[CentOS] POODLE and TLSv1

James B. Byrne

byrnejb at harte-lyne.ca
Fri Oct 17 16:53:42 UTC 2014


I read this on the RHN commentary respecting cve-2014-3566:


https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/:

. . .
The first aspect of POODLE, the SSL 3.0 protocol vulnerability, has already
been fixed through iterative protocol improvements, leading to the current TLS
version, 1.2. It is simply not possible to address this in the context of the
SSL 3.0 protocol, a protocol upgrade to one of the successors is needed. Note
that TLS versions before 1.1 had similar padding-related vulnerabilities,
which is why we recommend to switch to TLS 1.1, at least. (SSL and TLS are
still quite similar as protocols, the name change has non-technical reasons.)
. . .

If run nmap to view the ciphers on a host running apache-2.2.15 I see this:

# nmap --script ssl-enum-ciphers -p 443 inet09

Starting Nmap 6.01 ( http://nmap.org ) at 2014-10-17 12:48 EDT
Nmap scan report for for x.y.z.a
Host is up (0.00034s latency).
rDNS record for x.y.z.a
PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   TLSv1.0
|     Ciphers (5)
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength
|       TLS_RSA_WITH_RC4_128_SHA - strong
|     Compressors (1)
|       NULL
|   TLSv1.1
|     Ciphers (5)
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength
|       TLS_RSA_WITH_RC4_128_SHA - strong
|     Compressors (1)
|       NULL
|   TLSv1.2
|     Ciphers (9)
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_128_GCM_SHA256 - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
|       TLS_RSA_WITH_AES_256_CBC_SHA256 - unknown strength
|       TLS_RSA_WITH_AES_256_GCM_SHA384 - unknown strength
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength
|       TLS_RSA_WITH_RC4_128_SHA - strong
|     Compressors (1)
|       NULL
|_  Least strength = unknown strength
. . .


If read the advisory aright then TLSv1.0 suffers from exactly the same flaw as
SSLv3.  So, how do I configure apache-2.2.15 to deny TLSv1.0 and keep service
TLSv1.1+?


-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3




More information about the CentOS mailing list