Just two months after the Heartbleed Bug scare, the open-source group for OpenSSL today warned of a new set of vulnerabilities discovered in the protocol that could let an attacker carry out man-in-the-middle and buffer-overflows attacks or otherwise compromise data integrity.
Some security experts said these new vulnerabilities shouldn’t be discounted but don’t appear as serious as Heartbleed.
The OpenSSL Group today detailed a half dozen basic problems that require patching in various versions of OpenSSL-based servers and clients that use the protocol for encryption. The SANS Institute, in a webcast by director Johannes Ullrich in the SANS division known as the Internet Storm Center, quickly moved to put perspective on the OpenSSL advisory to its online audience of security practitioners.
+ ALSO ON NETWORK WORLD Core Infrastructure Initiative to delve into security of OpenSSL, OpenSSH, Network Time Protocol +
“What you should tell management is this isn’t as bad as Heartbleed,” said Ullrich.
Although the new vulnerabilities in OpenSSL may not necessarily need to be patched today, they should be addressed in the next few days as vendors make it known if their products are impacted, Ullrich said.
The OpenSSL advisory pointed to potential man-in-the-middle attacks related to a “DTLS recursion flaw” and “DTLS invalid fragment vulnerability,” which only impact SSL used over the sessionless protocol UDP. This only affects SSL over UDP protocols that uses DTLS, Ullrich said, which could mean some types of VPNs, VoIP, or WebRTC. Both the server and the client have to be vulnerable for an attacker to take advantage of these flaws.
Ullrich said the vulnerability that troubled him most is the buffer overflow attack possibility in the DTLS invalid fragment vulnerability, though there were no known exploits at the moment. He said more information is needed about this.
There are also two denial-of-service vulnerabilities in some versions of OpenSSL, plus another issue identified as “Anonymous ECDH DoS vulnerability” in which enabling of elliptic-curve ECDH cipherssuites are subject to a denial-of-service attack. Ullrich said Anonymous ECDH should be disabled in any event.
In summarizing how to start on addressing this new batch of OpenSSL issues, Ullrich advised security managers to take what they learned during the Heartbleed Bug episode and apply it. That means identifying what users have in terms of OpenSSL implementations to determine what software is specifically vulnerable. There should also be monitoring for server crashes. However, it’s not realistic to think about abandoning use of SSL since it’s a “critical technology” used to protect data, he said.
Ullrich noted that this time, the OpenSSL project did provide some advance notice for large ISPs and software providers about the new OpenSSL vulnerabilities so they wouldn’t be caught off guard, as happened with the Heartbleed Bug.
Some security vendors are also weighing in on the advisory.
Jean Taggart, security researcher at malwarebytes, said, “We shouldn’t be surprised that there are more flaws in the OpenSSL cryptographic library. Most notable is that the flaws discovered again do not affect the cryptographic methods used, but their implementation. The flaw is certainly less severe than Heartbleed, as a malicious actor must be in control of one of the nodes in between the intended victim and its destination, hence the man-in-the-middle references. This flaw enables forcing TLS (the transport layer security) to dumb down the encryption used to secure the flow of information to unsafe levels, where it can be decrypted, read and even possibly modified. It’s often said that security is a process, not a product. The independent code review, subsequent bug discovery and patching process is the strength of open source."