Jump to content
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Sign in to follow this  

LinuxStories: POODLE: SSLv3 vulnerability (CVE-2014-3566) - UPDATED

Recommended Posts




POODLE stands for Padding Oracle On Downgraded Legacy Encryption. This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack. More details are available in the upstream OpenSSL advisory.
POODLE affects older standards of encryption, specifically Secure Socket Layer (SSL) version 3.0. It does not affect the newer encryption mechansim known as Transport Layer Security (TLS).


To mitigate this vulnerability SSL 3.0 should be disabled in all affected packages. Red Hat is continuously working at this time to provide additional use cases and guides to disable SSL 3.0.

Determining Vulnerability

If you are not a subscriber, the following script can be run against the server in question. The command will return 'SSL 3.0 enabled' if vulnerable and 'SSL 3.0 disabled' if not.

ulimit -t 5
ret=$(echo Q | timeout 5 openssl s_client -connect "${1-`hostname`}:${2-443}" -ssl3 2> /dev/null)
if echo "${ret}" | grep -q 'Protocol.*SSLv3'; then
  if echo "${ret}" | grep -q 'Cipher.*0000'; then
    echo "SSL 3.0 disabled"
    echo "SSL 3.0 enabled"
  echo "SSL disabled or other error"

NOTE: This script takes the hostname of the server to check as the first argument and an optional port as the second. By default it will check the local system, port 443.
Also you can use
Your servers are vulnerable simply if they support SSLv3. Several options here:
With OpenSSL s_client:

 openssl s_client -connect : -ssl3

 If the connection succeeds, sslv3 is enabled. If it fails, it is disabled. When it fails you should see something like:

error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

Using nmap:

nmap --script ssl-enum-ciphers -p 443 myhostname.tld

It should output 'SSLv3: No supported ciphers found'. Adjust for your hostname/port.

Using cipherscan. Clone/download the binary and execute it:

./cipherscan myhostname.tld

It should not list anything with SSLv3 under the 'protocols' column.


How to fix

Firefox browser
Open about:config, find security.tls.version.min and set the value to 1. Then restart your browser to drop any open SSL connections.
Firefox from version 34 onwards will disable SSLv3 by default and thus require no action (source).
However, at the moment of writing, 33 is just released and 34 is set for November 25.

Google Chrome (Linux)
Edit the /usr/share/applications/google-chrome.desktop file, e.g.
sudo nano /usr/share/applications/google-chrome.desktop
Edit all lines starting with Exec= to include --ssl-version-min=tls1.
E.g. a line like

Exec=/usr/bin/google-chrome-stable %U
Exec=/usr/bin/google-chrome-stable --ssl-version-min=tls1 %U
Then make sure to fully close the browser (Chrome apps may be keeping your browser active in the background!).
Note: You may need to repeat this every google-chrome package update, overwriting this .desktop launcher file.
A Google Chrome or Chromium browser with SSLv3 disabled by default is not yet announced at the time of writing.

Apache HTTPD Server
If you're running Apache, just include the following line in your configuration among the other SSL directives:
SSLProtocol All -SSLv2 -SSLv3
Then check if the new configuration is correct (no typos etc.):
apachectl configtest
And restart the server, e.g.
sudo service apache2 restart
More info: Apache documentation
Now test it: If your site is publicly available, test it using Qualys’ SSL Labs tool.
Nginx server
If you're running Nginx, just include the following line in your configuration among the other SSL directives:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
And restart the server, e.g.
sudo service nginx restart

Reference: Nginx documentation
Now test it: If your site is publicly, available, test it using Qualys' SSL Labs tool.

Lighttpd webserver
Lighttpd versions >1.4.28 support a configuration option to disable SSLv2 and v3. Lighttpd releases before 1.4.28 allow you to disable SSLv2 ONLY.
Please note that Ubuntu 12.04 LTS and earlier install at best lighttpd v1.4.28 and therefore a simple fix is not available for those distributions.
Therefore this fix should only be used for Ubuntu versions greater than 12.04. If someone knows a fix that's good for 12.04 and earlier, please edit this.
Edit your /etc/lighttpd/lighttpd.conf to add the following lines after the ssl.engine = "enable" directive
ssl.use-sslv2          = "disable"
ssl.use-sslv3          = "disable"
Then you should restart the lighttpd service with a sudo service lighttpd restart and perform an ssl3 handshake test as described in earlier sections to make sure that the change was implemented successfully.
Taken from http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_SSL.
Postfix SMTP
For 'opportunistic SSL' (encryption policy not enforced and plain is acceptable too), you don't need to change anything. Even SSLv2 is better than plain, so if you need to secure your server you should be using 'mandatory SSL' mode anyway. For 'mandatory SSL' mode being configured already, just add/change the
smtpd_tls_mandatory_protocols setting:
and restart Postfix:
sudo service postfix restart
(Unverified edit by anonymous user, I'm not comfortable with Sendmail, please verify.)
These options are configured in the LOCAL_CONFIG section of your sendmail.mc
ClientSSLOptions=+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3
In Dovecot v2.1+, add the following to your /etc/dovecot/local.conf (or a new file in /etc/dovecot/conf.d):
ssl_protocols = !SSLv2 !SSLv3
and restart Dovecot:
sudo service dovecot restart
For older versions you will have to patch the source code.
Courier-imap (imapd-ssl)
Courier-imap allows SSLv3 by default on Ubuntu 12.04 and others. You should disable it and use STARTTLS instead to force TLS. Edit your /etc/courier/imapd-ssl configuration file to reflect the following changes

HAProxy Server

SSL is supported in HAProxy >= 1.5.
Edit the /etc/haproxy.cfg file and find your bind line. Append no-sslv3. For example:
bind :443 ssl crt ciphers no-sslv3

Reference: HAProxy Documentation


Appears to be unaffected (source).
OpenVPN uses TLSv1.0, or (with >=2.3.3) optionally TLSv1.2 and is thus not impacted by POODLE.
When using Tomcat with the JSSE connectors, the SSL protocol to be used can be configured via $TOMCAT_HOME/conf/server.xml.
The following example shows how the sslProtocol in an https connector is configured.
Tomcat 5 and 6:
                   maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslEnabledProtocols = "TLSv1,TLSv1.1,TLSv1.2" />

Tomcat >= 7
                maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocols = "TLSv1,TLSv1.1,TLSv1.2" />

If the sslEnabledProtocols or sslProtocols attributes are specified, only protocols that are listed and supported by the SSL implementation will be enabled.
If not specified, the JVM default is used. The permitted values may be obtained from the JVM documentation for the allowed values for algorithm when creating an SSLContext instance e.g.
Oracle Java 6 and Oracle Java 7.
Tomcat APR
When using Tomcat with the APR/Native connectors, the SSL protocol to be used can be configured in $TOMCAT_HOME/conf/server.xml.
The following example shows how the SSLProtocol in an https connector is configured.
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />
Configuration parameters are documented here. The default is for the SSLProtocol attribute to be set to ALL, with other acceptable values being SSLv2, SSLv3, TLSv1
and SSLv2+SSLv3. Starting with version 1.1.21 of the Tomcat native library any combination of the three protocols concatenated with a plus sign will be supported.
Note that the protocol SSLv2 is inherently unsafe.

View the full article

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this