Header 1Header 2

最新的安全漏洞 (CVE-2014-3566) 代号是 POODLE, 这是一个缩写(POODLE = Padding Oracle On Downgraded Legacy Encryption)

       POODLE攻击是针对SSLv3CBC模式加密算法的一种padding oracle攻击。可以让攻击者获取SSL通信中的部分信息的明文,比如cookie。它不需要对明文内容的完全控制。所以操作起来更加容易。

      从根本上说,这是SSL设计上的问题,SSL的加密和认证过程搞反了,SSL先进行认证之后再加密。目前还没有可靠的解决办法,除非完全禁用 SSLv3 的支持。简单的说,攻击者可获取你加密流中的明文数据

下面对攻击原理作简单的阐述:

poodle2.jpg

首先考虑这个明文HTTP请求, 我把它分成了 8字节的块,就像3DES加密,但是这个方法对16字节的AES块加密一样适用:

poodle.jpg

最后一个块里包含了7个字节的填充(padding),用 * 来表示,最后一个字节7是填充长度,我用了虚构的8字节MAC校验码。在传输前,这些数据都会被3DES或者AES加密。现在来回顾下CBC解密的过程


poodle3.jpg

P 异或 K = C

C 异或 k = P

 

     攻击者可以控制HTTP请求中的路径和主体, 攻击者需要做的是把包含cookie第一个字节(出现在这个块的末尾,例如块中的内容是"Cookie:a"a正好在8字节块的末尾)的那个块,替换padding的那个块发送给接收者(服务器)

通常来说,服务器会CBC校验失败了并拒绝这段密文,攻击者需要重新发送,平均来说,每256个请求中有一个会被服务器接受,只要服务器接受了,根据CBC的解密过程,攻击者就知道了cookie的第一个字节(明文)的和上一个块最后一个字节的密文 XOR 后是 7或者15(分别对应块长度816)

以上为例简述攻击过程:

如果服务器上的JavaScript可以让A发送大量带cookie的请求,例如让A去访问一个社交网站而A本身保存有那个社交网站的cookie(根据cookie机制每次请求肯定会使用同样的cookie)。通过构造大量SSLv3请求再结合截包替换SSL数据可以做到逐字节还原cookie字段,而在这种情况下cookie作为敏感信息,相当于用户名和密。


GET空格/空格HT

TP/1.1\r\n

Cookie:空格

abcdefgh

\r\n\r\nXXXX

MAC空格data

*******7

GET空格/a空格H

TTP/1.1\r

\nCookie:

空格abcdefg

h\r\n\r\nXXX

MAC空格data

*******7

GET空格/aa空格

HTTP/1.1

\r\n Cookie

:空格abcdef

fg\r\n\r\nXX

MAC空格data

*******7

该案例填充粒度为8字节,某社交网站的cookieabcdefgh
  首先JavaScript可以让用户A生成一个图中第一行所示的明文web请求包。B服务器拿到使用CBC模式下的SSLv3数据然后将最末尾块替换为左起第四个块的密文然后反复发送这个包直到解密后的Cn [7] 碰巧为7(因为每次连接key都不同),收到连接成功信息。使用之前介绍的反推公式(L8代入)可以反推出cookie字段第8字节为’h’。然后通过填充请求路径字段让A生成一个图中第二行所示的右移1字节的请求包.同样方法可
以推出cookie字段第7字节’g’依此类推直到获取整个cookie”abcdefg”。此时黑客通过中间人攻击已经获得用户cookie,用户隐私暴露无遗。

一般来说,服务器会拒绝这段密文,因为CBC校验失败了,攻击者需要重新发送,平均来说,每256个请求中有一个会被服务器接受,只要服务器接受了,根据CBC的解密过程,攻击者就知道了cookie的第一个字节(明文)的和上一个块最后一个字节的密文 XOR 后是 7或者15(分别对应块长度816)

因为可以解密的窗口大小只有1字节(前面任意一个块的最后一个字节),所以需要通过js控制HTTP请求路径的长度,比如 GET/, GET /A, GET /AA...把需要解密的cookie的位置逐渐顶到解密窗口中,每次解密一个字节平均需要256次请求,攻击者就可以用256*n次构造的请求来解密SSLv3中任意位置的明文。

这个漏洞的主要成因是因为SSLv3没有规定padding填充块字节的内容,只校验填充块最后一个字节,因为TLS会检查填充块的内容所以在TLS上同样的攻击方式成功率只有2^-64或者2^-128

