POODLE: SSLv3 bug summary
Wednesday, October 15th, 2014
Yet Another SSL bug: This time a problem with SSLv3.
Most browsers and web servers support SSLv3. Many don't use it by default; instead opting for higher versions of SSL such as TLS v1.0+. The problem is that attackers can force a downgrade of the negotiated protocol, which will result in the SSLv3 protocol being used to communicate.
No real fixes are available and vendors will probably not be sending out updates to fix this issue. The recommended method of mitigation is to disable SSLv3 on your servers and your browsers. SSLv3 is old and only the following browsers can't work with anything better:
- Internet Explorer up to (and including) v6
- Opera v1 t/m 4 (current version is 12)
Other browsers (Firefox, Chrome, etc) have supported TLSv1.0+ from their first release.
To test if you're vulnerable:
openssl s_client -connect HOSTNAME:443 -ssl3
If you do NOT get a message saying something like "ssl handshake failure", your server is vulnerable.
A quick test (which I do not garantuee to be correct) is:
openssl s_client -connect 127.0.0.1:443 -ssl3 2>/dev/null | grep "Server certificate"
If this returns "Server certificate", you're vulnerable.
To fix this for Apache, edit your SSL module configuration (
/etc/apache2/mods-enabled/ssl.conf on Debian-derived systems) and add "
-SSLv3" to your protocols to disable SSLv3:
SSLProtocol all -SSLv2 -SSLv3
This disabled SSLv2 and 3, which are both broken. It also means users with Internet Explorer 5 or 6 won't be able to reach your secure website anymore.