POODLE And TLSv1

Home » CentOS » POODLE And TLSv1
CentOS 2 Comments

I read this on the RHN commentary respecting cve-2014-3566:

https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/:

. . . The first aspect of POODLE, the SSL 3.0 protocol vulnerability, has already been fixed through iterative protocol improvements, leading to the current TLS
version, 1.2. It is simply not possible to address this in the context of the SSL 3.0 protocol, a protocol upgrade to one of the successors is needed. Note that TLS versions before 1.1 had similar padding-related vulnerabilities, which is why we recommend to switch to TLS 1.1, at least. (SSL and TLS are still quite similar as protocols, the name change has non-technical reasons.)
. . .

If run nmap to view the ciphers on a host running apache-2.2.15 I see this:

# nmap –script ssl-enum-ciphers -p 443 inet09

Starting Nmap 6.01 ( http://nmap.org ) at 2014-10-17 12:48 EDT
Nmap scan report for for x.y.z.a Host is up (0.00034s latency). rDNS record for x.y.z.a PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| TLSv1.0
| Ciphers (5)
| TLS_RSA_WITH_AES_128_CBC_SHA – strong
| TLS_RSA_WITH_AES_256_CBC_SHA – unknown strength
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA – unknown strength
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA – unknown strength
| TLS_RSA_WITH_RC4_128_SHA – strong
| Compressors (1)
| NULL
| TLSv1.1
| Ciphers (5)
| TLS_RSA_WITH_AES_128_CBC_SHA – strong
| TLS_RSA_WITH_AES_256_CBC_SHA – unknown strength
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA – unknown strength
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA – unknown strength
| TLS_RSA_WITH_RC4_128_SHA – strong
| Compressors (1)
| NULL
| TLSv1.2
| Ciphers (9)
| TLS_RSA_WITH_AES_128_CBC_SHA – strong
| TLS_RSA_WITH_AES_128_CBC_SHA256 – strong
| TLS_RSA_WITH_AES_128_GCM_SHA256 – strong
| TLS_RSA_WITH_AES_256_CBC_SHA – unknown strength
| TLS_RSA_WITH_AES_256_CBC_SHA256 – unknown strength
| TLS_RSA_WITH_AES_256_GCM_SHA384 – unknown strength
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA – unknown strength
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA – unknown strength
| TLS_RSA_WITH_RC4_128_SHA – strong
| Compressors (1)
| NULL
|_ Least strength = unknown strength
. . .

If read the advisory aright then TLSv1.0 suffers from exactly the same flaw as SSLv3. So, how do I configure apache-2.2.15 to deny TLSv1.0 and keep service TLSv1.1+?

2 thoughts on - POODLE And TLSv1

  • The same advisory recommends to use this config for 7 and 6.6 upwards

    SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2

    I guess you could try changing that to

    SSLProtocol -All +TLSv1.1 +TLSv1.2

    Don’t know what you might break on the client side…

    – Thomas

  • Am 17.10.2014 um 19:38 schrieb Thomas Eriksson :

    if that (TLSv1.0 also vulnerable) is true then EL5 has no mitigation right now. TLSv{1.1,1.2} support is only in EL6 (>=6.5).