a client’s browser, and only require around 4096 requests on average to succeed (this may sound like a lot, but it is quite practical to achieve).
This time around, a much smaller group of servers are affected and we believe these will be quickly patched by the server administrators who attend to them. F5 and A10 have released patches today for their devices which solve this issue. If you are affected by this please visit this page for F5 devices and this page for A10 to get the relevant patches and information.
- https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls
- https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls
- https://www.imperialviolet.org/2014/12/08/poodleagain.html
- See the final paragraph in this article, where Ivan Ristic says the latest SSL Pulse statistics reveal 10% of servers were vulnerable.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown