Cisco Cisco Email Security Appliance X1070 Fehlerbehebungsanleitung
SSL Version 3.0 Vulnerability CVE−2014−3566 on
ESA
ESA
Document ID: 118620
Contributed by Enrico Werner, Cisco TAC Engineer.
Nov 24, 2014
Nov 24, 2014
Contents
Introduction
Problem
Solution
Related Information
Problem
Solution
Related Information
Introduction
This document describes the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack on the
Cisco Email Security Appliance (ESA).
Cisco Email Security Appliance (ESA).
Problem
Secure Sockets Layer (SSL) Version 3.0 (RFC−6101) is an obsolete and insecure protocol. While for most
practical purposes, it has been replaced by its successors − Transport Layer Security (TLS) Version 1.0
(RFC−2246), TLS Version 1.1 (RFC−4346), and TLS Version 1.2 (RFC−5246) − many TLS implementations
remain backwards-compatible with SSL Version 3.0 in order to interoperate with legacy systems in the
interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation,
so normally the latest protocol version common to the client and the server is used. However, even if a client
and server both support a version of TLS, the security level offered by SSL Version 3.0 is still relevant since
many clients implement a protocol downgrade dance in order to work around server-side interoperability
bugs.
practical purposes, it has been replaced by its successors − Transport Layer Security (TLS) Version 1.0
(RFC−2246), TLS Version 1.1 (RFC−4346), and TLS Version 1.2 (RFC−5246) − many TLS implementations
remain backwards-compatible with SSL Version 3.0 in order to interoperate with legacy systems in the
interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation,
so normally the latest protocol version common to the client and the server is used. However, even if a client
and server both support a version of TLS, the security level offered by SSL Version 3.0 is still relevant since
many clients implement a protocol downgrade dance in order to work around server-side interoperability
bugs.
Attackers can exploit the downgrade dance and break the cryptographic security of SSL Version 3.0. The
POODLE attack allows them, for example, to steal ?secure? HTTP cookies (or other bearer tokens such as
HTTP Authorization header contents).
POODLE attack allows them, for example, to steal ?secure? HTTP cookies (or other bearer tokens such as
HTTP Authorization header contents).
This vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) ID CVE−2014−3566.
Solution
Here is a list of relevant bugs:
Cisco bug ID CSCur27131 − SSL Version 3.0 POODLE Attack on the ESA (CVE−2014−3566)
•
Cisco bug ID CSCur27153 − SSL Version 3.0 POODLE Attack on the Cisco Security Management
Appliance (CVE−2014−3566)
Appliance (CVE−2014−3566)
•
Cisco bug ID CSCur27189 − SSL Version 3.0 POODLE Attack on the Cisco Web Security
Appliance (CVE−2014−3566)
Appliance (CVE−2014−3566)
•