SSL 2.0 Rollback in OpenSSL

Published: 2005-10-11
Last Updated: 2005-10-11 15:32:15 UTC
by Erik Fichtner (Version: 1)
0 comment(s)
New versions of OpenSSL have been released today (0.9.7h and 0.9.8a) to address a potential cryptographic weakness.  In servers that have enabled SSL_OP_ALL for compatibility reasons, the session is vulnerable to a potential rollback to SSL 2.0, even in the presence of SSL 3.0 and TLS 1.0, due to the implied SSL_OP_MSIE_SSLV2_RSA_PADDING setting.  Note that SSL 2.0 suffers from several cryptographic vulnerabilities, including allowing an attacker to manipulate the encrypted contents of packets without the possibility of being detected.

This can be solved by either disabling SSL 2.0 entirely on either endpoint, or by upgrading the server software to one of the new OpenSSL versions.

For more information, see:  http://www.openssl.org/news/secadv_20051011.txt

Keywords:
0 comment(s)
Diary Archives