Google researchers find serious leak in old SSL version – update

Researchers at Google have found a vulnerability in SSL 3.0 that allows an attacker who is able to intercept packets to steal cookies, among other things. Although ssl 3.0 has been outdated for years, this version is often still supported.

The Google researchers have named the bug Poodle – Padding Oracle On Downgraded Legacy Encryption. Unlike the Heartbleed bug in OpenSSL, where attackers could read some of the contents of a server’s internal memory using OpenSSL, Poodle is not a vulnerability in a specific SSL implementation, but in the underlying protocol.

An attacker must be able to intercept someone’s traffic for abuse, for example by setting up a malicious network. Then javascript can be used to intercept cookies. That method is similar to the Beast vulnerability in tls 1.0 that came to light in 2011.

There is no workaround available, the researchers emphasize: SSL 3.0 should be avoided completely. The problem is that many browsers and servers still support the eighteen-year-old SSL 3.0. In addition, an attacker could trick a user’s browser into moving to SSL 3.0 by failing handshakes with newer SSL/tls versions.

Google itself is going to remove SSL 3.0 support from Google Chrome. Despite the fact that SSL 3.0 is still used for millions of transactions according to Mozilla, support in Firefox 34 is also being phased out. If server software also phases out support for SSL 3.0, this will mainly cause problems for users of older software, such as users of Internet Explorer 6. Users can test whether their browser is affected via Poodletest.com.