Sign up to our newsletter
When it was first uncovered back in October, researchers believed that only sites using SSL 3.0 were vulnerable to the POODLE vulnerability, but now it appears certain implementations of TLS could be compromised using a similar exploit, according to ZDNet.
In the piece, Larry Seltzer explains: “One change in TLS 1.0 was to fully specify the contents of padding bytes, preventing this attack. But it turns out that some TLS implementations still didn’t check the padding bytes, despite having the ability to do so. Undoubtedly many implementers simply used their SSLv3 software, which work fine with a TLS implementation, other than their failure to check for this error.”
The new variant of the exploit was discovered by Adam Langley of Google. Writing on his blog, Langley explains that TLS padding “is a subset of SSL v3’s padding, so technically, you could use an SSL v3 decoding function with TLS and it would still work fine … the POODLE attack would work, even against TLS connections.” He goes on to note that both F5 and A10 networking equipment is affected. F5 has already released an update.
Ars Technica reports that some high profile websites could be potentially affected, including the likes of Bank of America, VMware, and the US Department of Veteran’s Affairs.
POODLE – or Padding Oracle On Downgraded Legacy Encryption, to unpack its acronym – was uncovered back in October, as reported by We Live Security here, and potentially allowed a man-in-the-middle attacker to decrypt HTTP cookies over SSL 3.0. Although SSL 3.0 is around 15 years old, most browsers at the time still supported it, and many servers would use it as their backup, so an attacker could potentially exploit that. Since then, browsers have updated, with Firefox last week removing support for the aging protocol entirely.
Author Alan Martin, ESET