OpenSSL vulnerability CVE-2015-0204 (FREAK)
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role.
% openssl s_client -port 443 -host jcrew -cipher EXPORTCONNECTED(00000003)
....
New, TLSv1/SSLv3, Cipher is EXP-DES-CBC-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : EXP-DES-CBC-SHA
% openssl s_client -port 443 -cipher EXPORT -host www.cornell.edu CONNECTED(00000003)
....
New, TLSv1/SSLv3, Cipher is EXP-RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : EXP-RC4-MD5
% openssl s_client -port 443 -cipher EXPORT -host www.snwlhosted.com CONNECTED(00000003)139699903645344:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:770:
_____________________________________________________________________________________________________
Status of NetVault Products With Respect to this vulnerability? All NetVault Product lines are Not affected by this vulnerability at this time. Users should upgrade their browsers to non-vulnerable versions. Some useful links:
Anchor/reference page:
https://freakattack.com/
A mid-level technical background and explanation:
http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html
Home page for one of the groups that discovered the attack:
https://www.smacktls.com/
Vulnerability Database:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204