Man in the Middle: OpenSSL Threat

Researchers have just identified a vulnerability in OpenSSL software.   This vulnerability is known as the “Man in the Middle” threat, or MitM.

The MitM threat allows a hacker to potentially intercept and decrypt data transmitted between vulnerable clients and servers.

How Does MitM Work?

The attacker would create a fake “handshake” in between two devices that would allow them to believe that the attacker is a valid target. The attacker can use the key material to decrypt/modify traffic at their will. However, the attacker would need to be in the “man-in-the-middle” position on the network (in between the two devices) in order to exploit this vulnerability.

Wireless networks are at a higher risk of this MitM attack as they are more readily available and users could connect to any unsecured (and secured) network without a second thought.

 

Who Does MitM Affect?

MitM threat affects all versions of the OpenSSL Client.  Fortunately, Tier1Net’s Professional Services clients do not use OpenSSL for Windows Servers or Certificates, so those devices are not vulnerable to the threat.  Tier1Net’s web servers do not use OpenSSL for websites hosted on its backbone.

However, the OpenSSL technology is used in some Sonicwall SSLVPN devices.  Sonicwall SSLVPN devices may be affected by the MitM threat.

 

What is Tier1Net doing?

Tier1Net is in the process of upgrading the firmware of all potentially affected SSLVPN devices.  This firmware upgrade will protect against the MitM vulnerability.

Tier1Net has sent notices to all potentially affected clients.

 

For more information on the MitM Vulnerability, please click the sources below:

https://www.openssl.org/news/secadv_20140605.txt

http://threatpost.com/new-openssl-mitm-flaw-affects-all-clients-some-server-versions/106470

Share:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

HTML tags are not allowed.