Security Best Practice: Protect Yourself from SSL and TLS Protocols Renegotiation Vulnerability (MS10-049)

Vulnerability
Protection

Check Point Reference:	SBP-2009-23
Date Published:
Severity:
Last Updated:
Source:	US-CERT: Vulnerability Note VU#120541 Microsoft Security Bulletin MS10-049
Industry Reference(s):	CVE-2009-3555
Protection Provided by:	Security Gateway R70 VPN-1 NGX R65 VSX NGX R65
Who is Vulnerable? Microsoft Internet Information Services (IIS) 7.0 mod_ssl in the Apache HTTP Server 2.2.14 and earlier OpenSSL before 0.9.8l GnuTLS 2.8.5 and earlier Mozilla Network Security Services (NSS) 3.12.4 and earlier
Vulnerability Description Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are cryptographic protocols that provide security for communications over networks. A spoofing vulnerability exists in multiple implementations of these protocols. The TLS and SSL protocols fail to properly associate renegotiation handshakes with an existing connection, allowing man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL. An attacker who successfully exploited this vulnerability would be able to introduce information on a TLS/SSL protected connection, effectively sending traffic spoofing the authenticated client. Microsoft released the Critical Security Bulletin MS10-049 to address this issue in August 10, 2010.

Update/Patch Available
Apply patches:
Microsoft Security Bulletin MS10-049

Vulnerability Details
The Transport Layer Security (TLS) Handshake Protocol is responsible for the authentication and key exchange necessary to establish or resume secure sessions. SSL is a predecessor of the Transport Layer Security protocol, performing the same functions. An attacker who is able to leverage another attack, such as DNS spoofing or a local subnet attack to become a man-in-the-middle on a TLS connection, could abuse such renegotiation functionality in order to attach application-specific commands to a valid TLS session.

Protection Overview
The TLS Renegotiation protection detects and blocks all TLS renegotiation traffic.
The TLS Client Initiated Renegotiation protection detects and blocks client initiated TLS renegotiation requests.

In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest IPS/SmartDefense update. For information on how to update IPS/SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.

To configure the defense, select your product from the list below and follow the related protection steps.

Security Gateway R70

How Can I Protect My Network?
1. In the IPS tab, click Protections > By Protocol > Application Intelligence > VPN Protocols > SSL and TLS.
2. In the right pane, double-click the TLS Renegotiation and TLS Client Initiated Renegotiation protections.
3. In the Protection Details window, click on Edit. Choose the protection's Action (Override IPS Policy with: Prevent/Detect), and apply Additional Settings.
4. Install policy on all modules.

How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:

Attack Name: SSL and TLS Protocol Protection
Attack Information:
TLS renegotiation
TLS client initiated renegotiation

VPN-1 NGX R65 & VPN-1 VSX NGX R65

How Can I Protect My Network?
1. In the SmartDefense tab, click Application Intelligence > VPN Protocols > SSL and TLS.
2. Select the following protections:

TLS Renegotiation
TLS Client Initiated Renegotiation

3. In the configuration pane, under Settings > Mode, check Active.
4. Install policy on all modules.

Legal Notice for Threat Center Advisories