The OpenSSL Project has released a new version of the encryption software, which patches several security flaws, including the bug that is exploited by the POODLE attack on SSLv3.
The updated versions of OpenSSL come just a couple of days after a trio of researchers at Google revealed the POODLE attack, which allows an attacker to force the use of SSLv3 in some circumstances and eventually decrypt the protected communications between the client and server. To address the issue, OpenSSL has added support for the TLS_FALLBACK_SCSV mechanism, which prevents attackers from being able to force downgrades from TLS to SSLv3.
“OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade,” the advisory says.
“Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).”
The updated versions of OpenSSL also include a fix for a high-risk vulnerability in the DTLS SRTP extension that can cause a memory leak.
“A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected,” the advisory says.
There also is a patch for a low-risk vulnerability that results from a problem in the “no-ssl3” build option that could still allow servers to complete an SSLv3 handshake.