OpenSSL Vulnerable to Man-In-The-Middle Attack and Several Other Bugs - The Hacker News
3
6/9/2014 OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs - The Hacker News http://thehackernews.com/2014/06/openssl-vulnerable-to-man-in-middle.html 1/3 e.g. Hacking Facebook OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs Thursday, June 05, 2014 Mohit Kumar Remember OpenSSL Heartbleed vulnerability ? Several weeks ago, the exposure of this security bug chilled the Internet, revealed that millions of websites were vulnerable to a flaw in the OpenSSL code which they used to encrypt their communications. Now once again the OpenSSL Foundation has issued software updates to patch six new vulnerabilities, and two of them are critical. MAN-IN-THE-MIDDLE ATTACK (CVE-2014-0224) First critical vulnerability (CVE-2014-0224) in OpenSSL is " CCS Injection" - resides in ChangeCipherSpec (CCS) request sent during the handshake that could allow an attacker to perform a man-in-the-middle attack against the encrypted connection servers and clients. By exploiting this vulnerability an attacker could intercept an encrypted connection which allows him to decrypt, read or manipulate the data. But the reported flaw is exploitable only if both server and client are vulnerable to this issue. According to the OpenSSL advisory , " An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers." All versions of OpenSSL are vulnerable on the client side. Only 1.0.1 and above are currently known to be vulnerable on the server side. SSL VPN (virtual private network ) products are believed to be especially vulnerable to this flaw. Popular Stories Linux Kernel Vulnerable to Privilege Escalation and DoS Attack OpenSSL Vulnerable to Man-in- the-Middle Attack and Several Other Bugs Google offers Chrome Extension for End-To-End Gmail Encryption Cryptowall Ransomware Spreading Rapidly through Malicious Advertisements iOS 8 Safari Browser Can Read Your Credit Card Details Using Device Camera Join 'Reset The Net' Global Movement to Shut Off NSA Surveillance New Ransomware Malware takes +1,211,785 140,100 268,300 1.2M Follow 273k Like Stop DNS Attacks for ISPs nominum.com/stop-amplification DNS Amplification Attacks Demand New Prevention Tools For Protection 201 1k Like 1336 572 4 Reddit 11 2214 Hacking News Malwares Cyber Attack Vulnerabilities Hacking Groups Spying
-
Upload
adnan-hashmi -
Category
Documents
-
view
38 -
download
2
Transcript of OpenSSL Vulnerable to Man-In-The-Middle Attack and Several Other Bugs - The Hacker News
-
6/9/2014 OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs - The Hacker News
http://thehackernews.com/2014/06/openssl-vulnerable-to-man-in-middle.html 1/3
e.g. Hacking Facebook
OpenSSL Vulnerable to Man-in-the-Middle Attack andSeveral Other Bugs
Thursday, June 05, 2014 Mohit Kumar
Remember OpenSSL Heartbleed vulnerability? Several weeks ago, the exposure of this security bug chilled the
Internet, revealed that millions of websites were vulnerable to a flaw in the OpenSSL code which they used to encrypt theircommunications.
Now once again the OpenSSL Foundation has issued software updates to patch six new vulnerabilities, and two of them
are critical.
MAN-IN-THE-MIDDLE ATTACK (CVE-2014-0224)
First critical vulnerability (CVE-2014-0224) in OpenSSL is "CCS Injection" - resides in ChangeCipherSpec (CCS)
request sent during the handshake that could allow an attacker to perform a man-in-the-middle attack against theencrypted connection servers and clients.
By exploiting this vulnerability an attacker could intercept an encrypted connection which allows him to decrypt, read ormanipulate the data. But the reported flaw is exploitable only if both server and client are vulnerable to this issue.
According to the OpenSSL advisory, "An attacker using a carefully crafted handshake can force the use of weakkeying material in OpenSSL SSL/TLS clients and servers." All versions of OpenSSL are vulnerable on the client side.
Only 1.0.1 and above are currently known to be vulnerable on the server side. SSL VPN (virtual private network)
products are believed to be especially vulnerable to this flaw.
Popular Stories
Linux Kernel Vulnerable to
Privilege Escalation and DoS
Attack
OpenSSL Vulnerable to Man-in-
the-Middle Attack and Several
Other Bugs
Google offers Chrome Extension
for End-To-End Gmail Encryption
Cryptowall Ransomware
Spreading Rapidly through
Malicious Advertisements
iOS 8 Safari Browser Can Read
Your Credit Card Details Using
Device Camera
Join 'Reset The Net' Global
Movement to Shut Off NSA
Surveillance
New Ransomware Malware takes
+1,211,785 140,100 268,300
1.2M Follow 273kLike
Stop DNS Attacks for ISPsnominum.com/stop-amplification
DNS Amplification Attacks Demand New Prevention Tools For Protection
201 1kLike 1336 572 4Reddit 11 2214
Hacking News Malwares Cyber Attack Vulnerabilit ies Hacking Groups Spying
-
6/9/2014 OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs - The Hacker News
http://thehackernews.com/2014/06/openssl-vulnerable-to-man-in-middle.html 2/3
Join Our Security Newsletter
OpenSSL CCS Injection vulnerability is discovered by a Japanese security researcher, Masashi Kikuchi from Lepidum
security firm. According to him this bug was existed since the very first release of OpenSSL. RedHat also posted a detailed
explanation about this bug on their security blog.