这是一个专门针对SSL 3.0的信息泄露漏洞,TLS并不受影响。因为SSL 3.0是一个业界的安全协议,所以它不仅影响的Windows系统,还同样影响所有支持SSL3.0的其他系统和应用。也正是因为这是一个业界协议标准中的安全漏洞,修复起来就没有那么容易,目前无法直接发布一个更新来更改SSL3.0协议的处理方式。对于SSL3.0协议还需要众多厂商和标准组织一起参与,来做出最合适的决定。目前也没有计划全面在Windows中禁用SSL3.0,原因是现在还有非常大量的服务器不能支持TLS而只支持SSL,因此全面禁用SSL3.0势必会造成大量的兼容性问题。对于普通用户而言,我们还是将禁用SSL 3.0作为针对此漏洞的缓解措施。

       EMC的很多产品也是基于受影响。虽然存储产品往往存在于网络内安全程度较高区域中,其访问和使用往往受到严格限制和过滤,相比于那些防火墙,网页服务器等处于安全防线外围的产品,受到黑客直接攻击的可能性较低,难度更大。建议广大客户尽早修复该漏洞,以减少潜在的风险。我们列出了受该漏洞影响的EMC部分产品:

 

EMC 受影响产品及解决方案

Product

Supported Versions

Details

Atmos

All

Atmos embeds web server and allows SSLv3 as a supported protocol. Customers cannot modify the configuration.
Remediated: See
ESA-2014-175 for more details.

Avamar Data Store (ADS), Avamar Virtual Edition (AVE)

  1. 6.x, 7.x

Avamar embeds web servers and allows SSLv3 as a supported protocol. Customers cannot modify the configuration.

Remediated: See
ESA-2014-093 for more details.

Avamar Data Transport (ADT)

  1. 1.x

Avamar embeds web servers and allows SSLv3 as a supported protocol. Customers cannot modify the configuration. This issue will be resolved in the next product version with a tentative target date of Q4 2015.

Avamar Extended Retention (AER)

  1. 2.x

Avamar embeds web servers and allows SSLv3 as a supported protocol. Customers cannot modify the configuration.
Remediated: See
ESA-2014-093 for more details.

Celerra

All

Celerra embeds web server and allows SSLv3 as a supported protocol. SSLv3 will be disabled by default in the next release of the product targeted for 1H 2015.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
196780

CLARiiON

AX4-5

CLARiiON embeds web server and allows support for SSLv3 protocol. Customers cannot modify the "client browser" configuration if Navisphere express and/or Navisphere manager has been enabled. Remediation plan in progress.

Connectrix Manager Converged Network Edition (CMCNE) / Connectrix Manager Data Center Edition (CMDCE)

All

CMCNE / CMDCE embeds web server and allows SSLv3 as a supported protocol. This issue will be fixed in CMCNE 12.3.x.

Workaround: Disable SSLv3 manually by following steps documented in KB
194265

Data Domain

  1. 5.2, 5.4

Data Domain embeds web server and allows support for SSLv3 protocol. Customers cannot modify the configuration. Remediation plan in progress.This issue will be resolved in the next release for 5.2.x and 5.4.x with tentative target dates of Q2 2015.

Data Protection Advisor (DPA)

                       

  1. 6.0, 6.0.1, 6.1, 6.1.1

DPA embeds application server and allows support for SSLv3 protocol. Customers cannot modify the configuration.
Remediated: See
ESA-2014-176 for more details.

Documentum Content Server

All

Documentum Content Server embeds a web server and allows support for SSLv3 protocol. This issue will be resolved in 7.2 P01 with a tentative target date of Q1 2015.

Disk Library for Mainframe (DLM)

All

DLM embeds web server and allows SSLv3 as a supported protocol. Customers cannot modify the configuration. This issue will be resolved in the next releases of the product which has a tentative target date of Q2 2015.

EDL (DL3D)

All

DL3D embeds web server and allows SSLv3 as a supported protocol.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
19766

Classic EDL is not impacted by this vulnerability.

ESRS Policy Manager

All

ESRS Policy Manager embeds web server and allows SSLv3 as a supported protocol. This issue will be resolved in the next releases of the product which has a tentative target date of Q2 2015.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
194335

ESRS-VE

Web UI

The Web UI application allows SSLv3 as a supported protocol.

