Good morning everyone! Another security vulnerability is hitting the tech (and mainstream!) press, and we want to make Fedora users get straight, simple information. This one is CVE-2014-3466, and the cute nickname of the day is “POODLE”.
Here’s the basics: SSL and TLS are standards for secure connections to Internet services. You know that little lock icon (or is it a handbag?) that means your web session is supposed to be secure? That means that some level of secure connection protocol is in use. These protocols have been improved several times over the years for better security, and some of the older versions have problems and really shouldn’t be used anymore.
For compatibility reasons, though, when a client (like your web browser) connects to a server (like https://fedoraproject.org/), they both negotiate the newest version that both sides can understand. If it happens to be something old, that’s what gets used, flaws and all. One particular old version, SSLv3, has some terrible flaws which make it easy for attackers to decrypt your supposedly-secure traffic. Normally, this is not a problem if you’re using a web browser newer than, say, ten years old — the updated, more secure protocol versions will be used. But the “POODLE” attack uses a “man in the middle” attack to confuse the negotiation, tricking the systems into using the insecure old version.
This can be mitigated by limiting the age of the protocol that servers and clients will fall back to. This may break the ability to connect to some very old services or using very old web browsers, but, arguably, those ancient systems were broken already and just plain need to be updated.
So, the bottom line is: on servers and clients, disable SSLv3 (and, of course, older). Updates to Fedora packages which make this the default will be forthcoming, but in the meantime, you can do it manually.
Red Hat is working on a security blog article explaining the steps to take for different software; we’ll link to that when it becomes available.
Update: Red Hat’s security blog now has a detailed article, POODLE – An SSL 3.0 Vulnerability (CVE-2014-3566). That includes a lot more explanation, plus links to knowledge base articles explaining how to mitigate the problem in various different applications.
If you are using Firefox, you can set the hidden configuration option
1 — or you can install the SSL Version Control addon, which sets this immediately (and gives you a user interface option to set even higher levels in the future). This is highly recommended!
If you’re running an Apache web server, add
-SSLv3 to your
SSLProtocol in the configuration and reload. By default, that’s in the file
/etc/httpd/conf.d/ssl.conf, but of course may be elsewhere depending on your local configuration.
Of course, all security flaws like this should be taken seriously, but on the “sky is falling” scale, this seems lower than the other recent big-news vulnerabilities, as it does require an active man-in-the-middle attack — an attacker can’t just probe the web for it or automatically attack a client connecting to a malicious server. (The main risk is when you’re on an untrusted network, like wifi at a cofffeeshop or at a conference.)
If you want more details, you can read the short (and moderately technical) paper published to announce this issue: This POODLE Bites: Exploiting the SSL 3.0 Fallback. (Yes, that’s the real title. I think the security researchers are a getting a bit giddy from all of the recent heartbleed and shellshock.)
More on this coming later today… stay tuned!