CVE-2014-3566: POODLE Attack Exploiting SSL 3.0 Fallback

Created:

2016-11-16 13:20:39 UTC

Modified:

2017-08-16 16:44:25 UTC

9

Was this article helpful?


Have more questions?

Submit a request

CVE-2014-3566: POODLE Attack Exploiting SSL 3.0 Fallback

Applicable to:

  • Plesk for Windows
  • Plesk for Linux

Information

A CVE-2014-3566 vulnerability in the SSLv3 protocol was identified by the Google security team . There is an additional whitepaper available from OpenSSL that also describes this vulnerability.

The following script can be used to check if a system is vulnerable. For the parameter, specify the actual server IP:

# wget https://support.plesk.com/hc/article_attachments/115004518545/poodle.zip
# unzip poodle.zip
# chmod +x poodle.sh
# for i in `echo 21 587 443 465 7081 8443 993 995 `; do /bin/sh /root/poodle.sh <IP> $i; done

Resolution

The attack described above requires an SSL 3.0 connection to be established, so disabling the SSL 3.0 protocol in the client or the server (or both) will deflect a potential attack.

Operating system (OS) vendors released the following security advisories to address several recent OpenSSL vulnerabilities:

Debian

RedHat

Ubuntu

CentOS

Please note the updates listed here do not actually fix the POODLE attack - they only use the TLS_FALLBACK_SCSV option to prevent triggering a fallback to SSLv3, and provide fixes for several other vulnerabilities.

It is strongly recommended you update the openssl package.

The best option is disabling SSLv3 support.

The following scripts can de used to disable SSLv3 for all services:

  • for Linux - Disables Apache, nginx, proftpd, courier-imap, qmail, postfix, dovecot, Plesk server engine (for versions 11.5 and later).
  • for Windows - Disables SSLv3 server-wide (WARNING: A server reboot will be required) .

See the following instructions on disabling SSLv3 for each service. The same instructions are applicable if your server has already been patched with pci_compliance_resolver .

Plesk service

As Plesk uses the same SSL engine, the sw-cp-server service should be configured to protect against the SSLv3 vulnerability.

NOTE: If Customer and Business Manager is used, see article #213367869

Plesk 11.5 and later

Edit /etc/sw-cp-server/config file. In the http section, add:

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Restart:

    # sudo service sw-cp-server restart

Plesk 11.0

Edit /usr/local/psa/admin/conf/ssl-conf.sh , adding echo 'ssl.use-sslv3 = "disable"' after the echo 'ssl.use-sslv2 = "disable"' directive. The file should look like:

    echo 'ssl.engine = "enable"'
echo 'ssl.use-sslv2 = "disable"'
echo 'ssl.use-sslv3 = "disable"'

Restart:

    # sudo service sw-cp-server restart

Plesk 9.x and 10.x

The solution for sw-cp-server backend in Plesk 10.x is to modify the list of available CIPHERS in /usr/local/psa/admin/conf/cipher.lst file to look like this, with no line breaks:

ECDHE-ECDSA-CAMELLIA256-SHA384 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-RSA-CAMELLIA256-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-DSS-CAMELLIA256-SHA DHE-DSS-AES256-GCM-SHA384 DHE-DSS-AES256-SHA256 DHE-DSS-AES256-SHA DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-ECDSA-CAMELLIA128-SHA256 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-RSA-CAMELLIA128-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA

Once the /usr/local/psa/admin/conf/cipher.lst file has been modified, restart the backend:

    sudo service sw-cp-server restart

Plesk 8.6.0 and older

Plesk 8.6 uses Apache as a backend for the control panel.

Add the following line to the /usr/local/psa/admin/conf/httpsd.conf file:

SSLProtocol All -SSLv2 -SSLv3

Then restart the control panel:

# sudo service psa restart

Apache HTTPD Server

If you are running Apache, change the Apache configuration file (listed below are the default locations):

RedHat/CentOS /etc/httpd/conf.d/ssl.conf

Debian/Ubuntu /etc/apache2/mods-available/ssl.conf

SuSE /etc/apache2/ssl-global.conf

Include or change the following line in your Apache configuration file among the other SSL directives:

SSLProtocol All -SSLv2 -SSLv3

Run the following command to change the SSL settings in the PCI Compliance template.

# mkdir -p /usr/local/psa/admin/conf/templates/custom/
# mkdir -p /usr/local/psa/admin/conf/templates/custom/server/
# cp /usr/local/psa/admin/conf/templates/pci_compliance/server/PCI_compliance.php /usr/local/psa/admin/conf/templates/custom/server/
# sed -i 's/SSLProtocol -ALL +SSLv3 +TLSv1/SSLProtocol All -SSLv2 -SSLv3/g' /usr/local/psa/admin/conf/templates/custom/server/PCI_compliance.php

Then restart the Apache webserver:

# /usr/local/psa/admin/bin/websrvmng -r

Nginx server

If you are running Nginx, include the following line in your configuration among the other SSL directives in the /etc/nginx/nginx.conf :

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Additionally, for all sites in Plesk 11.0 for Linux:

# mkdir -p /usr/local/psa/admin/conf/templates/custom/
# mkdir -p /usr/local/psa/admin/conf/templates/custom/domain/
# cp /usr/local/psa/admin/conf/templates/default/domain/nginxDomainVirtualHost.php /usr/local/psa/admin/conf/templates/custom/domain/

