"The Error Message Vulnerability" Against Secured Internet Servers

A vulnerability that affects properly implemented versions of the Secure Socket Layer (SSL) protocol.

Issue

Using complex mathematical analysis and some trial and error, Bleichenbacher discovered that an Internet transaction encrypted with SSL could be decoded. This is an issue that requires an updating of Internet server software, not client software such as Microsoft Internet Explorer. To use this discovered vulnerability as an attack, the attacker must first be able to observe the encrypted transaction between a Web client and a Web server. Once a recording of this encrypted transaction is made, the attacker would then need to send a large number of carefully constructed messages to the original Web server and analyze the responses. After sending approximately one million messages, the attacker could decode the information contained in the single encrypted transaction he had earlier recorded. This success would not give the attacker an advantage in decoding any other transactions that the server had been made, nor would it necessarily give the attacker an advantage in decoding other transactions performed by the user. Due to the large number of messages needed, a Web site operator could detect an attack through observations such as abnormal network or CPU utilization. Unlike some vulnerabilities that can be exploited more quickly by dividing the workload between multiple attacking machines, this attack cannot be divided among attackers to reduce the amount of work or time for an attack. The server is doing all the work, and is the gating factor in the attacker's ability to decode the transaction. The faster an attacker tries to decode the information, the more strain it puts on the server, and the more detectable the attack becomes.

Affected Products

• IIS 3.0 and 4.0, Site Server 3.0 Commerce and Enterprise Edition, Exchange 5.0 and 5.5

Solution

Only customers that use SSL on their Internet servers need to take action. This issue affects both 40-bit and 128-bit versions of SSL (including SGC). Customers who use the server products listed above, but do not use SSL are not affected and do not need to take action. Customers who use Microsoft internet client software are not affected and do not need to take any action. Microsoft strongly recommends that customers using secure SSL Internet services with any of the Microsoft products listed above should update to the latest version of SCHANNEL.dll.

Download

Patch: ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfixes-postSP3/ssl-fix/

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: July 6, 1998

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<