Two Key Steps to Stop DROWN…
- Mar 01, 2016
- Guest Author
The information security industry is buzzing about the newest threat, DROWN. According to Drown Attack, “[it] is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS.”* The vulnerability affecting 1/3 of all HTTPS servers allows hackers to access passwords, financial data, credit card numbers, emails & trade secrets. How severe is this threat? Who is the most vulnerable? How much damage could it cause? And most importantly, how can you protect yourself? NopSec’s CTO, Michelangelo Sidagni has two key tips for you to start taking steps in avoiding a security threat caused by DROWN.
1. The DROWN attack is based on a TLS vulnerability labelled with CVE CVE-2016-0800.
The attack is based on a cross-protocol vulnerability that could lead to the decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. The vulnerability is marked as High severity. The traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT-grade ciphers (even with a different protocol such as SMTP, IMAP, etc) shares the RSA keys of the non-vulnerable server.
2. This threat is highly severe because it goes to undermine the confidentiality of communication based on TLS/SSL encrypted protocols, such HTTPS which highly used in e-commerce websites.
A successful DROWN attack allows to recover the TLS/SSL session keys used to encrypt the communication, thus losing the communication confidentiality and integrity. Recovering one session key requires the attacker to perform approximately 2^50 computation, as well as thousands of connections to the affected server. A more efficient variant of the DOWN attack exists against unpatched OpenSSL servers.
Users can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS servers (including HTTP, IMAP, POP and SMTP servers), if they’ve not done so already. Disabling all SSLv2 ciphers is also sufficient, provided the patches for CVE-2015-3197 have been deployed. Servers that have not disabled the SSLv2 protocol, and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2 ciphers are nominally disabled, because malicious clients can force the use of SSLv2 with EXPORT ciphers.
The most vulnerable and common library – OpenSSL – in its version 1.0.2g are 1.0.1s disable SSLv2 by default at built-time and it is used as a mitigation strategy. This is the last High risk vulnerability in the string of those related to flaws in SSLv2 implementation and weak export-grade ciphers suites.
Putting DROWN high up on your threat priority list and taking steps for immediate remediation (Read: Patch Now!) is your best bet. DROWN is not the first attack of its kind, and will not be the last. There will always be threats, and the best thing security professionals can do is to identify these threats, prioritize them, and remediate ASAP. Unified VRM is a cloud-based SaaS that does just that. To find out more.