tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Braun <brianbr...@gmail.com>
Subject SSL Vulnerability in Tomcat and/or JVM?
Date Fri, 14 Sep 2012 07:06:00 GMT
Hi,



In my site I’m using a certificate from www.securitymetrics.com. Today they
disabled my certificate. This is supposed to be the main reason:



Description: SSL/TLS Protocol Initialization Vector Implementation
Information Disclosure Vulnerability Synoposis: It may be possible to
obtain sensitive information from the remote host with SSL/TLS-enabled
services. Impact: A vulnerability exists in SSL 3.0 and TLS 1.0 that could
allow information disclosure if an attacker intercepts encrypted traffic
served from an affected system. TLS 1.1, TLS 1.2, and all cipher suites
that do not use CBC mode are not affected. This script tries to establish
an SSL/TLS remote connection using an affected SSL version and cipher
suite, and then solicits return data. If returned application data is not
fragmented with an empty or one-byte record, it is likely vulnerable.
OpenSSL uses empty fragments as a countermeasure unless the
'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is
initialized. Microsoft implemented one-byte fragments as a countermeasure,
and the setting can be controlled via the registry key H
KEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders
\\SCHANNEL\\SendExtraRecord <file://schannel/SendExtraRecord>. Therefore,
if multiple applications use the same SSL/TLS implementation, some may be
vulnerable while others may not, depending on whether or not a
countermeasure has been enabled. Note that this script detects the
vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It
does not detect the BEAST attack where it exploits the vulnerability at
HTTPS client-side (i.e., Internet browser). The detection at server-side
does not necessarily mean your server is vulnerable to the BEAST attack
because the attack exploits the vulnerability at client-side, and both
SSL/TLS clients and servers can independently employ the split record
countermeasure. See also : http://www.openssl.org/~bodo/tls-cbc.txt
http://vnhacker.blogspot.com/2011/09/beast.html
http://technet.microsoft.com/en-us/security/bulletin/ms12-006
http://support.microsoft.com/kb/2643584
http://blogs.msdn.com/b/kaushal/archive/2012/01/21/fixing-the-beast.aspxData
Received: Negotiated cipher suite: EDH-RSA-DES-
CBC3-SHA|SSLv3|Kx=DH|Au=RSA|Enc=3DES(168)|Mac=SHA1 Resolution: Configure
SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. Configure
SSL/TLS servers to only support cipher suites that do not use block
ciphers. Apply patches if available. Note that additional configuration may
be required after the installation of the MS12-006 security update in order
to enable the split-record countermeasure. See
http://support.microsoft.com/kb/2643584 for details. Risk Factor: Medium/
CVSS2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE: CVE-2011-3389



This is supposed to explain it further:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389


What should I do? Should I modify the parameters in my Tomcat Connector?
Should I upgrade my JVM? Should I upgrade Tomcat to a most recent version?
Should I use Windows instead of Linux? (I’m joking with the last one!)



Some information you may need to answer this:


- Linux Centos 5.8
- I’m using an SSL certificate from geotrust, a very current one (as far as
I know).

- JVM: 1.6.0_11-b03

- Tomcat 7.0.10 (Even though I disguised it as 7.0.25, actually so
securitymetrics don’t bother me with some very obscure vulnerabilities that
would force me to update it otherwise)

- This is the relevant entry in my server.xml file:



    <Connector

        connectionTimeout="10000"

        enableLookups="true"

        port="8443"

        scheme="https"

        secure="true"

        clientAuth="false"

        keystoreFile="conf/certificate.kdb"

        minSpareThreads="4"

        maxThreads="1000"

        sslProtocol="SSLv3"


ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"

        protocol="HTTP/1.1"

        SSLEnabled="true">

    </Connector>

Thanks in advance!


Brian

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message