Note:
ESRS-VE agent is FIPS compliant and SSLv3 protocol is not allowed. Hence, the agent is not impacted. Only the Web UI is impacted.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
194268 or upgrade to ESRS VE 3.0.2.00.10

Isilon OneFS

All

Isilon OneFS embeds web server and allows SSLv3 as a supported protocol. 

Remediated: See
ESA-2015-015 for more details.This issue is resolved in 7.1.1.2.

Kazeon

All

Kazeon embeds web server and allows SSLv3 as a supported protocol. Remediated: See ESA-2015-007 for more details.

PowerPath Virtual Appliance

  1. 1.2.x

PowerPath Virtual Appliance embeds a webserver and allows SSLv3 as a supported protocol. This issue will be resolved in the next release of the product which has a tentative target date of Q1 2015.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
194383

Recover Point

All

Recover Point embeds application server and allows SSLv3 as a supported protocol. Customers cannot modify the configuration.

Remediated: See
ESA-2014-170 for more details.

ScaleIO

All

ScaleIO embeds a webserver and allows SSLv3 as a supported protocol. SSLv3 is disabled by default in version 1.31. Customers are recommended to upgrade to version 1.31

Smarts

All

SMARTS products embed web server and allows support for SSLv3 protocol. Please see 194044 for more details.

SMI-S

  1. 8.0.0 and prior

SMI-S embeds a web server that allows SSLv3 as a supported protocol. SSLv3 will be disabled by default in the next release of the product.

Remediated: See
ESA-2014-172 for more details.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
193812.

Unisphere Central

All

Unisphere Central allows SSLv3 as a supported protocol and customers cannot modify the configuration.
Remediated: See
ESA-2015-002 for more details.

Unisphere for VMAX (UniVMAX)

All

UniVMAX embeds a web server and allows support for SSLv3 protocol. SSLv3 will be disabled by default in the next release of the product.

Remediated: See
ESA-2014-172 for more details.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
194201.

UniVMAX and Solutions Enabler (vApps)

All

UniVMAX and SE vApps embed a web server and allows support for SSLv3 protocol. Customers can not modify the configuration.

Remediated: See
ESA-2014-172 for more details.

ViPR SRM

All

ViPR SRM embeds web server and allows support for SSLv3 protocol.

Remediated: See
ESA-2015-004 for more details.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
194013

VNX1

All

VNX1 embeds web server and allows SSLv3 as a supported protocol. SSLv3 will be disabled by default in the next release of the product targeted for 1H 2015.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
193596

VNX2

All

VNX2 embeds web server and allows SSLv3 as a supported protocol. SSLv3 will be disabled by default in the next release of the product targeted for Q1 2015.

Workaround: Disable SSLv3 manually by following the steps documented in the KB
193596

VNXe1 (VNXe3100/3150/3300)

All

VNXe1 allows SSLv3 as a supported protocol and customers cannot modify the configuration. This issue will be resolved in the next release of the product with tentative target date of Q3 2015.

VNXe2 (VNXe3200)

All

VNXe2 allows SSLv3 as a supported protocol and customers cannot modify the configuration. This issue will be resolved in the next release of the product with tentative target date of Q2 2015.

VPLEX/VPLEX-VE

All

VPLEX embeds a web server and allows SSLv3 as a supported protocol.  Customers cannot modify the configuration. This issue will be resolved in the next release of the product with tentative target date of Q3 2015.

XtremIO

All

XtremIO embeds a webserver and allows SSLv3 as a supported protocol. Customers cannot modify the configuration. There is a temporary solution documented in KB 194235. The vulnerability has been remediated in XtremIO 3.0.1 and XtremIO 2.4.2.



不受影响产品:

Product

Supported Versions

Details

ApplicationXtender

All

ApplicationXtender installs on IIS which is provided by the customer and supports TLSv1.0+. Follow Microsoft guidelines to configure IIS to disable SSlv3: https://support.microsoft.com/kb/187498/en-us

Backup & Recovery Manager (BRM)

  1. 1.1, 1.2

BRM is FIPS compliant and SSLv3 connections are not supported.

Captiva

All

Captiva products install on IIS server provided by the customers. Please follow Microsoft guidelines to disable SSLv3 in IIS server. Captiva products support TLS 1.0 and above

Centera

All

Centera does not use HTTPS and does not embed web/application server.

Cloud Tiering Appliance (CTA)

CTA 10SP2

CTA 10SP2 embeds a web server but does not allow support for SSLv3 protocol. Customers on older versions are recommended to upgrade to CTA 10SP2.

