December 10, 2014 By Jaikumar Vijayan 3 min read

A previously discovered attack method that takes advantage of a design flaw in the Secure Socket Layer (SSL) encryption protocol works against certain implementations of the Transport Layer Security (TLS) protocol, as well.

Numerous websites are vulnerable to this Padding Oracle on Downgraded Legacy Encryption (POODLE) exploit. POODLE attacks allow cybercriminals to decrypt the contents of an encrypted session between a browser and a Web server under certain conditions.

No Workarounds

No workarounds are available for the TLS flaw that enables the attack, and the only way to address this issue is to install a patch for it. Network load-balancing products from F5 Networks, A10 Networks and potentially other vendors are vulnerable to the issue, Google security engineer Adam Langley said in a blog post Monday.

“Unfortunately, I found a number of major sites that had this problem,” Langley wrote. “I’m not sure that I’ve found every affected vendor, but now that this issue is public, any other affected products should quickly come to light.”

Both F5 and A10 have issued patches to address the problem highlighted by Langley.

Inherent Weakness

The original POODLE attack, developed by a trio of security researchers at Google earlier this year, basically takes advantage of an inherent weakness in the method the SSLv3 protocol uses to encrypt data blocks. The Google researchers showed how attackers could exploit the weakness to steal authentication cookies from an Internet user’s browser and use the credentials to access associated email, bank and other online accounts belonging to the user.

Though the TLS protocol replaced the SSLv3 standard long ago, many websites still support the older protocol for backward compatibility purposes. The POODLE attack showed how attackers could trick a Web server and a client browser into using the older, vulnerable SSLv3 standard, even if both sides supported more recent versions of the TLS protocol.

Security researchers have previously noted that the only way to mitigate the SSLv3 issue is to disable the backwards compatibility capability that allows products to roll back to the old protocol. Google’s Chrome browser and Mozilla’s Firefox have completely eliminated rollback to SSLv3 following the release of the POODLE report.

However, Langley said his research shows POODLE attacks are still possible against certain TLS implementations such as those found in F5 and A10’s products. The issue has to do with the manner in which the padding structure in TLS is checked in certain products.

“Even though TLS is very strict about how its padding is formatted, it turns out that some TLS implementations omit to check the padding structure after decryption,” Ivan Ristic, director of application security research at Qualys, Inc., explained in a blog post. “Such implementations are vulnerable to the POODLE attack, even with TLS.”

Major Websites Likely Affected by Attack

The new SSL/TLS issue likely affects some of the most popular websites in the world, considering the large installed base of F5 systems, Ristic said.

“The impact of this problem is similar to that of POODLE, with the attack being slightly easier to execute — no need to downgrade modern clients down to SSL 3 first; TLS 1.2 will do just fine,” he said.

Popular Web browsers are most likely going to be the main targets because the attacker must inject malicious JavaScript to initiate POODLE, he said.

In its patch release advisory, A10 said it was notified of the problem with its TLS implementation in early November. The company described the issue as one similar to the one in SSLv3, “where the padding is not defined as part of the protocol.”

Meanwhile, F5 listed all product versions that are vulnerable to POODLE attacks and urged customers to upgrade to product versions that are not vulnerable to the threat.

More from

Ransomware payouts hit all-time high, but that’s not the whole story

3 min read - Ransomware payments hit an all-time high of $1.1 billion in 2023, following a steep drop in total payouts in 2022. Some factors that may have contributed to the decline in 2022 were the Ukraine conflict, fewer victims paying ransoms and cyber group takedowns by legal authorities.In 2023, however, ransomware payouts came roaring back to set a new all-time record. During 2023, nefarious actors targeted high-profile institutions and critical infrastructure, including hospitals, schools and government agencies.Still, it’s not all roses for…

What should an AI ethics governance framework look like?

4 min read - While the race to achieve generative AI intensifies, the ethical debate surrounding the technology also continues to heat up. And the stakes keep getting higher.As per Gartner, “Organizations are responsible for ensuring that AI projects they develop, deploy or use do not have negative ethical consequences.” Meanwhile, 79% of executives say AI ethics is important to their enterprise-wide AI approach, but less than 25% have operationalized ethics governance principles.AI is also high on the list of United States government concerns.…

Hive0051 goes all in with a triple threat

13 min read - As of April 2024, IBM X-Force is tracking new waves of Russian state-sponsored Hive0051 (aka UAC-0010, Gamaredon) activity featuring new iterations of Gamma malware first observed in November 2023. These discoveries follow late October 2023 findings, detailing Hive0051's use of a novel multi-channel method of rapidly rotating C2 infrastructure (DNS Fluxing) to deliver new Gamma malware variants, facilitating more than a thousand infections in a single day. An examination of a sample of the lures associated with the ongoing activity reveals…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today