Hackin9

From the researchers that brought you BEAST and CRIME comes another attack against Secure Sockets Layer (SSL), one of the protocols that's used to secure Internet traffic from eavesdroppers both government and criminal.

Calling the new attack POODLE—that's "Padding Oracle On Downgraded Legacy Encryption"—the attack allows a man-in-the-middle, such as a malicious Wi-Fi hotspot or a compromised ISP, to extract data from secure HTTP connections. This in turn could let that attacker do things such as access online banking or e-mail systems. The flaw was documented by Bodo Möller, Thai Duong, and Krzysztof Kotowicz, all who work at Google. Thai Duong, working with Juliano Rizzo, described the similar BEAST attack in 2011, and the CRIME attack in 2012.

The attack depends on the fact that most Web servers and Web browsers allow the use of the ancient SSL version 3 protocol to secure their communications. Although SSL has been superseded by Transport Layer Security, it's still widely supported on both servers and clients alike, and is still required for compatibility with Internet Explorer 6. SSLv3, unlike TLS 1.0 or newer, omits validation of certain pieces of data that accompany each message. Attackers can use this weakness to decipher an individual byte at time of the encrypted data, and in so doing, extract the plain text of the message byte by byte.

Read 8 remaining paragraphs | Comments

 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Oracle Supply Chain Products Suite CVE-2014-6533 Remote Security Vulnerability
 
Oracle Supply Chain Products Suite CVE-2014-6461 Remote Security Vulnerability
 
Oracle Supply Chain Products Suite CVE-2014-6536 Remote Security Vulnerability
 
Oracle Solaris CVE-2014-4282 Local Security Vulnerability
 
Oracle E-Business Suite CVE-2014-4285 Remote Security Vulnerability
 
Oracle E-Business Suite CVE-2014-4281 Remote Security Vulnerability
 
Oracle E-Business Suite CVE-2014-6523 Remote Security Vulnerability
 
Oracle E-Business Suite CVE-2014-6472 Remote Security Vulnerability
 

Finally we got an official announcement. For all the details, jump straight to the original announcement [1]. Below see the TL;DR; version:

The problem is limited to SSLv3. SSLv3 is often considered similar to TLSv1.0, but the two protocols are different.

SSLv3 had issues in the past. Remember the BEAST attack? It was never resolved (other then moving to TLS 1.1/2). The only alternative was to use a stream cipher like RC4, which had its own problems.

But this POODLE issue is different. With block ciphers, we have a second problem: What if the block to be encrypted is too short? In this case, padding is used to make up for the missing data. Since the padding isnt really considered part of the message, it is not covered by the MAC (message authorization code) that verified message integrity.

So what does this mean in real live? The impact is similar to the BEAST attack. An attacker may either play MitM, or may be able to decrypt parts of a message if the attacker is able to inject data into the connection just like in the BEAST attack. The attack allows one to decrypt one byte at a time, if the attacker is able to inject messages right after that byte that include only padding.

What should you do: Disable SSLv3. There is no patch for this. SSLv3 has reached the end of its useful life and should be retired.

This isnt a patch now. Give it some time, test it carefully, but get going with it. The other problem is that this is a client and a server issue. You need to disable SSLv3 on either. Start with the servers for highest impact, but then see what you can do about clients.

The other option to fix this problem is to use SSL implementations that take advantage of the TLS_FALLBACK_SCSV feature. This feature notifies the other side that you first tried the stronger cipher. This way, they can reject the downgrade attempt that may have been introduced by a MitM attack. But it isnt clear which implementations use this feature at this point, and which dont. A patch for OpenSSL 1.0.1 was released earlier today implementing TLS_FALLBACK_SCSV

FAQ

To test if your server is vulnerable: Use https://ssltest.com

To test if your client is vulnerable: We setup a test page at https://www.poodletest.com"> ">">">">vuln

To turn off SSLv3 support in Internet Explorer 11:

Setting - Internet Options - Advanced Tab - Uncheck SSLv3 under Security.

