POODLE Flaw Returns, This Time Hitting TLS Protocol

angry tapir writes: If you patched your sites against a serious SSL flaw discovered in October you will have to check them again. Researchers have discovered that the POODLE vulnerability also affects implementations of the newer TLS protocol. The POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability allows attackers who manage to intercept traffic between a user's browser and an HTTPS website to decrypt sensitive information, like the user's authentication cookies.

Re:After the jump BULLSHIT

[Nyder]

Don't you mean Dog shit instead of bullshit? After all, this is a POODLE vulnerability.

Re:

[Anonymous Coward]

Hi! You must be new here. The most points that were most likely spent on him is 1. You see, it's only AC's like us that read as 0 out the gate. For registered users they normally start out at 1... unless they have an "Excellent" karma rating, which means they've made a significant number of posts that have been modded up, then a registered user will start out of the gate at a 2 before any mods are made. Looking at Mr. Nyder's posting profile, this is not outside of the realm of possibility. So It's ve

Re:

[Anonymous Coward]

Not to feed the trolls more but... did you know that if you are logged in you can click the comment score and SEE all the moderation on the comment?
At the current time, the post in question started at 2 and has +1 Funny for a total of 3.

If you are logged in, you can also change the weight of users to remove the karma bonus.

Re:

[wonkey_monkey]

GP asked for this:

Can't anybody just post the damn direct link to the fucking advisory or source articles anymore.

Disabling Javascript isn't going to help with that.

Re:

[Columcille]

You must be new here.

Test your site with this

[cyrus0101]

The article references the SSL Labs tool which includes the TLS POODLE test: https://www.ssllabs.com/ssltes... [ssllabs.com]

Re:Test your site with this

[Architect_sasyr]

The SSL Labs are a fantastic reference.

Turns out when I was using their guides and aiming for an A+ rating in October (not long after I took over the current post) I accidentally mitigated TLS POODLE before it even became publicly known. So.. whoops? Better not follow the best practices guides next time, better just patch the vulnerabilities as they come ;)

Re:

[oobayly]

If you're using IIS 7.5/8 there's this script [www.hass.de] for securing* it. Though it may lock out XP users (which probably isn't a bad thing) due to disabling RC4.

* You there in the back, stop laughing.

Re:

[RyoShin]

Thankfully, this looks to be an implementation issue and not a protocol issue like SSL had. From the blog of the folks who run that SSL test [qualys.com]:

As problems go, this one should be easy to fix. [...] [E]ven though TLS is very strict about how its padding is formatted, it turns out that some TLS implementations omit to check the padding structure after decryption. Such implementations are vulnerable to the POODLE attack even with TLS. [...] According to our most recent SSL Pulse scan (which hasn’t been publ

Re: A question I hope someone can answer

[Anonymous Coward]

Have you considered upgrading your browser!

Re:

[Carewolf]

For those of us who are stuck using older browsers (FireFox v10 or IE6), even with SSL disabled and only TLS 1.0 enabled, will this be a problem?

As I said, stuck. I won't appreciate replies saying to upgrade my browser.

Yes, in fact it is ONLY you who are affected. This was discovered in old versions of NSS, which means old Firefox and Chromium versions.

Re:

[Anonymous Coward]

You should consider NCSA Mosaic [wikipedia.org]. I can guarantee that it is not vulnerable to any flaws SSL or TLS [wikipedia.org].

Re:

[tom17]

I don't know his exact situation, but it's possible that the company he works at has an app that only works with IE6. There used to be many apps like this.

If this is such a case, the fuckwad is the company (for not hiring developers to upgrade the app) or the vendor that supplies the app without upgrading it (Maybe the company is still to blame for not moving to a more current product, or maybe there isn't one). Either way, the user that is forced to stick with the crappy browser is not necessarily the prob

Re:

[lgw]

don't know his exact situation, but it's possible that the company he works at has an app that only works with IE6. There used to be many apps like this.

That's no excuse! IE6 belongs in a VM used only for internal sites and strictly firewalled off from the outside world. But even if you're stuck with IE6, at least run the latest FF or something beside it.

Re:

[tom17]

Unless your company/vendor forces you to use it externally, or will not provide said VM for internal sites.

I'm not agreeing that it's OK to use such a browser, just saying that it's not necessarily the users own fault. Companies can be idiots too when it comes to IT security.

Re:

[jafiwam]

For those of us who are stuck using older browsers (FireFox v10 or IE6), even with SSL disabled and only TLS 1.0 enabled, will this be a problem?

As I said, stuck. I won't appreciate replies saying to upgrade my browser.

In IE 6.0, you can enable TLS 1.0. It is not on by default.

It is deep in the "Internet Settings" in "Security". Scroll down the list and find where it mentions TLS.

IE 6.0 does not do TLS 1.1 or later, so when TLS 1.0 gets shut off, you are done with it.

I believe RC4 is only in SSL 3.0 so that being on or off doesn't matter.

PS, most sites already have 3.0 off, so you may be in the clear already.

This is the God of Job

[grcumb]

If there were a just and caring God, he would never let geeks name things.

POODLE?

Jesus wept. Literally. He heard the name and wept tears.

Geeks made baby Jesus cry.

Re:

[oldmac31310]

It is an acronym. Padding Oracle On Downgraded Legacy Encryption. Convenient, annoying, but not just randomly made up like so much other tech jargon.

Re:

[geminidomino]

And if you don't think that's a backronym, I have some swampland in Florida to sell you.

Re:

[jafiwam]

The CVE for this has already been rejected. There was an implementation problem on a specific piece of network equipment and not a general TLS implementation issue

Link?

Re:

[DES]

https://www.imperialviolet.org... [imperialviolet.org]

This affects BigIP F5 and A10 load balancers which implement TLS incorrectly.

Re:

[DES]

This affects BigIP F5 and A10 load balancers which implement TLS incorrectly.

Proper grouping: ((BigIP F5) and (A10)) (load balancers).

SSL, Poodle and mail

[oldmac31310]

My mac mail has been messed up by this and I have had to disable ssl entirely or I can neither send nor receive mail despite having changed the port to one recommended by my web host. I have done a lot of googling on this but nothing solves the problem - otherwise I wouldn't bring it up here.

Anyone who doesn't irrationally hate Apple have any tips, suggestions for fixing this? I'm still using OS X 10.7 so maybe my best bet is to upgrade the OS, but would like to avoid doing so to keep some older programs r

Re:

[Moridineas]

I'm still using OS X 10.7 so maybe my best bet is to upgrade the OS, but would like to avoid doing so to keep some older programs running.

Out of curiosity, what programs do you use that break post-10.7?

The only program I've run into that works on 10.7 but not anything after is QuarkXPress 8 (and earlier) using a License Server (the license server networking code uses a deprecated system library).

Other than that, Yosemite has been grand.

Re:

[oldmac31310]

It's more a matter of - 'they ain't broke' - so I rather not find out what works and doesn't.

implementation flaw not protocol flaw

[Anonymous Coward]

It is very important to understand that this is a flaw in some vendors' TLS implementation, NOT in the tls protocol itself.

Re:

[TechyImmigrant]

It is very important to understand that this is a flaw in some vendors' TLS implementation, NOT in the tls protocol itself.

The protocol invites this sort of implementation error. Hence proposals like this: http://clearcrypt.org/tls/ [clearcrypt.org]