Security vulnerability

FREAK SSL/TLS vulnerability

A new SSL/TLS vulnerability named “FREAK” was identified by several security researchers. This threat allows an attacker to get between a client and server and view what is intended to be a secure and private communication. The vulnerability is primarily due to a bug in OpenSSL client software, but only exploitable on poorly configured web servers. Both clients and servers are at risk. Web site owners can protect their sites by properly configuring their web servers by removing affected ciphers and restarting their servers.

Note that this vulnerability is not related to SSL certificates. Your existing certificate will continue to work as intended; no certificate replacement is needed. For more information on how to remove these affected ciphers please consult our blog on the subject.

Scientifica’s Point of View

At the time of this writing, Scientifica is evaluating its own systems and no Scientifica web servers appear to be vulnerable. Customers who manage their own servers should evaluate their systems for the vulnerability. Symantec offers an easy-to-use check in its SSL Toolbox to allow customers to easily verify that their web sites are safe or vulnerable.

Frequently Asked Questions

Q: How critical is this vulnerability?

A: This vulnerability appears to be as slightly less critical than POODLE. Although an attack is difficult to carry out it is important for people prioritize this patch.

Q: Do SSL certificates have to be replaced?

A: No, this is not required

Q: What should customers do?

A: Our customers managing their own servers should remove the affected ciphers listed below (if they are supported by their web server) and restart the server.

Any type of web server (Apache, IIS, nginx, etc.) may be vulnerable if its configuration allows the use of so-called Export Ciphers. In Apache/OpenSSL documentation, for example, the names of these ciphers all begin with EXP

EXP-DES-CBC-SHA
EXP-RC2-CBC-MD5
EXP-RC4-MD5
EXP-EDH-RSA-DES-CBC-SHA
EXP-EDH-DSS-DES-CBC-SHA
EXP-ADH-DES-CBC-SHA
EXP-ADH-RC4-MD5

Although not related to this vulnerability, customers should also disable null ciphers if they are supported, since such ciphers do not provide any encryption of the SSL stream:

NULL-SHA
NULL-MD5

In Windows, the names of export ciphers contain the string “EXPORT”. Here is a list taken from http://support.microsoft.com/kb/245030:

SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
SSL_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5