Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Patch & workaround for SSLv3 Poodle vulnerability

Posted on 2014-10-17
Medium Priority
Last Modified: 2014-10-21
I refer to the vulnerability described below:
·         http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566
·         https://www.openssl.org/~bodo/ssl-poodle.pdf
·         http://googleonlinesecurity.blogspot.sg/2014/10/this-poodle-bites-exploiting-ssl-30.html
·         http://en.wikipedia.org/wiki/Padding_oracle_attack
·         http://mashable.com/2014/10/14/google-design-vulnerability-ssl-3-0/
·         http://thenextweb.com/google/2014/10/15/web-encryption-vulnerability-opens-encrypted-data-hackers/

Can I disable SSLv3 in browser & web servers (IIS & Apache) using method/command given in
EE link below & if so pls provide the exact steps/commands:

I recall for Heartbleed vulnerability, MS came up with workarounds (in IE & some registry) & a couple
of weeks later, released a patch for it.  Is there similar registry workaround (perhaps this was asked
in Q1 above) & will MS be releasing a patch for it?

Any RHEL 5.x/6.x & Solaris x86 Ver 10 patches?

If SSLv3 is disabled, how will web service work then?  I recall 1-2 years back, we can disable SSLv2
& one EE expert told me the browser will auto-detect & move on to use SSLv3 if it detects SSLv2
is disabled?  So if both SSLv2 & v3 are disabled, is there something else it will move to?

Will deploying host-based IPS (say TrendMicro) more likely to break the app/service (esp web service)
compared to disabling SSLv3 ?

Is SSLv3 with TLS1.0, TLS1.1 and TLS1.2 ciphers in F5 loadbalancer also affected by this vulnerability?

If we disable SSLv3 in F5 loadbalancer, what's the other alternative the F5 will use?  Assume we
rule out SSLv2 will be used.
Question by:sunhux
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +1
LVL 58

Assisted Solution

Gary earned 900 total points
ID: 40387681
The web runs on multiple versions and v3 is hardly used to start with, disabling v3 should have no effect
See here for how to disable or force the safe versions - depends on your server
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 240 total points
ID: 40387696
If you would read the articles you posted, you would see that SSL has been replaced by TLS.  The Google article notes that SSLv3 is about 18 years old at this point.  For many servers, the Update Manager will provide a package update for OpenSSL like my Ubuntu machines received last night.  One of my hosting companies also apparently did an update last night because my SSL connection doesn't work there anymore.!
LVL 58

Expert Comment

ID: 40387705
I was under the impression there is no fix, the linux updates that are happening are more a disabling of it as fallback protocol - and you should manually disable it yourself on all devices that may use it
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

LVL 58

Assisted Solution

Gary earned 900 total points
ID: 40387713
Yep, on Centos with the update applied and the protocol not specified on nGinx it can still use v3 as a fallback

I'll rescind my previous comment a bit, it prevents a TLS fallback to SSL
LVL 64

Assisted Solution

btan earned 860 total points
ID: 40387816
1. In IIS, disable in IIS via

Verify that no SSL 2.0 or SSL 3.0 ciphers are available at ServerSniff.net or the Public SSL Server Database

Disable SSLv2 and SSLv3 in your ssh apache configuration by setting:
SSLProtocol all -SSLv2 -SSLv3 Or use SSLProtocol TLSv1 TLSv1.1 TLSv1.2
Note to also set  Also use "apachectl configtest" to test your configuration and "sudo service apache restart" to Restart server

Allow support only for TLS in Nginx with the following:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Remove SSLv3 support from MySQL you need only ensure that none of the SSLv3 ciphers are in use wihtin your configuration.
As per information in this bug you can find a list of SSLv3 ciphers by simply
openssl ciphers -v 'DEFAULT' | awk '/SSLv3 Kx=(RSA|DH|DH(512))/ { print $1 }'

2. There is no "patch". It's a vulnerability in the protocol, not a bug in the implementation.
Internet Explorer users can follow the steps in Security Advisory 3009008 to disable SSL 3.0. Unlike Heartbleed, the attacker needs to have access to the network between the client and server to interfere with the handshake process.

For RHEL and Solaris, there is also a script (poodle_protector) can be found on GitHub:

The security advisory from OpenSSL.org recommended the usage of TLS_FALLBACK_SCSV mechanism to web servers, to ensure that SSL 3.0 is used only when necessary (when a legacy implementation is involved). This way, attackers can no longer force a protocol downgrade.

3.  After applying the workarounds above, Internet Explorer will fail to connect to Web servers that only support SSL up to 3.0 and don’t support TLS 1.0, TLS 1.1, and TLS 1.2.

As long as a client and service both support SSLv3, a connection can
be 'rolled back' to SSLv3, even if TLSv1 or newer is supported by the
client and service. The TLS Fallback SCSV mechanism prevents 'version rollback' attacks without impacting legacy clients however, it can only protect connections when the client and service support the mechanism. Sites that cannot disable SSLv3 immediately should enable this mechanism.

