In present environment SAP has many products like SAP BOBJ and SAP Data Service and many other products like Nakisa,Security Weaver, Reverse proxy setup use Apache Tomcat web server and HTTP server for serving web applications. Hence protecting them from security hackers and security loopholes are critical to safeguard the communication channels and data.
I have covered the top 10 SSL vulnerabilities of applications that runs on Apache Tomcat, Apache HTTP web servers with Linux platform.
There are various utilities to scan and identify vulnerabilities and I have used openssl utility for the diagnosis.
SSL and TLS protocols are used to provide integrity, authenticity and privacy to other protocols such as HTTP and LDAP. They provide these services by using encryption for privacy, x509 certificates for authenticity and one-way hash functions for integrity.
To encrypt data SSL and TLS can use block ciphers, which are encryption algorithms that can encrypt only a fixed block of original data to an encrypted block of the same size. Note that these ciphers will always obtain the same resulting block for the same original block of data. To achieve difference in the output the output of encryption is XORed with yet another block of the same size referred to as initialization vectors (IV). A special mode of operation for block ciphers known as CBC (cipher block chaining) uses one IV for the initial block and the result of the previous block for each subsequent block to obtain difference in the output of block cipher encryption.
PCI DSS applies to all entities involved in payment card processing—including merchants, processors, acquirers, issuers, and service providers. PCI DSS also applies to all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD).
The Payment Card Industry Data Security Standard (PCI-DSS) requires web sites to use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard sensitive cardholder data during transmission over open, public networks.
The Federal Information Processing Standard (FIPS) Publication 140-2, is a U.S. government computer security standard used to approve cryptographic modules.
Vulnerability 1- Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)
With the SWEET32 vulnerability, it is now shown that an attacker can send in large volume of dummy data, and get blocks of cipher text that matches that of a customer.
It is possible because the 64-bit blocks used by 3DES-DES generates a lot of packets, which increases the probability of an encrypted packet of a customer and that of the attacker matching.
How to diagnose
Using openssl connect to the server on respective port with limiting connection only to weak ciphers DES,3DES.
If any of these tests is successful, then the target is vulnerable to Sweet32.
To secure the confidential information from this critical SWEET32 birthday attack vulnerability, it is crucial to disable the 64-bit block weak ciphers such as DES, 3DES, etc. in the servers promptly in SSL configuration and strong ciphers such as AES should be enabled.
Disable and stop using DES and 3DES ciphers.
Edit the apache SSL configuration file at ‘/etc/apache2/mods-available/ssl.conf ‘ or at the respective application configuration file location
Go to the SSL section and ensure SSLv2 and SSLv3 are already disabled.
Go to the CIPHER text section and give the entry as:
Before : On executing the command, with successful connection the output shows information of the certificate used by port.
After : On executing the command after applying the solution with successful connection the output do not show the certificate value instead handshake failure and secure renegotiation is not supported.
Vulnerability 2 - SSL Server Has SSLv3 Enabled Vulnerability
In April 2015, PCI released article announcing that NIST no longer considers Secure Socket Layers (SSL) v3.0 protocol as acceptable for protecting data and that all versions of SSL versions do not meet the PCI definition of strong cryptography.
SSL 3.0 is an obsolete and insecure protocol.Encryption in SSL 3.0 uses either the RC4 stream cipher, or a block cipher in CBC mode.RC4 is known to have biases, and the block cipher in CBC mode is vulnerable to the POODLE attack.
How to diagnose:
Using openssl connect to the server on respective port with limiting connection only SSL 3.0
If tests is successful and certificate is visible, then the target is vulnerable to SSLv3
Disable the SSL 3.0 protocol in the client and in the server.
Add an entry "-SSLv3" to SSLProtocol in httpd.conf or the SSL configuration file of the respective application listening to the vulnerable port.
How to validate:
Before : On executing the command , with successful connection the output shows information of the certificate used by port.
After : On executing the command after applying the solution, with successful connection the output do not show the certificate value instead handshake failure and secure renegotiation is not supported.
Vulnerability 3 - SSL/TLS use of weak RC4 cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic.
Vulnerabilities in SSL RC4 Cipher Suites Supported is a Medium risk vulnerability that is one of the most frequently found on networks around the world.
If this attack is carried out and an HTTP cookie is recovered, then the attacker can then use the cookie to impersonate the user whose cookie was recovered.
How to diagnose:
Run the openssl s_client command with only the weak ciphers