">[1]https://www.openssl.org/~bodo/ssl-poodle.pdf

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

 

Yesterday, a number of news sites published speculative reports about a possible OpenSSLbug to be fixed today. According to these reports, the bug affects SSL 3, and is critical. Can-)

Initially, it looked like an OpenBSD patch lead to an answer, but turns out the patch was old (thx to those who wrote in and responded,in particular based on the tweet by @martijn_grooten). But instead, there are new leads now, in particular a discussion on Stackexchange [1]. In this discussion, a comment by Thomas Pornin outlines how padding in SSLv3 can lead to MitM attacks. This would be an outright attack against the SSLv3 protocol, and less against a specificimplementation. It would affect clients as well as servers.

We will update this post as we learn more. At this point: Dont panic and wait for a patch from your respective vendor. We are not aware of any active exploitation of this problem, but please let us know if you see any evidence of that happening.

If you choose to disable SSLv3 on a server, but leave TLS 1.0 enabled, Windows XP with IE 6 will no longer be able to connect (but older versions of IE will be able to connect from Windows XP machines).

How can you test if a server supports SSLv3? Either use ssllabs.com, or using the openssl client: (if it connects, it supports SSLv3)

openssl s_client -ssl3 -connect [your web server]:443

How can I check if my browser can live without SSLv3? If you can read this, then you support TLSv1 or higher. I turned off SSLv3 support on this site for now. But pretty much all browsers support SSLv3.

You tell us not to panic, but you turned of SSLv3? Yes. I wanted to see what happens if I turn off SSLv3. So far, the only issue I found was Windows XP with IE 6, a configuration I probably dont want to support anyway.


[1]http://chat.stackexchange.com/transcript/message/18152298#18152298

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
SuSE XScreenSaver Package Multiple Vulnerabilities
 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Microsoft Windows CVE-2014-4114 OLE Package Manager Remote Code Execution Vulnerability
 

Adobe published two security bulletins today:

APSB-22[1] : fixes 3 vulnerabilities in Adobe Flash Player as well as in Adobe Air. The vulnerabilities are rated with a priority of 1 for Flash Playerrunning onWindows and OS X , which means they have already been exploited in targeted attacks.

APSB-23 [2] : another 3 vulnerabilities, but this time in Cold Fusion. The priority for these updates is 2which indicates that they have not yet been exploited in the wild.

[1]http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
[2]http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
[security bulletin] HPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage (SMH), Remote Cross-Site Request Forgery
 
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager
 
[security bulletin] HPSBGN03138 rev.1 - HP Operations Analytics running Bash Shell, Remote Code Execution
 
[security bulletin] HPSBMU03133 rev.1 - HP Enterprise Maps Virtual Appliance running Bash Shell, Remote Code Execution
 

Microsoft only published 8 instead of the promised 9 bulletins. Also, of particular interest is MS14-060 which was pre-announced by iSight Partners. iSighthas seen this vulnerability exploited in some APT style attacks against NATO/US military interests and attributes these attacks to Russia. Attacks like this have happened with many Office vulnerabilities in the past, but it is unusual for a company to announce the respective attacks and CVE numbers ahead of Microsofts bulletin release. Note that we got a total of 3 already exploited vulnerabilities in this months release. Don">MS14-059 Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass Microsoft Developer Tools

CVE-2014-4075 KB 2990942

Publicly disclosed,not
exploited.">MS14-060

lity in Windows OLE Could Allow Remote Code Execution(replaces">MS14-061 Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution">MS14-063 Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege">Critical: Anything that needs little to become interesting">Less Urt practices for servers such as not using outlook, MSIE, word etc. to do traditional office or lei\ sure work.
  • The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.
  • ---
    Johannes B. Ullrich, Ph.D.
    STI|Twitter|LinkedIn

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

     
    PayPal Inc BB #85 MB iOS 4.6 - Auth Bypass Vulnerability
     
    PayPal Inc #86 iOS 4.6 - Validation & Design Vulnerability
     
    LinuxSecurity.com: Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the sixth regular update. [More...]
     
