POODLE Gets a Muzzle from OpenSSL

Administrators concerned about getting bitten by the POODLE vulnerability, as it were, have some protection now: the OpenSSL Initiative has issued a patch for the bug, mere days after it was revealed.

SSL 3.0 is an older encryption protocol that has largely been replaced by the more secure encryption protocol TLS. However, most browsers still support it in case they encounter legacy servers.

The POODLE flaw – which stands for “Padding Oracle On Downgraded Legacy Encryption” – works by forcing a “fallback” to the use of SSL 3.0 and then stealing session cookies that could give the attacker access to a victim’s online accounts.

“Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue,” explained Bodo Möller of the Google Security Team.

Further, “some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers,” the OpenSSL advisory reads. “This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols.”

However, it should be noted that to launch such an attack, a hacker would have to control the network between client and server, and it’s a difficult thing to do. A man in the middle (MITM) attack like that, given the nature of the flaw, would take approximately 2,000 forced requests to leak enough data for the attacker to hijack a typical HTTP over SSL session, researchers said.

Despite its only medium-level severity, OpenSSL worked quickly to add support for TLS_FALLBACK_SCSV, to allow applications to block the ability for an MITM attacker to force a protocol downgrade.

Jean Taggart, senior security researcher at Malwarebytes Labs, urged administrators to not take POODLE lightly.

“Although POODLE is a vulnerability in an older version of SSL, and may not be as bad as Shellshock or Heartbleed, anything which can cause supposedly secure data to be intercepted should be taken seriously,” he said in an emailed comment. “This is known as a cypher suite rollback attack and allows communications to be intercepted.”

As well as patching, disabling SSL 3.0 altogether is probably a good idea, he said. “15-year-old cypher suites should also be allowed to quietly go into the night,” he noted. 

What’s Hot on Infosecurity Magazine?