The “New” SSL Vulnerability
New vulnerabilities in operating systems and applications are being discovered at an ever increasing rate. Some are serious, whereas others are not, but a discovery of an extremely serious vulnerability, such as one that can cause unauthorized remote and privileged access to a myriad of hosts, is not all that frequent. A new vulnerability in the secure sockets layer (SSL) protocol that was announced last week is notably contrary to this trend.
The new SSL vulnerability can be exploited through a man-in-the-middle (MITH) attack despite that fact that a host and application are secure and that information transmitted between a client and a server is encrypted. Servers such as Web servers, mail servers, databases, and others in shared hosting environments are the target. All the attacker must do to exploit this vulnerability is to insert text into traffic going between a client and a server when the session is being renegotiated (as frequently happens in SSL sessions), leading to malicious fragmentation of SSL transactions (explained shortly). Positioned as a MITH between the client and server, perpetrators can inject malicious commands of their choice into the traffic going between them. SSL 3.0 and higher and all versions of the transport layer security protocol (TLS), a follow-on version of SSL that is backward compatible with SSL, are affected.
Fragmentation in SSL is a normal and important part of sending and receiving data. It involves breaking the data into discrete blocks for management purposes The data can (optionally) next be compressed (if SSL is so configured), and then a message authentication code (MAC) is applied for the sake of data integrity. Afterwards the data are encrypted, a header is attached, and finally the data are sent in a TCP segment. When the data reach the destination host they are decrypted, checked for integrity, decompressed, and reassembled, and finally sent to the client or server.
This SSL vulnerability is extremely serious because if affects just about every browser. Consequently, nearly every computer in the world is vulnerable. Browser vendors are working frantically to produce a patch or workaround for this vulnerability.
I put the word “new” in the title of this posting in quotes because this vulnerability is really anything but new. Various sources indicate that the black hat community has known about it for at least one year. Part of the white hat community, including the ICASI and IETF organizations, has been aware of it for at least two months. These organizations launched a project named Project Mogul to develop a solution. Although they agreed to keep quiet about it, last week one member of this project posted information about it on his blog site. The media quickly found this posting and disseminated the information it contained.
Understandably, the information security community has a very serious concern about the potential for widespread exploitation of this vulnerability. Despite banks and other organizations having fixed all known vulnerabilities, they have been falling victim to mysterious attacks designed to steal financial and other data. I strongly suspect perpetrators have been widely exploiting this “new” vulnerability in these attacks. And given that many organizations will not install patches and workarounds that will in time be available for browsers, attacks of this nature are bound to successfully continue for a long time.
The moral of this story is not very comforting. You can do all the right things for security, but nevertheless fall victim to attacks because of vulnerabilities of which nobody in the white hat community is aware. Clearly, the bad guys have the upper hand. All we really can do is to do the best we can and then hope.