# sed -i 's/ssl_protocols SSLv2 SSLv3 TLSv1;/ssl_protocols TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php

For all sites in Plesk 11.5 for Linux:

# mkdir -p /usr/local/psa/admin/conf/templates/custom/
# mkdir -p /usr/local/psa/admin/conf/templates/custom/domain/
# cp /usr/local/psa/admin/conf/templates/default/nginxWebmailPartial.php /usr/local/psa/admin/conf/templates/custom/
# cp /usr/local/psa/admin/conf/templates/default/domain/nginxDomainVirtualHost.php /usr/local/psa/admin/conf/templates/custom/domain/

# sed -i 's/ssl_protocols SSLv2 SSLv3 TLSv1;/ssl_protocols TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/custom/nginxWebmailPartial.php
# sed -i 's/ssl_protocols SSLv2 SSLv3 TLSv1;/ssl_protocols TLSv1 TLSv1.1 TLSv1.2;/g' /usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php

For all sites in Plesk 12.0 for Linux:

# MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysqldump -u admin psa > psa_backup.sql
# MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysql -u admin psa
mysql> insert into misc values('disablesslv3', 'true');

Then, reconfigure Apache and Nginx:

# /usr/local/psa/admin/bin/httpdmng --reconfigure-all

Reference: Nginx documentation

Dovecot IMAP/POP3 server

Include the following line in /etc/dovecot/dovecot.conf

ssl_protocols = !SSLv2 !SSLv3

Restart the service:

    # sudo service dovecot restart

Courier IMAP

Edit the following files:

/etc/courier-imap/pop3d-ssl

/etc/courier-imap/imapd-ssl

Add or modify the TLS_PROTOCOL and TLS_CIPHER_LIST directives so they look like:

TLS_PROTOCOL=TLSv1+
TLS_CIPHER_LIST="ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"

Restart the services:

    # sudo service courier-imaps restart
# sudo service courier-pop3s restart

Postfix SMTP

For 'opportunistic SSL' (where the encryption policy is not enforced and plain is acceptable), you do not need to make any changes. Even SSLv2 is better than plain, so if you need to secure your server you should be using 'mandatory SSL' mode anyway.

If you still want to disable SSLv3 for opportunistic encryption, add/change:

smtpd_tls_protocols=!SSLv2,!SSLv3
smtp_tls_protocols=!SSLv2,!SSLv3

If 'mandatory SSL' mode is already configured, add/change the smtpd_tls_mandatory_protocols setting. Add the following string to the /etc/postfix/main.cf file:

smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3

Then restart Postfix:

# sudo service postfix restart

You can verify whether SSLv3 is disabled using the following command:

# openssl s_client -connect  localhost:465 -ssl3

If you are not vulnerable (SSLv3 is disabled), your output should look something like:

CONNECTED(00000003)
139808606107464:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1257:SSL alert number 40
139808606107464:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:

If you are vulnerable, you should see a normal connection output, including the line:

CONNECTED(00000003)
220 mail.example.com ESMTP Postfix
DONE

Qmail MTA

Create (or edit) the /var/qmail/control/tlsserverciphers file so it looks like:

EECDH+AESGCM+AES128:EECDH+AESGCM+AES256:EECDH+CHACHA20:EDH+AESGCM+AES128:EDH+AESGCM+AES256:EDH+CHACHA20:EECDH+SHA256+AES128:EECDH+SHA384+AES256:EDH+SHA256+AES128:EDH+SHA256+AES256:EECDH+SHA1+AES128:EECDH+SHA1+AES256:EDH+SHA1+AES128:EDH+SHA1+AES256:EECDH+HIGH:EDH+HIGH:AESGCM+AES128:AESGCM+AES256:CHACHA20:SHA256+AES128:SHA256+AES256:SHA1+AES128:SHA1+AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!KRB5:!aECDH:!EDH+3DES

Note: disabling SSLv3 cipher makes it impossibile to use 465 (TLS) in Thunderbird. TLSv1.2 support will be only available

ProFTPD server

Create and edit the /etc/proftpd.d/60-nosslv3.conf file by adding the following lines:

<IfModule mod_tls.c>
TLSProtocol TLSv1
TLSCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
</IfModule>

Then make sure the created configuration file is included in proftpd configuration. If missed, add to /etc/proftpd.conf the following line:

Include /etc/proftpd.d/*.conf

Then restart the service daemon:

# service xinetd restart

Microsoft Internet Information Services

There is an official Microsoft Knowledgebase article about disabling particular protocols in IIS: How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services

Microsoft Windows Server stores information about different security-enhanced channel protocols that Windows Server supports. This information is stored in the registry key.

  1. Click Start, click Run, type regedt32 or regedit , then click OK.

  2. In Registry Editor, locate the following registry key:

    HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server
  3. On the Edit menu, click Add Value.

  4. In the Data Type list, click DWORD .

  5. In the Value Name box, type Enabled then click OK.

    Note: If this value is present, double-click to edit it.

  6. Type 00000000 in Binary Editor to set the value of the new key equal to "0".

  7. Click OK. Restart the computer.

Attachments:

Have more questions? Submit a request
Please sign in to leave a comment.