Part 1: SSL Endpoint Vulnerabilities

Wednesday, October 14, 2015

Following our introduction on SSL endpoints (The Truth about SSL Certificate) and the steps needed to configure SSL endpoint vulnerabilities, we’ll now look into detail what the vulnerabilities are and how you can go about fixing each of them. We often get asked about what the vulnerabilities are, so here goes! 

(1) BEAST

beast attack

 

 

 

 

 

 

Browser Exploit Against SSL/TLS (BEAST) exploits the Secure Socket Layer (SSL) protocol by using the weakness in SSL cipher block chain. Cipher suites are used for security settings to establish a network connection that uses a SSL/TLS protocol. This vulnerability can enable man-in-the-middle (MITM) attacks allowing hackers to decrypt and get HTTP authentication tokens; thereby stealing data that passes through a browser and the server.

Solution:

– Enable TLS 1.1 and/or TLS 1.2 on servers that support TLS 1.1 and 1.2
– Enable TLS 1.1 and/or TLS 1.2 in Web browsers that support TLS 1.1 and 1.2
– If server does not support TLS 1.1 and 1.2, disable all block-based cipher suites in your server’s SSL configuration.

(2) BREACH

Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) manipulates HTTP level compression (frequently used by many web pages to compress and reduce bandwidth and latency issues) to extract information from HTTPS encrypted data such as email addresses and security tokens.

Solution:

A.Web Server:
Turn off compression for pages that include PII (Personal Identifiable Information)

B. Web Browser:
Force browser not to invite HTTP compression use

C. Web Applications:
– Consider shifting to Cipher AES128
– Remove compression support on dynamic content
– Reduce secrets in response buddies
– Use rate-limiting requests

(3) CRIME

crime attack

 

 

 

 

 

 

 

Compression Ratio Info-Leak Made Easy (CRIME) is similar to the BREACH attack in a way it exploits compression – for the purpose of reducing bandwidth and latency – to steal large amounts of data. CRIME recovers the content of secret authentication cookies and uses this information to hijack an authenticated web session.

Solution:

– Disable server (website) TLS data compression and Web browser TLS data compression.
– Modify gzip to allow for explicit separation of compression contexts in SPDY (Web protocol from Google).

(4) FREAK

Factoring Attack on RSA-EXPORT Keys (FREAK) intercepts HTTPS connections between vulnerable clients and servers and forces them to use weakened encryption. By doing so, attackers can steal and manipulate sensitive data.

Solution:

A.Servers
– Disable support for export cipher suites. At the same time, we also recommend disabling support for all known insecure ciphers and enable forward secrecy.
1. Look through this security Configuration Guide
2. Make use of Mozilla’s SSL configuration Generator
3. Test configuration using DigiCert Inspector Tool or Qualys SSL Server Test Tool

B. Clients
– Make sure they have the most recent web browser installed and check for updates.

(5) Heartbleed Bug

heartbleed bug

The Heartbleed Bug exploits weakness in the OpenSSL cryptographic software library by allowing anyone to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. Private keys used to identify the providers and provide encryption may be leaked, causing attackers to eavesdrop on communications.

Solution:

A.Patch your software
1. Patch OpenSSL on servers that are running vulnerable versions of OpenSSL, and patch software that is using affected versions of OpenSSL library.
2. Upgrade to the latest version of OpenSSL (version 1.0.1g or newer should be used)
3. Recompile OpenSSL with the OPENSSL_NO_HEARTBEATS flag

B.Verify that your Heartbleed Bug vulnerabilities are patched
– By using DigiCert Certificate Inspector or Qualys SSL Server Test Tool

C.Rekey, reissue and install certificates
– Rekey and reissue certificates on affected servers. Install reissued certificates on servers and software that are patched.

D. Revoke replaced certificates

E. Reset Passwords
– If your servers accept passwords, you should also have your clients reset their passwords, but only after servers and software are patched and certificates are rekeyed, reissued, installed and revoked.

Look Out for Part 2

The above only outlines half of the SSL endpoint vulnerabilities known in the industry and if you’re looking to understand all vulnerabilities associated with SSL, end of this week we’ll bring you the second half of vulnerabilities and fixes. Do keep a lookout!

–  Insecure TLS Renegotiation

– Weak Diffie-Hellman and the Logjam Attack

– RC4 Cipher Enabled

–  SSL 2.0 Protocol Enabled

– SSL 3.0 Protocol Enabled

–  Weak Cipher Suites

Share :    


Back to Blog