SSL Middleman Attack

Product Tech Tips Index

Problem:
Verifying your WebMux has the security fix to combat the SSL Middleman Attack

Background:
The SSL Middleman Attack was discovered in 2009 for all devices based on OpenSSL. A security fix was issued immediately for the WebMux. Some of the software that verifies the firmware mistakenly used the SSL version number alone to determine if the problem was resolved.

This guide provides a simple method to verify whether or not the SSL security hole still exists in your WebMux firmware.

Solution:
First, let’s see the problem using stock Debian Apache 2.2.3 server without the fix. Use openssl to point to the server, and then issue a renegotiation command:
Enter:

$ openssl s_client -connect testdomain.com:443 -cipher EXP-RC4-MD5

which returns:

CONNECTED(00000003)

The certificate verification process has been trimmed. When it finishes, enter:

GET / http/1.0
X-ignore-me: GET /
R

which will return:

RENEGOTIATING

The certificate verification process will run again, so we have cut it out to simplify the example. After it finished, you should see something like:

read R BLOCK
HTTP/1.1 200 OK
Date: Wed, 23 Sep 2009 14:23:07 GMT
Server: Apache /2.2.3 (Debian) PHP/5.2.0-8+etch15 mod_ssl/2.2.3 OpenSSL/0.9.8c
Last-Modified: Mon, 21 Sep 2009 00:24:57 GMT
ETag: “33ecf-54-4740b82eee840”
Accept-Ranges: bytes
Content-Length: 84
Connection: close
Content-Type: text/html; charset=UTF-8

This will retrieve a HTML page, which will show the contents of the page, followed by:

closed
$

The line with the single “R” initiates a renegotiation, and the following line, “RENEGOTIATING,” was emitted by the s_client program to indicate that the process had started. This successfully occurs before the HTTP headers terminate. When the renegotiation ends, the final newline is sent, inducing the response.

If the WebMux firmware has the security fix installed, the process should fail after issuing the “R” command.