{"id":1745,"date":"2016-07-10T21:02:17","date_gmt":"2016-07-11T03:02:17","guid":{"rendered":"http:\/\/www.supportpro.com\/blog\/?p=1745"},"modified":"2019-08-20T05:14:15","modified_gmt":"2019-08-20T11:14:15","slug":"drown-attack-sslv2-vulnerablity","status":"publish","type":"post","link":"https:\/\/www.supportpro.com\/blog\/drown-attack-sslv2-vulnerablity\/","title":{"rendered":"DROWN Attack \u2013 SSLv2 Vulnerablity"},"content":{"rendered":"

Security researchers identified a new OpenSSL vulnerability, called DROWN<\/strong>( Decrypting RSA with Obsolete and Weakened Encryption ) on March 2016. This attack was focused on servers that use the more secure TLS protocol, which also supports the obsolete SSLv2.This vulnerability allows an attacker to decrypt the highly secured TLS encrypted communication if the server houses SSLv2 cipher support.<\/p>\n

DROWN was assigned the CVE-2016-0800<\/strong> id by the us-nert on the march (https:\/\/www.us-cert.gov\/ncas\/bulletins\/SB16-067 ).<\/p>\n

More than 11 million websites that use TLS were vulnerable to DROWN attack. If your website is protected by TLS and your server directly on indirectly supports the older SSLv2, you are also vulnerable and an attacker may exploit it to get important information such as user names, password, financial credentials, important documents ..etc.<\/p>\n

Are You Vulnerable to DROWN?<\/strong><\/span><\/p>\n

You can use the tool SSLyze<\/strong> to find whether you are open to DROWN attackers. SSLyze is an SSL scanning tool which scans the specified port on the specified IP to detect whether the SSLv2 ciphers are supported. SSLyze tool can be downloaded and installed directly from https:\/\/pypi.python.org\/pypi\/SSLyze<\/p>\n

Syntax: sslyze_cli.py – -sslv2\u00a0 ip:port<\/em><\/p>\n

You have to execute the command for each public IP, Port combinations correspond to every open port which uses TLS protocol.<\/p>\n

For a secure server , while executing the command<\/p>\n

Syntax: sslyze_cli.py – -sslv2\u00a0 ip:port<\/em><\/p>\n

May produce results like :<\/p>\n

SCAN RESULTS FOR 192.168.0.xx:443<\/em>
\n——————————————————
\n* SSLV2 Cipher Suites:
\nRejected:
\nTLS_RSA_WITH_NULL_MD5 TCP \/ Received RST
\nSSL_CK_RC4_64_WITH_MD5 TCP \/ Received RST
\nSSL_CK_RC4_128_WITH_MD5 TCP \/ Received RST
\nSSL_CK_RC4_128_EXPORT40_WITH_MD5 TCP \/ Received RST
\nSSL_CK_RC2_128_CBC_WITH_MD5 TCP \/ Received RST
\nSSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 TCP \/ Received RST
\nSSL_CK_IDEA_128_CBC_WITH_MD5 TCP \/ Received RST
\nSSL_CK_DES_64_CBC_WITH_MD5 TCP \/ Received RST
\nSSL_CK_DES_192_EDE3_CBC_WITH_MD5 TCP \/ Received RST<\/p>\n

Which indicates all SSLv2 request were rejected.<\/p>\n

But on the other hand, if the server\u00a0 is vulnerable it may produce something like:<\/p>\n

SCAN RESULTS FOR 192.168.0.xx:443<\/em>
\n————————————————–
\n* SSLV2 Cipher Suites:
\nPreferred:
\nSSL_CK_RC2_128_CBC_WITH_MD5 – 128 bits
\nAccepted:
\nSSL_CK_RC4_128_WITH_MD5 – 128 bits
\nSSL_CK_RC2_128_CBC_WITH_MD5 – 128 bits
\nSSL_CK_DES_192_EDE3_CBC_WITH_MD5 – 112 bits
\nSSL_CK_DES_64_CBC_WITH_MD5 – 56 bits
\nSSL_CK_RC4_128_EXPORT40_WITH_MD5 – 40 bits
\nSSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 – 40 bits<\/p>\n

This has to be checked on every open port on the server that uses TLS protocol, which may include 465(SSL \u2013 SMTP), 993 (SSL \u2013 IMAP), 995 (SSL \u2013 POP3),etc.If any of these port in the server has SSLv2 enabled then server is vulnerable to DROWN.<\/p>\n

Who Else Are Vulnerable?<\/strong><\/span><\/p>\n

From the above scan if you detect SSLv2 enabled for any service, then the server is vulnerable. Also, all the servers that share private key \u2013 certificate pair with your server is also vulnerable to DROWN attack<\/a>.
\nThis means a web server secured with TLS with SSLv2 not enabled for any service may also become vulnerable to DROWN if a mail server that shares the same certificate-key pair has SSLv2 cipher enabled.<\/p>\n

\"Drown<\/a><\/p>\n

How To Secure Server From DROWN Vulnerability?<\/strong><\/span><\/p>\n

To prevent servers from DROWN vulnerability, theSSLv2 has to be completely disabled in all the servers and services. Same time private key \u2013 certificate pair should not be shared with any other server(SMTP, IMAP, POP3, etc) that has SSLv2 enabled.<\/p>\n

Securing a Linux Server From DROWN attack:<\/span><\/p>\n

It can be accomplished in different ways, of which the two easiest and effective methods are,<\/p>\n

I.Update OpenSSL<\/strong><\/p>\n

Updating the OpenSSL version to 1.0.1.s or 1.0.2.g.That is OpenSSL 1.0.1 should be updated to 1.0.1.s and similarly OpenSSL 1.0.2 to 1.0.2.g.<\/p>\n

In CentOS<\/a> and Redhat<\/a> servers OpenSSL<\/a> this can be done using yum,<\/p>\n

# yum update openssl<\/em><\/p>\n

In Ubuntu and Debian\u00a0 servers,<\/p>\n

# apt-get install –only-upgrade libssl1.0.0 openssl<\/em><\/p>\n

II.Prevent DROWN by disabling SSLv2 for services<\/strong><\/p>\n

We have to disable SSlv2 manually for Apache, Postfix, Exim and other services in the server.<\/p>\n

Disabling for Apache<\/strong><\/span><\/p>\n

We have to edit \/etc\/httpd\/conf\/httpd.conf and add below lines to disable obsolete SSLv2 and SSLv2 versions.<\/p>\n

SSLProtocol All -SSLv2 -SSLv3
\nSSLCipherSuite EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256
\nSSLHonorCipherOrder on<\/p>\n

Disabling for Postfix<\/strong><\/span><\/p>\n

Edit postfix configuration file ( \/etc\/postfix\/master.cf) to following configuration;<\/p>\n

smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
\nsmtp_tls_mandatory_protocols=!SSLv2,!SSLv3
\nsmtpd_tls_protocols=!SSLv2,!SSLv3
\nsmtp_tls_protocols=!SSLv2,!SSLv3<\/p>\n

Disabling for Exim<\/strong><\/span><\/p>\n

Edit the exim configuration file (\/etc\/exim.conf) as follows
\nALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:!SSLv2:!SSLv3<\/p>\n

If you require help, contact SupportPRO Server Admin<\/a><\/p>\n

\"Server<\/a><\/span>