SSLv3 “Poodle” (CVE-2014-3566) security

Viola Systems TD-14-3-1_SSLv3_vulnerability.pdf
Oct-16-2014 15:30 EET
Version history:
TD-14-3-1 released Oct-16-2014: Document released
SSLv3 “Poodle” (CVE-2014-3566) security vulnerability information
Introduction
There is a recently found security vulnerability called ”Poodle”. This document explains the vulnerability
and its effect to Viola Systems’ products and provides instructions on how to secure the system and to
mitigate the risks.
General
The Poodle (Padding Oracle On Downgraded Legacy Encryption) attack targets vulnerabilities in SSLv3
implementation. The aim is to get access to e.g. HTTP cookies and authorization headers, in order to break
the SSL 3.0 encryption. This requires that the attacker is able to modify the transmissions between SSL
client and server (man-in-the-middle attack) by either getting privileged access to a network or with e.g. a
fake Wi-Fi hot spot.
Viola Systems’ products
We have tested our products against the “Poodle” vulnerability and found that the following devices are
affected to the vulnerability.
Viola Systems’ product line
Viola M2M Gateways
Viola “2G” and “2.5G” Arctics
Viola “3G” and “LTE” Arctics
Viola AMR server
Viola Arctic AMR
Affected to “Poodle” vulnerability
Yes
No
Yes
Yes
No
Detailed information
The details of the vulnerability have been explained in the U.S. government’s vulnerability database NIST
under the number CVE-2014-3566. The NIST page lists the OpenSSL document as one of detailed external
sources for information (https://www.openssl.org/~bodo/ssl-poodle.pdf). The document in OpenSSL link
explains the “Poodle” attack in details and lists further references for understanding the issue.
Brief instructions for solving the problem
Viola M2M Gateway 3.x
 See the M2M GW’s Web UI top row for version information, if no version information is seen,
contact Viola Systems Technical Support, [email protected] for detailed information
 Follow the instructions below. If having any problem with the procedure, contact Viola Systems
Technical Support, [email protected]
1) Log in to the command line of M2M gateway via SSH (you can use e.g. PuTTY as SSH client in
Windows) as viola-adm user.
Viola Systems TD-14-3-1_SSLv3_vulnerability.pdf
Oct-16-2014 15:30 EET
2) Switch to root user with command (remember the dash mark after “su” command):
su 3) Enter the following command in one line (you can copy-paste it from here):
sed -i.backup 's/^SSLProtocol all -SSLv2$/SSLProtocol all -SSLv2 -SSLv3/' /etc/httpd/conf.d/viola.conf
4) Restart the httpd service:
service httpd restart
Viola Arctic 3G/LTE Gateways
 A new firmware will be released soon. This document will be updated with instructions
 Meanwhile, see the risk mitigation chapter
Viola AMR server
 Contact Viola Systems Technical Support, [email protected]
Mitigating risks for web UI targeted attacks



Do not expose the web UI to internet. Usually the Web UI (M2M GW’s or Arctic’s) can be reached
via VPN tunnel.
Verify that the firewall is enabled in Arctics. The latest firmware releases (2.5.6 and above) in
3G/LTE GW Arctics have firewall enabled by default.
See the security guideline document for more information:
http://files.violasystems.com/appnotes/VA-11-5-1_Viola_M2M_solution_security.pdf
Questions/detailed instructions
If you have questions regarding the instructions or regarding the vulnerability, please contact Viola
Systems’ Technical Support via email: [email protected].

Download Report