NCHOVY 인터넷 스톰 센터 : TLS/SSLv3 취약점 분석

TLS/SSLv3 취약점 분석
xeraph	작성 일시 : 2009-11-15 23:42:25
TLS and SSLv3 vulnerabilities explained Thierry ZOLLER Principal Security Consultant contact@g-sec.lu Synopsis Around the 09/11/2009 Marsh Ray, Steve Dispensa and Martin Rex published details1 about a vulnerability affecting the renegotiation phase of the TLS & SSLv3 protocol. The vulnerability is being tracked under CVE-2009-35552 \| VU#1205413 and affects a multitude of platforms and protocols, the impact of this vulnerability varies from protocol to protocol and research into those is currently ongoing. When speaking of a “Man in the Middle” attack, it is often assumed that data can be altered or changed. Indeed an attacker that sits in the middle of a connection (hence it’s name) is often able to do so. In this particular case however the attacker piggybacks an existing authenticated and encrypted TLS sessions in order to (prefix) inject arbitrary text of its choice. The attacker may not read/alter the other TLS session between the “client” and the “server”. See Chapter 3 - “Example of an attack scenario...” for more details This paper explains the vulnerability for a broader audience and summarizes the information that is currently available. The document is prone to updates and is believed to be accurate by the time of writing.
practicaltls.pdf

TLS and SSLv3 vulnerabilities explained

Thierry ZOLLER
Principal Security Consultant
contact@g-sec.lu

Synopsis

Around the 09/11/2009 Marsh Ray, Steve Dispensa and Martin Rex published details1 about a vulnerability affecting the renegotiation phase of the TLS & SSLv3 protocol. The vulnerability is being tracked under CVE-2009-35552 | VU#1205413 and affects a multitude of platforms and protocols, the impact of this vulnerability varies from protocol to protocol and research into those is currently ongoing.

When speaking of a “Man in the Middle” attack, it is often assumed that data can be altered or changed. Indeed an attacker that sits in the middle of a connection (hence it’s name) is often able to do so. In this particular case however the attacker piggybacks an existing authenticated and encrypted TLS sessions in order to (prefix) inject arbitrary text of its choice. The attacker may not read/alter the other TLS session between the “client” and the “server”. See Chapter 3 - “Example of an attack scenario...” for more details

This paper explains the vulnerability for a broader audience and summarizes the information that is currently available. The document is prone to updates and is believed to be accurate by the time of writing.

최근 글

최근 덧글