Skip to main content

Background

Researchers recently published information on a new security vulnerability in SSL and TLS implementations, called DROWN. This vulnerability applies to any SSL/TLS server that supports SSL version 2 (SSLv2), a very old but still widely supported version of SSL. It may also apply if another server uses the same private key, for example if an SSL-enabled mail server in the same organization uses the same private key. The vulnerability exists even if the client does not support SSLv2. This is a server-side vulnerability.

DROWN and Java

SSLv2 has been disabled in all recent Java Runtime Environment releases by Oracle. As long as customers are running on a recent release of Java no Micro Focus product will be affected by DROWN.

Please refer to Oracle to determine if your version of Java is vulnerable.

DROWN and OpenSSL

The DROWN vulnerability applies to all SSL/TLS implementations that support SSLv2. However, when the server uses OpenSSL, the problem is compounded by some related issues in OpenSSL. These have been fixed in a new release of OpenSSL, which became available on 1 March 2016. This release of OpenSSL will be made available in Micro Focus’ products in future releases. Contact Support for more information.

Problem

Is Orbix vulnerable to the DROWN attack? How to avoid this vulnerability??

Answer: Potentially, if configured to use SSLv2. Re-configure the SSL Server to avoid using SSL v2.

The DROWN vulnerability is just one of a number of weaknesses within SSLv2.  SSLv2 should therefore be avoided to preclude the possibility of DROWN (or other) attacks.

SSLv2 has been replaced by its successors TLSv1.0, TLSv1.1, TLSv1.2 but many TLS implementations remain backward compatible with SSLv2 to inter-operate with legacy systems. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used. However, even if a client and a server both support a version of TLS, the security level offered by SSLv2 is still relevant since many clients implement a protocol downgrade dance to work around server-side interoperability bugs.

The attack for this vulnerability requires only that an SSLv2 connection to be available, so disabling SSLv2 in the server will completely avoid it. If either side currently only supports SSLv2 this becomes a serious issue.
If SSLv2 is available at the server, then the attack is possible.

Will OpenSSL be updated to the latest version of OpenSSL?

Yes. Micro Focus are in the process of testing the new OpenSSL release, and intend to include it in an update for the most recent product versions.

What are the other consequences of this update?

The new version of OpenSSL disables SSLv2 completely. This may affect customers with older installations who should prepare for this event by re-configuring their clients to support later versions of TLS.

The new version also disables some "weak" SSL cipher suites, including the old export-class ciphers and 56-bit DES. This is a change in behavior, but it is unlikely that existing customers make use of these suites. They are now extremely insecure and should not be used in any case. Few or no customers should notice any difference in behavior due to this change.

Resolution

Please refer to the article:

Best Practices for implementing Security using Micro Focus Corba Products

 


#KnowledgeDocs
#Orbix