edit-icon download-icon

[Vulnerability notice] CVE-2015-0204: FREAK man-in-the-middle hijacking vulnerability in OpenSSL

Last Updated: May 07, 2018

Description

An SSL/TLS man-in-the-middle hijack vulnerability named FREAK exists in OpenSSL with vulnerability number CVE-2015-0204.

In the OpenSSL library, the ssl3_get_key_exchange function in s3_clnt.c allows clients to use weak RSA key pairs. Therefore, an attacker can intercept HTTPS connections between vulnerable clients and servers, and force them to use weakened encryption. The malicious user cancause an SSL/TLS client using OpenSSL use a weaker key exchange method, and then crack the key that is in use. Using this cracked key, the attacker can then decrypt data during or after communications, or manipulate sensitive data and replay it to the server or client.

Fix

Note: We recommend you create a snapshot for the server before fixing the vulnerability to avoid loss from fix failure.

For httpd and nginx users

  1. Open the httpd and nginx configuration files, and modify the SSL encryption algorithm.

    • For httpd, change it to :

      1. SSLCipherSuite HIGH:!aNULL:!MD5:!EXPORT56:!EXP
    • For nginx, change it to:

      1. ssl_ciphers HIGH:!aNULL:!MD5:!EXPORT56:!EXP;
  2. After the modification, restart the web service.

For Tomcat users

  1. Open the Tomcat configuration file server.xml, add the following attributes to the SSL configuration items:

    • For Tomcat 5/6:

      1. SSLEnabled="true"
      2. sslProtocols="TLSv1,TLSv1.1,TLSv1.2"
      3. ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
    • For Tomcat 7 or later versions:

      1. SSLEnabled="true"
      2. sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
      3. ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
  2. After the modification, restart the Tomcat service.

For IIS users

Solution 1: Disable unsafe encryption algorithms and unsafe SSL protocols in the registry.

  1. Click Start > Run, enter regedit, and then press Enter.

  2. Go to HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL.

  3. Open Protocols\PCT 1.0\Server, right-click on the blank area, select New > String Value, and name the value Enabled. Double-click the newly added value, enter 0 as its Value data, and then click OK.

  4. Follow the procedure in Step 3 to do the same settings for these items:

    • Protocols\SSL 2.0\Server
    • Ciphers\DES 56/56
    • Ciphers\RC2 40/128
    • Ciphers\RC2 128/128
    • Ciphers\RC4 40/128
    • Ciphers\RC4 56/128
    • Ciphers\RC4 128/128
  5. Restart your computer for changes to be effective.

Solution 2: Install the Microsoft patch (KB3046049) for the FREAK vulnerability.

You can enable automatic Windows Update on your servers, or download the patch to install. After installing the update, restart the computer to bring the changes into effect.

Update OpenSSL

  1. Identify the service that calls Port 443, and then update the OpenSSL that the program depends on.

    • We recommend that you update OpenSSL to the latest version.
    • OpenSSL 1.0.1 must be upgraded to 1.0.1m or later.
    • OpenSSL 1.0.0 must be upgraded to 1.0.0r or later.
    • OpenSSL 0.9.8 must be upgraded to 0.9.8zf or later.
  2. After the update, restart the service that calls Port 443.

Thank you! We've received your feedback.