Home > News content

TLS 1.2 Protocol vulnerability New Zombie 'POODLE' Attack response recommendations

via:cnBeta.COM     time:2019/2/12 23:31:55     readed:531

Craig Young has named two new defects Zombie POODLE and GOLDENDOODLE (CVE). With Zombie POODLE, he can recover POODLE attacks in Citrix load balancers and fine-tune POODLE attacks on systems that have not completely eradicated obsolete encryption methods. At the same time, GOLDENDOODLE is a similar attack, but has more powerful, faster encryption hacking capabilities. Young warns that even if the vendor completely eliminates the original POODLE flaw, it may still be vulnerable to GOLDENDOODLE attacks.

Conditions for this attack:

The CBC cryptographic suite is used in the HTTPS server;

2, under attack on client and under attack[计] serveCreate a middleman channel between MITM, such as the establishment of malicious WiFi hot spots, or hijacking routers and other intermediate network equipment;

3, the attacker populates the non-encrypted access of the usewebsite To inject a malicious JavaScript into the victim's browser;

4. The malicious script constructs the specific HTTPS request encryption website, and combines the middleman bypass to listen to the encrypted data. After many requests, the Cookie and the credentials in the encrypted data can be obtained.

How to prevent and deal with it?

1. To ensure the integrity of HTTPS and prevent the introduction of unsafe outer chains (HTTP script resources, especially JavaScript scripts), which can be monitored through some SSL site security detection services (such as MySSL Enterprise Edition);

2, check the server, avoid the use of RC4 and CBC and other insecure cryptographic suites, through MySSL.com detection, find that the support encryption suite to avoid the emergence of weak passwords and the password suite containing CBC;

3. Systems involving confidential or critical business data are strengthened to monitor and inspect anomalies and to maintain compliance with HTTPS best safety practices.

Reference:https://www.darkreading.com/vulnerabilities---threats/new-zombie-poodle-attack-bred-from-tls-flaw/d/d-id/1333815

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments

Related news