Dealing with the POODLE SSLv3 vulnerability / safecomputing.umich.edu

Thursday, October 23, 2014

October 23, 2014, update:

IIA continues to monitor the POODLE SSLv3 vulnerability situation and is not aware of any widespread exploitation of this vulnerability. ITS enterprise systems are being reviewed and mitigated in a deliberate manner to avoid potential negative impact on service availability.

Initially, attackers will most likely target users of unencrypted wireless networks. Individuals should use secure wireless networks such as MWireless. The U-M VPN also provides a secure Internet connection if use of unencrypted wireless, such as MGuest or a hotel network, is necessary.

It is important to note that not all services that support SSLv3 are vulnerable to the POODLE attack. Services that use non-CBC mode ciphers for SSLv3 cannot be exploited in that manner.

October 15, 2014

This information is intended for U-M IT staff who are responsible for maintaining and running university servers.

Background

Google researchers have announced discovery of a vulnerability, which is being called POODLE, in SSLv3. SSL (Secure Sockets Layer) is a protocol for encrypting information over the Internet. Version 3 of SSL is 15 years old, but it is still used by some older web browsers when connecting to web pages.

Threats

As of 4:00 p.m., October 15,2014, IIA is not aware of any active exploitation of this vulnerability.

Recommendations

IIA recommends that U-M units:

See if SSLv3 or other insecure protocols are enabled. Use the http://ssllabs.com service to check the SSL configuration on unit servers.
Disable SSLv3 and any other insecure protocols. Consider using this guidance provided by SANS: POODLE: Turning off SSLv3 for various servers and client.
NOTE: Please be aware of the potential negative impact of these actions. For a web server, disabling SSLv3 may cause older web browsers, such as IE6 on Windows XP, to be incompatible with the web server.
Test any changes before implementing them in a production environment.

Next Steps

IIA is continuing to evaluate the threat to U-M systems and data and may share additional recommendations as a result of this analysis.

References

See these resources for more information about the SSLv3 vulnerability:

This POODLE bites: exploiting the SSL 3.0 fallback (Google Online Security Blog)
Google discloses Web encryption vulnerability (CNBC)
The POODLE Attack and the End of SSL 3.0 (Mozilla Security Blog)
SSL broken, again, in POODLE attack (ars technica)
ImperialViolet - POODLE attacks on SSLv3
Attack of the week: POODLE (Blog: A Few Thoughts on Cryptographic Engineering)
SSLv3 Support Disabled By Default Due to POODLE Vulnerability (CloudFlare)
Microsoft Security Advisory 3009008 (Microsoft Security TechCenter)
POODLE: Turning off SSLv3 for various servers and client (SANS)