Last Tuesday, my Daily Security Byte video covered a new vulnerability that affected certain implementations of SSL; specifically ones that still use RSA’s export cipher suite (RSA_EXPORT).
Back in the day (1992 – 2000), the United States of America restricted the export of strong encryption to certain countries for political reasons. That meant encryption products, such as OpenSSL, had to ship with weaker “export” cipher suites, which were presumably easier for the US government to crack. With modern increases in processing power and the discovery of new cryptographic flaws, this export cipher suite is especially weak today, and easily cracked
This week, a French research team disclosed that many SSL implementations still ship with this weak RSA_EXPORT cipher suite. They warned that man-in-the-middle attackers can force vulnerable SSL clients and server into using this cipher, making it much easier for attackers to crack your encryption and read your decrypted SSL communications. At the original release time, the researcher stated this issue primarily affected Apple iOS and OS X, Google Android, and products that used older versions of OpenSSL. However, later in the week Microsoft warned that Windows was also vulnerability to this SSL flaw (I covered that in today’s video).
Though this flaw sounds bad, it only poses a medium to low risk. In order to exploit it, an attacker needs to be able to intercept your network traffic. While this might be relatively easy to do on public wireless networks, its more difficult to pull off on wired networks. Nonetheless, you still want to fix the flaw as soon as you can. If you use OpenSSL, make sure you’re running the latest versions (which don’t ship with the bad cipher). Apple, Google, and Microsoft all plan on releasing updates soon, but in some cases you can disable the vulnerable cipher suite in your SSL implementation. For instance, Microsoft describes how to use Group Policy to disable this cipher suite in the Workaround section of their advisory.
What about my WatchGuard products?
You may be wondering if your WatchGuard products are affected. The good news is most of our products are not vulnerable to this issue, with the exception on our SSL VPN appliances. Here’s the run down:
- XTM appliances: Not Vulnerable (even E-Series products are not affected)
- XCS appliances: Not Vulnerable
- Wireless Access Points: Not Vulnerable
- WatchGuard Dimension: Not Vulnerable
- SSL VPN Appliances: Vulnerable
We will release an update for SSL VPN appliances in the future, and I’ll update this post when we do. In the meantime, the only way you expose this flaw is through its administrative user interface (UI). If you don’t expose the admin UI externally, Internet-based attackers cannot exploit this flaw against you. — Corey Nachreiner, CISSP (@SecAdept)