This is a vulnerability in the SSLv3 specification, not in any
particular SSL implementation. Disabling SSLv3 is the only way to
completely mitigate the vulnerability.

For (1), (2) and (3), can catch how to disable SSL 3 in various servers and browsers, head to blog post.

4. It is just another of check and can be doubled edged as in the HIPS is also another s/w piece that can be flawed and needed to patch. At least if there is a patch for OS, you are at baseline covered but appl wise you needed, more proactive checks which HIPS comes in too in case patch is still pending for appls.
Of course the HIPS must be first mitigated the threats itself. It applies for other network device and network security devices etc. Defense in depth is recommended only if the security team is proactive and response robustly so that windows of exposure is minimise in overall effort from top down.
For info, Trend Micro Deep Security has DPI rules for POODLE vulnerability e.g. 1006293 – Detected SSLv3 Request and 1006296 – Detected SSLv3 Response

5/6.  BIG-IP response. In 11.5.0, F5 made the decision to be secure by default and disable SSLv3 ciphers by default for the traffic path. Note that by default all clientssl and serverssl profiles inherit from the base profiles. If you have changed your ciphers in any of your SSL profiles, you will have to add “!SSLv3” to those profiles' cipher lists also.
BIG-IP has a management GUI that is contacted over SSL. By default, SSLv3 ciphers are enabled on all releases. This is configurable and to remove SSLv3 from 11.5.x and 11.6.x, you can disable SSLv3 via the command console e.g. "ssl-protocol "all -SSLv2""  
Also F5 release a simple iRule to stop SSLv3 connections if you are not using the BIG-IP for SSL termination.

LVL 64

Expert Comment

ID: 40387826
I do encourage you check on the openssl vulnerability on top of the POODLE on those released in 15th October 2014 e.g. CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568

Author Comment

ID: 40388934
> The security advisory from OpenSSL.org recommended the usage of
> TLS_FALLBACK_SCSV mechanism to web servers, to ensure that SSL 3.0
> is used only when necessary (when a legacy implementation is
> involved). This way, attackers can no longer force a protocol
> downgrade.

I'm interested to know the steps on how to implement the above for
IIS & Apache.  Can share the details?

Author Comment

ID: 40388935
Oh, I forgot that Openssl is only for Apache.

So can I safely say that IIS (that uses say Netrust SSL) is not affected
by this Poodle vulnerability?
LVL 58

Assisted Solution

Gary earned 900 total points
ID: 40388979
It is affected, you need to remedy it with the methods above.

For Apache edit the ssl.conf
Look for SSLProtocol and amend it like so

SSLProtocol all -SSLv3 -SSLv2
LVL 64

Accepted Solution

btan earned 860 total points
ID: 40389484
IIS uses SSL as well, Poodle is about SSLv3 - so all services using SSLv3 is affected. The changes in Apache is stated in last posting. One means to disable for Windows Servers as a whole is as below

also note that each vendor having SSL will have already make notice such as s Entrust too.. http://www.entrust.com/lp/poodle-security-vulnerability-cve-2014-3566/

on Protocols, and in the pop-up menu, click New > Key. Name the key, SSL 3.0.
right-click on the new SSL 3.0 key that you just created, and in the pop-up menu, click New > Key. Name the key, Client.
right-click on the new SSL 3.0 key again, and in the pop-up menu, click New > Key. Name the key, Server.

under SSL 3.0, right-click on Client, and in the pop-up menu, click New > DWORD (32-bit) Value. Name the value DisabledByDefault.
under SSL 3.0, select Client and then, in the right pane, double-click the DisabledByDefault DWORD value.
Edit DWORD (32-bit) Value window, in the Value Data box change the value to 1

under SSL 3.0, right-click on Server, and in the pop-up menu, click New > DWORD (32-bit) Value. Name the value Enabled.
under SSL 3.0, select Server and then, in the right pane, double-click the Enabled DWORD value.
Edit DWORD (32-bit) Value window, in the Value Data box leave the value at 0.

Restart your Windows server

Author Comment

ID: 40389997
> The security advisory from OpenSSL.org recommended the usage of
> TLS_FALLBACK_SCSV mechanism to web servers, to ensure that SSL 3.0
> is used only when necessary (when a legacy implementation is
> involved). This way, attackers can no longer force a protocol
> downgrade.

Thanks Gary for sharing the change needed to implement the above for

Thanks Btan, are the steps you shared for IIS also implement the above or
it's just disabling SSLv2 & SSLv3 completely ie with no option to support
a legacy SSLv3?  Just wanted to reduce risk of breaking apps
LVL 58

Expert Comment

ID: 40390026
TLS has been around for 15 years, it's highly unlikely you have anything relying purely on SSL v3 but instead using TLS.
LVL 64

Assisted Solution

btan earned 860 total points
ID: 40391088
the steps is for entire windows OS  which IIS also adhered to this. it is as per below for Windows server. you can surely make sure any fronting proxy to the IIS are also patched as well to disabled sslv3. Kindly do make the prior assessment.

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
In this article, we’ll look at how to deploy ProxySQL.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question