Mitigating Poodle / SSL 3.0 Issue

Eric · October 16, 2014, 7:50pm

It was recently discovered that SSL 3.0 is vulnerable to a man-in-the-middle attack, a method dubbed “Poodle”. That’s part of CVE-2014-3566, which is described here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566

The problem is within the SSL protocol itself, and thus, it is recommended that SSL 3.0 be disabled.

The following describes how to do that:

##Apache

In RHEL/CentOS, edit /etc/httpd/conf.d/ssl.conf.

In Ubuntu/Debian, edit /etc/apache2/mods-enabled/ssl.conf.

Look for a line beginning with SSLProtocol, it should look something like this:

SSLProtocol all -SSLv2

You need to modify it to look like this:

SSLProtocol all -SSLv2 -SSLv3

And then restart Apache:

RHEL/CentOS: /etc/init.d/httpd restart

Ubuntu/Debian: /etc/init.d/apache2 restart

##Webmin/Virtualmin

Webmin will correct this issue automatically in the future. In the meantime, to disable SSLv3, edit this file:

/etc/webmin/miniserv.conf

And add the following line to the end:

ssl_version=10

Then restart Webmin:

/etc/init.d/webmin restart

##Usermin

Edit this file:

/etc/usermin/miniserv.conf

And add the following line to the end:

ssl_version=10

Then restart Usermin:

/etc/init.d/usermin restart

lp86 · October 16, 2014, 10:19pm

Would the same procedure apply to Usermin as well?

lp86 · October 17, 2014, 4:33am

On all of my CentOS 6 & 7 boxes, “SSLProtocol ALL -SSLv2” is also declared in the /etc/httpd/conf/httpd.conf file as well, it must be changed in this location as well.

Eric · October 17, 2014, 3:26pm

Thanks for the heads up about this! While I didn’t notice that on our main Virtualmin server, I’ll review some other CentOS systems to see if that’s common.

-Eric

vectorsites · October 19, 2014, 1:00am

Not declared in my httpd.conf running Virtualmin on CentOS Linux 5.11

Pierrot · October 21, 2014, 8:56am

Hello,

I was wondering what could be done for Postfix and Dovecot SSL connections. I found this:

https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle
https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-poodle-sslv3-vulnerability

Discribing more or less what has been said here for Apache and adding some info for Postfix and Dovecot.

For Postfix, they mention 2 options related to the way you are running it, either “opportunistic SSL” or “mandatory SSL”, but because I mainly use Virtualmin to setup my servers, I have trouble understanding the relationship between these 2 modes and the virtualmin parameters. Could somebody give me some pointers about the parameters in virtualmin that make my Postfix SSL “opportunistic” or “mandatory” ?

Thanks.
Pierre.

sgrayban · October 21, 2014, 8:44pm

There is a conflict going on with webmin and usermin and use only PCI secure protocols.

If you are using PCI protocols webmin uses the following:

ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:!MD5:!SSLv2:+SSLv3:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM

Notice the +SSLv3 — if you change that to the required !SSLv3 you can’t connect to webmin or usermin.

Secure Connection Failed

An error occurred during a connection to server1.ehostsource.com:10000. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

How do you solve this issue ?

sgrayban · October 21, 2014, 9:09pm

I found the solution to the PCI cyphers in usermin and webmin…

Set the follow in miniserv.conf

ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:+TLSv1.1:+TLSv1.2:!MD5:!SSLv2:!SSLv3:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM

This makes the PCI scanning to pass

Eric · October 21, 2014, 9:12pm

It sounds like there isn’t a good way to solve this problem by changing the ciphers in Webmin and Usermin (though I read your post after I posted this, and sounds like you may have gotten that very thing working!).

However, the "ssl_version=10 " setting mentioned above will effectively disable SSLv2 and SSLv3 in Webmin and Usermin. Will that do what you’re after?

There’s a Webmin bug report open that discusses that here:

http://sourceforge.net/p/webadmin/bugs/4487/

sgrayban · October 21, 2014, 9:12pm

hmm thats not pasting right

disable the SSLv3 --> !SSLv3

then add next to the first TLS --> :+TLSv1.1:+TLSv1.2

sgrayban · October 21, 2014, 9:18pm

Eric you got google talk ? add me if you do – sgrayban

Pierrot · October 21, 2014, 9:27pm

If I add the suggested ssl_cipher_list in my miniserv.conf for webmin I get:

ssl_error_no_cypher_overlap

so back to ssl_version=10.

sgrayban · October 21, 2014, 9:35pm

That cypher list isn’t pasting right – it’s missing a couple cyphers

sgrayban · October 21, 2014, 9:39pm

see https://www.borgnet.net/cypher.txt for the right lines to add to miniserv

sgrayban · October 21, 2014, 9:40pm

I dont have a SF account so I can’t add what PCI will require now

sgrayban · October 21, 2014, 9:44pm

if anyone wants to contact me about the PCI issue add sgrayban@gmail.com to your google talk

jmunjr · October 30, 2014, 7:56am

That line is in my http.conf as well. Do I need to add -SSLv3 ?

SSLProtocol ALL -SSLv2

martlam · November 12, 2014, 6:46am

This will remove poodle vulnerability risk for webmin and usermin.

ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:+SSLv3:!SSLv2:!MD5:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM

Note:
The cipher and the protocol are distinct.

TLS1 for example can use SSLv3 cipher. For this reason it must be included is ssl_cipher_list to work correctly.

As for the protocols this explicitly denies SSLv3 and SSLv2.

sgrayban · November 22, 2014, 1:18pm

I found a site that really helped getting everything secured with apache. I know this has been beaten to death but these cyphers and settings are what you need to pass PCI and secure against all the current hacks with apache…

SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:MEDIUM:+TLSv1:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4

SSLHonorCipherOrder on
SSLCompression Off
SSLProtocol all -SSLv2 -SSLv3

You can see the results by testing my billing server at https://www.ssllabs.com/ssltest/analyze.html?d=borgnet.net&hideResults=on

The only issue is the current cert was issued using SHA1 but that will not make the PCI scan fail but give you a warning that SHA1 certs will not be allowed after 2014.

mehargags · December 31, 2014, 2:43pm

I can’t get this to work on my CentOS 6 VirtualMin.

I have this on my /etc/webmin/miniserv.conf
anonymous=/virtualmin-mailman/unauthenticated=anonymous ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:!MD5:!SSLv2:!SSLv3:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM logouttimes= root=/usr/libexec/webmin mimetypes=/usr/libexec/webmin/mime.types server=MiniServ/1.690

ssl_version=10