OpenSSL has released a software update to fix a flaw that could make it easier for hackers to attack secure web servers. The security issue could allow attackers to force an SSL-enabled site to use the outdated and potentially insecure SSL version 2.0 protocol.
Some secure web sites allow visitors to connect using earlier versions of SSL, an option which can be enabled by OpenSSL's SSL_OP_ALL setting. Normally, web servers will default to the most current encryption protocol supported by the user's browser, usually TLS or SSL version 3. But a flaw in the SSL_OP_ALL implementation could allow an attacker to trick the server into using SSL 2.0.
"An attacker acting as a 'man in the middle' can force a client and a server to negotiate the SSL 2.0 protocol even if these parties both support SSL 3.0 or TLS 1.0," notes the advisory from OpenSSL. "The SSL 2.0 protocol is known to have severe cryptographic weaknesses and is supported as a fallback only." The OpenSSL Project is advising users to either upgrade their server software with the latest version or disable SSL 2.0 entirely.
The Mozilla Foundation's Firefox browser plans to discontinue support for SSL version 2.0, which has been superseded by SSL3 and TLS. The only sites that would be affected by the Firefox decision would be those that connect using only SSL2, and not SSL3 or TLS. An analysis of data from Netcraft's SSL Survey suggests this is about 1,000 sites total, including about 200 that receive substantial traffic.
Netcraft's SSL Survey provides detailed information about encrypted transactions and e-commerce, including the growth rate for SSL-enabled sites, and which operating systems, server software and certificates are most widely used on these sites.