<div dir="ltr"><div>He's referring to this post from AGL -- <a href="https://www.imperialviolet.org/2014/12/08/poodleagain.html">https://www.imperialviolet.org/2014/12/08/poodleagain.html</a><br><br></div>~reed<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Dec 8, 2014 at 1:28 PM, L. Aaron Kaplan <span dir="ltr"><<a href="mailto:kaplan@cert.at" target="_blank">kaplan@cert.at</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
Ivan just posted something interesting.<br>
<br>
Begin forwarded message:<br>
<br>
> From: Ivan Ristic <<a href="mailto:ivanr@webkreator.com">ivanr@webkreator.com</a>><br>
> Subject: [Bulletproof TLS] New POODLE attack on TLS discovered<br>
> Date: December 8, 2014 10:20:14 PM GMT+01:00<br>
><br>
> Dear Aaron Kaplan,<br>
><br>
> There's a new SSL/TLS problem being announced today and it's likely to<br>
> affect some of the most popular web sites in the world, owing largely<br>
> to the popularity of F5 load balancers and the fact that these devices<br>
> are impacted. There are other devices known to be affected, and it's<br>
> possible that the same flaw is present in some SSL/TLS stacks. We will<br>
> learn more in the following days.<br>
><br>
> If you want to stop reading here, take these steps: 1) check your web<br>
> site using the SSL Labs test [1]; 2) if vulnerable, apply the patch<br>
> provided by your vendor. As problems go, this one should be easy to fix.<br>
><br>
> [1] SSL Labs Server Test<br>
> <a href="https://www.ssllabs.com/ssltest/" target="_blank">https://www.ssllabs.com/ssltest/</a><br>
><br>
> ------------------------------------------------------------------------<br>
><br>
> Bulletproof TLS is a periodic newsletter providing the latest news,<br>
> summaries and commentaries on SSL/TLS and Internet PKI. It's designed as<br>
> a complementary service to our book Bulletproof SSL and TLS:<br>
><br>
> <a href="https://www.feistyduck.com/books/bulletproof-ssl-and-tls/" target="_blank">https://www.feistyduck.com/books/bulletproof-ssl-and-tls/</a><br>
><br>
> ------------------------------------------------------------------------<br>
><br>
> Today's announcement is actually about the POODLE attack (disclosed two<br>
> months ago, in October) repurposed to attack TLS. If you recall, SSL 3<br>
> doesn't require its padding to be in any particular format (except for<br>
> the last byte, the length), opening itself to attacks by active network<br>
> attackers. However, even though TLS is very strict about how its padding<br>
> is formatted, it turns out that some TLS implementations omit to check<br>
> the padding structure after decryption. Such implementations are<br>
> vulnerable to the POODLE attack even with TLS.<br>
><br>
> The impact of this problem is similar to that of POODLE, with the attack<br>
> being slightly easier to <a href="http://execute.no" target="_blank">execute.no</a> need to downgrade modern clients<br>
> down to SSL 3 first, TLS 1.2 will do just fine. The main target are<br>
> browsers, because the attacker must inject malicious JavaScript to<br>
> initiate the attack. A successful attack will use about 256 requests to<br>
> uncover one cookie character, or only 4096 requests for a 16-character<br>
> cookie. This makes the attack quite practical.<br>
><br>
> According to our most recent SSL Pulse scan (which hasn't been published<br>
> yet), about 10% of the servers are vulnerable to the POODLE attack<br>
> against TLS.<br>
><br>
> I'll keep my blog post updated as new information is available:<br>
><br>
> <a href="http://blog.ivanristic.com/2014/12/poodle-bites-tls.html" target="_blank">http://blog.ivanristic.com/2014/12/poodle-bites-tls.html</a><br>
><br>
<br>
---<br>
// L. Aaron Kaplan <<a href="mailto:kaplan@cert.at">kaplan@cert.at</a>> - T: <a href="tel:%2B43%201%205056416%2078" value="+431505641678">+43 1 5056416 78</a><br>
// CERT Austria - <a href="http://www.cert.at/" target="_blank">http://www.cert.at/</a><br>
// Eine Initiative der <a href="http://nic.at" target="_blank">nic.at</a> GmbH - <a href="http://www.nic.at/" target="_blank">http://www.nic.at/</a><br>
// Firmenbuchnummer 172568b, LG Salzburg<br>
<br>
<br>
<br>
<br>
<br>_______________________________________________<br>
Ach mailing list<br>
<a href="mailto:Ach@lists.cert.at">Ach@lists.cert.at</a><br>
<a href="http://lists.cert.at/cgi-bin/mailman/listinfo/ach" target="_blank">http://lists.cert.at/cgi-bin/mailman/listinfo/ach</a><br>
<br></blockquote></div><br></div>