DTLS invalid fragment vulnerability (CVE-2014-0195): Sending invalid DTLS fragments to a OpenSSL DTLS client
or server can lead to a buffer overrun attack. A potential hacker could exploit this flaw to run arbitrary code on a
vulnerable client or server. This vulnerability also marked as critical bug.
DTLS recursion flaw (CVE-2014-0221): A remote attacker can send an invalid DTLS (Datagram Transport Layer
Security) handshake to an OpenSSL DTLS client, which will force the code to recurse eventually crashing in a DoS attack.This attack is limited to the applications using OpenSSL as a DTLS client.
DTLS mainly used in VOIP and other communication related applications like Cisco Systems AnyConnect VPN Client.
Chrome and Firefox web browser also support DTLS for WebRTC (Web Real-Time Communication) for P2P filesharing and Voice/Video Chats.
Other important OpenSSL vulnerabilities are:
SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198), allows remote attackersto cause a denial of service via a NULL pointer dereference.
SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298), allows remoteattackers to inject data across sessions or cause a denial of service.
Anonymous ECDH denial of service (CVE-2014-3470), OpenSSL TLS clients enabling anonymous ECDH(Elliptic Curve Diffie Hellman) ciphersuites are subject to a denial of service attack.
But the good news is that these vulnerabilities are not as critical as Heartbleed bug. The patched versions 0.9.8za, 1.0.0mand 1.0.1h are available on the project website to download and The OpenSSL Foundation is urging companies to update
their implementation as soon as possible.
Follow 'Mohit Kumar' on Google+, Twitter or Facebook or Contact via Email.
CVE-2014-0224, Hacking News, Heartbleed Bug, Man-In-The-Middle, OpenSSL, Vulnerability
Email address Sign Up!
Latest Stories
iOS 8 Safari Browser Can Read Your Credit Card Details Using Device Camera
Linux Kernel Vulnerable to Privilege Escalation and DoS Attack
Cryptowall Ransomware Spreading Rapidly through MaliciousAdvertisements
Vodafone Reveals Some Governments Have Direct
Access to Their Data Centers
Microsoft to Patch Critical InternetExplorer Zero-Day Vulnerability Next
Tuesday
OpenSSL Vulnerable to
Man-in-the-Middle
Attack and SeveralOther Bugs
Comments
Advantage of Windows
PowerShell
Apple's New Swift Programming
Language for iOS And OS X
Apps. Goodbye Objective-C
First Android Ransomware that
Encrypts SD Card Files
Vodafone Reveals Some
Governments Have Direct
Access to Their Data Centers
Recommended Stories
273kLike
WordPress Cookie Flaw Lets Hackers Hijack
Your Account
730 people recommend this.
Latest Kali Linux 1.0.7 Offers Persistent
Encrypted Partition on USB Stick
12 people recommend this.
Hacking Cable TV Networks to Broadcast
Your Own Video Channel
1,587 people recommend this.
ProtonMail: 'NSA-Proof' End-to-End Encrypted
Email Service
755 people recommend this.
Developers Raise Bounty of $17,600 for First
to Root Samsung Galaxy S5
522 people recommend this.
Mozilla to Provide WebRTC-based Free
Firefox To Firefox Voice and Video Calling
feature
678 people recommend this.
iOS 8 Safari Browser Can Read Your Credit
Card Details Using Device Camera
478 people recommend this.
Facebook social plugin
-
6/9/2014 OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs - The Hacker News
http://thehackernews.com/2014/06/openssl-vulnerable-to-man-in-middle.html 3/3
Join us
The Hacker News
+ 1,215,114
Follow +1
Join Our Security Newsletter!
Enter Email address...
Submit
Mobile HackingFacebookMalwaresPrivacySurveillance
DDoS AttackAndroid HackingRansomwareCredit CardZero Day
iOS HackingEncryptionAntivirusBitcoinNSA
VulnerabilityBug BountyEspionageAnonymousCyber Attack
Categories
About | THN Magazine | The Hackers Conference | LinkedIn | Advertise on THN | Our Authors | Submit News | Privacy Policy | Contact
