About 10% of the world’s servers could be vulnerable to a new POODLE attack campaign repurposed to target TLS, according to security experts.
The POODLE attack revealed by Google in October worked when hackers with full control of a network from client to server were able to force a “fallback” to the less secure SSL 3.0 encryption protocol and decrypt the victim’s HTTPS traffic using a “padding oracle” technique.
However, "Padding Oracle On Downgraded Legacy Encryption," to give it its full name, was virtually eliminated as browser vendors like Google disabled SSL 3.0, largely shutting down that particular attack vector.
The latest threat is easier to exploit than the ones spotted in October because it doesn’t require the hacker to force a downgrade to SSL 3.0 first – instead it targets the TLS 1.2 encryption standard.
“If you recall, SSL 3 doesn’t require its padding to be in any particular format (except for the last byte, the length), opening itself to attacks by active network attackers,” wrote Qualys director of application security research, Ivan Ristic.
“However, even though TLS is very strict about how its padding is formatted, it turns out that some TLS implementations omit to check the padding structure after decryption. Such implementations are vulnerable to the POODLE attack even with TLS.”
Ristic added that the attacks are mainly targeted at browsers as the attacker has to inject malicious JavaScript to begin the attack.
“A successful attack will use about 256 requests to uncover one cookie character, or only 4096 requests for a 16-character cookie. This makes the attack quite practical,” he argued.
So far F5 load balancers have been found to be impacted by the threat. The firm has issued this advisory on how to patch any affected kit.
Ristic urged web owners to test their infrastructure using the SSL Labs Test, and if affected to apply vendor patches.