Data Domain DDBoost Client Plugin

All

Data Domain DDBoost client plugin does not use HTTPS and does not embed web/application server.

Documentum Administrator (DA)

All

DA install on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. DA supports TLS 1.0 and above.

Documentum Digital Asset Manager(DAM)

All

Documentum Digital Asset Manager(DAM) installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. DAM supports TLS 1.0 and above

Documentum CenterStage

All

Documentum CenterStage installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. Documentum Centerstage supports TLS 1.0 and above.

Documentum Content Intelligence Services

All

Documentum Content Intelligence Services does not use HTTPS and does not embed web/application server.

Documentum Digital Compliance Manager (DCM)

All

DCM installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. Documentum Compliance Manager supports TLS 1.0 and above.

Documentum D2

All

D2 installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. D2 supports TLS 1.0 and above.

Documentum eRoom

All

Documentum eRoom install on IIS server provided by the customers. Please follow Microsoft guidelines to disable SSLv3 in IIS server. Documentum eRoom support TLS 1.0 and above. Please disable SSlv3 from IE for the client plugins used in eRoom.

Documentum Federation Search Services

All

Documentum Federation Search Services relies on JVM configuration used by the customer's environment. Refer to the Oracle document - https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https to identify the default setting in JVM.

Documentum Foundation Services (DFS)

All

DFS installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. DFS supports TLS 1.0 and above.

Documentum Media Workspace (MWS)

All

MWS installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. MWS supports TLS 1.0 and above.

Documentum MyD

All

Documentum MyD installs on application server provided by the customers. Please follow application server guidelines to disable SSLv3. Documentum MyD support TLS 1.0 and above.

Documentum Records Manager

All

Documentum Records Manager installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. Documentum Records manager supports TLS 1.0 and above

Documentum REST Services

All

Documentum REST services installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. Documentum REST services supports TLS 1.0 and above

Documentum SAP Connector

All

Documentum SAP Connector installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. This makes use of Documentum Administrator (DA) so please follow guidelines for DA.

Documentum Web Publisher (WP)

All

WP installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. WP supports TLS 1.0 and above

Documentum Webtop

All

Documentum Webtop installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. Documentum Webtop supports TLS 1.0 and above.

Documentum xPlore

All

Documentum xPlore embeds JBOSS application server but does not enable HTTPS by default. Customers are recommended to use TLS 1.2 when enabling HTTPS. Please refer to the installation guide for more details.

Documentum xPression

All

Documentum xPression installs on an application server provided by the customers. Please follow the application server guidelines to disable SSLv3. Documentum xPression supports TLS 1.0 and above.

ESRS Gateway

All

ESRS Gateway is FIPS compliant and SSLv3 is not allowed.

Information Rights Management (IRM)

All

IRM does not use HTTPS and does not embed web/application server.

NetWorker and NetWorker Management Console

  1. 8.0.x, 8.1.x, 8.2.x

NetWorker Management Console (NMC) embeds a web server but does not allow support for SSLv3 protocol.

PowerPath (all platforms)

All

PowerPath products do not use HTTPS and do not embed web/application server.

ProSphere

All

ProSphere embeds a web server but does not allow support for SSLv3 protocol.

Replication Manager

All

Replication Manager does not use HTTPS and does not embed web/application server.

Solutions Enabler (SE)

All

SE does not use HTTPS and does not embed web/application server.

SourceOne

All

SourceOne installs on a web server provided by the customers. Please follow the web server guidelines to disable SSLv3. SourceOne supports TLS 1.0 and above. The instructions to disable SSL3 are available at http://support2.microsoft.com/?id=187498

UIM/O

All

UIM/O embeds a web server but does not allow support for SSLv3 protocol

UIM/P

All

UIM/P embeds a web server but does not allow support for SSLv3 protocol

ViPR

All

ViPR embeds a web server but does not allow support for SSLv3 protocol

VMAX SP

All

VMAX SP embeds a web server but does not allow support for SSLv3 protocol

EFT(vApp)

All

EFT vApps embed a web server but does not allow support for SSLv3 w/CBC protocol

 

以下链接查询所有EMC产品及是否受影:

https://support.emc.com/kb/193503

 

如果有任何问题请联系我们:

邮箱:RemoteProactive@emc.com

电话:+1-800-782-4362 x 6305555

网上在线支持: https://support.emc.com  Live chat