New SSL vulnerabilities discovered, mainly affecting OpenSSL and HTTPS services
Two independent security research organizations recently released two new and different severe vulnerabilities targeting OpenSSL encryption libraries frequently used by Internet applications. System administrators who use OpenSSL in systems (common but not limited to Linux, Mac OS X, or other UNIX-based systems) should begin to review patches, apply these patches as soon as possible. It is important to note that this vulnerability contains DROWN, so even if it is not an OpenSSL service provider, it is highly risky. Those who use SSL/TLS in the system should read the following carefully to learn why it is high.
DROWN
One of these critical vulnerabilities is called DROWN, short for D ecrypting r sa with O bsolete and W eakened e N cryption, it indicates the RSA Decryption Method Based on Time-and weak-encryption. A report from researchers in academia and the business community once explained DROWN, which the DROWN team clearly explained:
DROWN shows that the current servers and clients that only support SSLv2 are very fragile. It allows attackers to decrypt TLS connections by sending probes to services that support SSLv2 and using the same private key to update connections between clients and servers.
This means that the server is extremely vulnerable when it has the following features:
- Allow SSLv2 connections. According to their previous public research, about 17% of Public HTTPS services still use SSLv2 connections.
- Their private keys are used on any other server and allow any protocol connection using SSLv2.
Matthew Green, a password expert and Professor, wrote that the vulnerability was exposed in part because: "People do not buy multiple certificates, generally, the server is configured to support both TLS and SSLv2, and the same private key is used to support both Protocols."
The DROWN team found a specific combination, that is, the combination of OpenSSL and DROWN, which has a worse impact. Combinations allow them "... execute man-in-the-middle attacks in TLS online calls before the handshake times out, attackers can even connect to the target server to execute non-RSA-related clients and downgrade TLS clients to complete RSA key exchange... "these attacks can be quickly completed using only single-core machines-note that they are neither multi-GPU cluster systems, not a large number of Amazon EC2 instances-that means it is very easy to use DROWN for attacks.
CacheBleed
If you think this is not shocking enough, let's look at it. Another serious vulnerability affecting OpenSSL was released by a team called CacheBleed. The cacahebleed project aims to achieve information leakage through high-speed cache in Intel processors, is a side attack ". This vulnerability is mainly affected by "common loads that do not trust each other in cloud services...", which can be mitigated by disabling CPU hyper-threading. At present, the Team believes that at least all Intel Sandy Bridge series Processors are affected, and earlier architectures such as Nehalem and Core 2 may be affected. Currently, this attack cannot break the Intel HasWell series.
Summary
System administrators who use OpenBSD OpenSSL-based branches, called LibreSSL, can breathe a sigh of relief because DROWN has not cracked this version. However, it is certain that, if attackers obtain local access, CacheBleed will give you a chance.
Because DROWN is intended for the use of SSL, it cannot only affect OpenSSL. Therefore, system administrators running Windows IIS should not take it lightly, it is necessary to review your service configuration options.
Major SSL Vulnerability Affects OpenSSL and HTTPS server traffic
This article permanently updates the link address: