Ubuntu Security Notice USN-2515-2

Ubuntu Security Notice 2515-2 – USN-2515-1 fixed vulnerabilities in the Linux kernel. There was an unrelated regression in the use of the virtual counter (CNTVCT) on arm64 architectures. This update fixes the problem. A flaw was discovered in the Kernel Virtual Machine’s (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Various other issues were also addressed.

HP Security Bulletin HPSBST03265

HP Security Bulletin HPSBST03265 – Potential security vulnerabilities have been identified with the HP VMA SAN Gateway running OpenSSL and Bash Shell. These vulnerabilities (“Padding Oracle on Downgraded Legacy Encryption” or “POODLE”, Heartbleed, and Shellshock) could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or disclose information. Revision 1 of this advisory.

Security experts are FREAKing out: new OpenSSL vulnerability

As any good and mind blowing (for most people) vulnerability, it has a nice name – FREAK, a CVE number – CVE-2015-0204  and a dedicated website https://freakattack.com/ .

FREAK – Factoring RSA Export Keys – affects around 36% of all sites trusted by browsers and around 10% of the Alexa top one million domains, according to computer scientists at the University of Michigan.

This time, the vulnerability can allow hackers to perform a Man In The Middle(MITM)  attack on traffic routed between a device that uses the affected version of OpenSSL and many websites, by downgrading the encryption to an easy to crack 512 bits (64KB).

A connection is vulnerable if the server accepts RSA_EXPORT cipher suites and the client either offers an RSA_EXPORT suite or is using a version of OpenSSL that is vulnerable to CVE-2015-0204.

To be affected, devices must use the vulnerable version of OpenSSL. The problem is that OpenSSL is embedded sometimes in the firmware of the device like those running Apple’s iOS, Google’s Android. This makes the patching anything else than trivial. IfApple and Google will hurry up to patch their devices, not the same is going to happen with embedded devices that have the affected OpenSSL library in a firmware burned in a chip.

How is the attack happening?

If an attacker can monitor the traffic  flowing between vulnerable devices (that is, running the vulnerable OpenSSL) and websites (that use the same vulnerable OpenSSL) they could inject code which forces both sides to use 512-bit encryption, which they can then crack in a matter of hours using the power of cloud computing.

It would then be technically pretty straightforward to launch a MITM by pretending to be the official website.

OpenSSL released a patch to the problem in January 2015, while Apple plans to do so next week and Google has released one to its Android partners.

As you can see, it is not trival to perform the MITM attack: special skills, a special environment and special tools are required to make use of this vulnerability. So, this makes FREAK a more theoretical vulnerability.But, this doesn’t mean that it is less dangerous.

However, as many times in the past, good intentions are badly implemented and the page freakattack.com is generously helping attackers to find which servers are affected. On that page the researchers from University of Michigan have published the top 10K domains listed by Alexa.com website.

Who is affected?

Websites that support RSA export cipher suites (e.g., TLS_RSA_EXPORT_WITH_DES40_CBC_SHA) are at risk to having HTTPS connections intercepted.

You can check whether a website supports RSA_EXPORT suites using the SSL FREAK Check available at this page.

The post Security experts are FREAKing out: new OpenSSL vulnerability appeared first on Avira Blog.