We have Exchange 2013 CU5 servers in our environment on which identified CVE-2012-4929.Shall we implement the below solution
SSL/TLS Compression Algorithm Information Leakage Vulnerability SSL/TLS protocols support and optional compression algorithm. When used compression can ease data transfer significantly.
An information leakage was discovered related to compression algorithm use in SSL/TLS protocols. The attacker needs to have ability to submit any plain text to compression and encryption process and observe the output to be
able to exploit this vulnerability.
The attack works like this:
the attacker who has control over a web browser that is communicating to a web site that uses SSL/TLS can send a HTTP POST request that looks like this:
POST /login.php HTTP/1.1
Cookie: XYZ
Cookie:
The first Cookie is in the HTTP header and the second one is in the body of the request.
If compression algorithm is used it will replace the second occurrence of the string 'Cookie: ' by a reference to the first one and thus decrease the length of the string to be encrypted and eventually the output length of SSL packet. This can be observed on the network.
The attacker can then prepare another request that contains a guess as to what the first character of the cookie is. That HTTP request looks like this:
POST /login.php HTTP/1.1
Cookie: XYZ
Cookie: A
If the guess was correct then the length of the output of compression + encryption will decrease more than if the guess was incorrect.
Using this approach the attacker can verify their guesses and completely recover the value of the cookie. |
|
Solution:
Compression algorithms should be disabled. The method of disabling it varies depending on the application you're running.
If you're using a hardware device or software not listed here, you'll need to check the manual or vendor support options.
For IIS SSL Compression is referred to as HTTP compression. It can be disabled from IIS configuration->Web Site->Properties->Service (tab).HTTP Compression checkboxes need to be turned off.
For Redhat systems with Zlib Compression.
- Set the OPENSSL_NO_DEFAULT_ZLIB environment variable can be used to disable zlib compression support.
- Further details can be found under Bugzilla Redhat 857051. (https://bugzilla.redhat.com/show_bug.cgi?id=857051c5 )
For other HTTP servers please check the vendors documentation on how to disable SSL compression.
Best practices for SSL/TLS Deployment can be found at QUALYS SSL Labs. (https://www.ssllabs.com/) |
SAH