Since it’s been about 3 months since POODLE, we’re clearly overdue for another major vulnerability in SSL and/or TLS. Fortunately for us, the research team at SmackTLS has released details of the FREAK attack (aka OpenSSL CVE-2015-0204). We can test whether our browsers are vulnerable here, and we can read cryptographer Matthew D. Green’s excellent summary of the attack mechanism on his blog. Once we’ve digested that and had a good laugh at the irony of the NSA getting hoisted by its own petard, we need to move on to how to mitigate the vulnerability in our infrastructures.
To be clear, this vulnerability is on the client side. So, for the most part BIG-IP (appliance, chassis, or virtual) isn’t vulnerable, since the main mode of operation for BIG-IP is for SSL/TLS termination, i.e. as the server. SOL16139 provides a summary of how and where BIG-IP is vulnerable, which is primarily on the Server SSL profile only when COMPAT cipher string is used. These findings are good news for two reasons:
The COMPAT cipher string is not configured by default (DEFAULT is).
The server side of the connection typically isn’t open to the Internet or other untrusted networks.
F5 intends to patch this vulnerability in our next major release later this year, since the severity is not deemed critical for BIG-IP.
As BIG-IP administrators, we may be breathing a sigh of relief. However, one of the key components of this vulnerability is that the server must present export ciphers in order for a vulnerable client to be exploited. As Mr. Green notes in his blog post linked above, these weak ciphers should have been deprecated long ago. Unfortunately, with the help of Ivan Ristic at SSL Labs, they’ve found an alarming percentage of web sites are still negotiating these weak export-level ciphers. As responsible citizens of the Internet, it’s important that we review our SSL profiles and ensure that the aforementioned COMPAT cipher string that enables weak export ciphers isn’t in use on any of the Client SSL profiles. This configuration change is easy to implement, and won’t impact compatibility of even the most antiquated browser (looking at you, IE6). Uploading your Qkview snapshot to iHealth.f5.com will also enable us to see, at a glance, if COMPAT is enabled anywhere.