POODLE SSL Vulnerability Now Attacking TLS Security Protocol


POODLE, a critical SSL flaw discovered in October that was patched and fixed by webmasters around the world after Google alerted software and hardware vendors, has again made its way and this time the vulnerability affects implementations of the newer Transport Layer Security (TLS) protocol.

Yes, the serious POODLE vulnerability that affected the most widely used web encryption standard Secure Sockets Layer (SSL) 3.0 has once again returned and is likely to affect some of the most popular web sites in the world — including those owned or operated by Bank of America, the US Department of Veteran’s Affairs, and Accenture.

POODLE (Padding Oracle On Downgraded Legacy Encryption) flaw, disclosed two months ago by Google security team, allowed attackers to perform Man-in-the-Middle (MitM) attack in order to intercept traffic between a user’s browser and an HTTPS website to decrypt sensitive information, like the user’s authentication cookies.

Now, the dangerous flaw has turned out to some versions of TLS — the seemingly secure successor of SSL. The new vulnerability (CVE-2014-8730) affects TLS version 1.2 which fails to handle padding, which was the target of POODLE. Researchers at security firm Qualys says, “some TLS implementations omit to check the padding structure after decryption.”

The impact of this problem is similar to that of POODLE, with the attack being slightly easier to execute–no need to downgrade modern clients down to SSL 3 first, TLS 1.2 will do just fine,” Ivan Ristic, Qualys’s director of application security research, wrote in a blog post titled POODLE bites TLS.

The main target are browsers, because the attacker must inject malicious JavaScript to initiate the attack. A successful attack will use about 256 requests to uncover one cookie character, or only 4096 requests for a 16-character cookie. This makes the attack quite practical.

Qualys has provided a free test, SSL Server Test, that showed some of the Internet’s leading websites including Bank of America, VMware, the US Department of Veteran’s Affairs, and business consultancy Accenture, are affected by the bug. The vulnerability is very serious as the most recent SSL Pulse scan showed that about 10 percent of the servers are vulnerable to the POODLE attack through TLS.

Till now, load balancers and similar devices which are used to handle the TLS connections sold by two different manufacturers, F5 Networks and A10 Networks, are found vulnerable to the attack. Basically, the recent versions of TLS calls for the encryption padding to be closely checked for Oracle attacks, which was skipped by both the companies during implementation, which makes them vulnerable to POODLE attacks.

F5 Networks agrees that their F5 kit is vulnerable to the attack, and believes that A10 should also be releasing updates for patches in coming hours. “Everything less than TLS 1.2 with an AEAD cipher suite is broken“, Google’s Adam Langley notes. “I’m not completely sure that I’ve found every affected vendor but, now that this issue is public, any other affected products should quickly come to light.

Website administrators who want to check if their servers or load balancers used in front of their servers are vulnerable to this newly discovered POODLE attack through TLS can use the Qualys SSLLabs server test, which has been updated on its website in order to detect the problem.