    LinuxSecurity.com: Updated krb5 packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
     
    LinuxSecurity.com: Updated cups packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
     
    LinuxSecurity.com: Updated rsyslog packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
     
    LinuxSecurity.com: Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]
     
    LinuxSecurity.com: Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
     
    LinuxSecurity.com: Updated trousers packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security [More...]
     
    LinuxSecurity.com: Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
     
    LinuxSecurity.com: Updated X11 client libraries packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. [More...]
     
    LinuxSecurity.com: Updated glibc packages that fix two security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
     
    Drupal Custom Search Module Taxonomy Vocabulary Labels HTML Injection Vulnerability
     
    Drupal Maestro Module Mutiple Cross Site Scripting Vulnerabilities
     

    Posted by InfoSec News on Oct 14

    http://krebsonsecurity.com/2014/10/whos-watching-your-webex/

    By Brian Krebs
    Krebs on Security
    Oct 13, 2014

    KrebsOnSecurity spent a good part of the past week working with Cisco to
    alert more than four dozen companies — many of them household names —
    about regular corporate WebEx conference meetings that lack passwords and
    are thus open to anyone who wants to listen in.

    At issue are recurring video- and audio conference-based meetings...
     

    Posted by InfoSec News on Oct 14

    http://arstechnica.com/security/2014/10/suspected-russian-sandworm-cyber-spies-targeted-nato-ukraine/

    By Robert Lemos
    Ars Technica
    Oct 13, 2014

    A group of cyber spies targeted the North Atlantic Treaty Organization
    (NATO), Ukrainian and Polish government agencies, and a variety of
    sensitive European industries over the last year, in some cases using a
    previously unknown flaw in Windows systems to infiltrate targets,
    according to a research...
     

    Posted by InfoSec News on Oct 14

    http://www.csoonline.com/article/2824563/social-engineering/the-human-os-overdue-for-a-social-engineering-patch.html

    By Taylor Armerding
    CSO
    Oct 13, 2014

    It sounds like the operating system that really needs some serious
    security patches is the human one.

    While technology giants like Microsoft, Google and Apple regularly crank
    out updates, patches and fixes for zero-day vulnerabilities and other
    threats, the weakest link in the security...
     

    Posted by InfoSec News on Oct 14

    http://www.foxbusiness.com/economy-policy/2014/10/12/obama-said-to-warn-crippling-cyber-attack-potential/

    By Charlie Gasparino
    Charlie Breaks It
    foxbusiness.com
    October 12, 2014

    President Barack Obama believes cyber terrorism is one of the biggest
    threats to national security and says the White House is bracing for a
    possible doomsday scenario if hackers can successfully penetrate
    government and business computer systems, the FOX Business...
     

    Posted by InfoSec News on Oct 14

    http://venturebeat.com/2014/10/13/apparent-hackers-claim-they-have-stolen-nearly-7-million-dropbox-passwords/

    By Dylan Tweney
    venturebeat.com
    October 13, 2014

    Hundreds of alleged usernames and passwords for Dropbox have been
    published on Pastebin, an anonymous information-sharing site.

    The apparent hackers claim to have nabbed 6,937,081 passwords and today
    published a “teaser” of 400 username-password pairs. They requested
    donations in...
     

    Dropbox password scam shows up our sloppy infosec
    ZDNet
    Dropbox, one of the world's best-known cloud storage providers, is the latest victim of a password brea ... Wait. No? No. No, it's not. Dropbox is fine for now. But it's time we had a serious talk about passwords, anyway. Over the course of a couple of ...

    and more »
     
    Internet Storm Center Infocon Status