Skip to main content

Security Vulnerability for Webcache -- SSL Weak Cipher Suites Supported


SSL Vulnerability with Webcache with SSL Weak Cipher


Following is one of the reports from Nessus.

SSL Weak Cipher Suites Supported

Synopsis:
The remote service supports the use of weak SSL ciphers.

Description:
The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. Note: This is considerably easier to exploit if the attacker is on the same physical network.

Risk factor:
Medium

CVSS Base Score:4.3
CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

See also:
http://www.openssl.org/docs/apps/ciphers.html

Solution:
Reconfigure the affected application if possible to avoid use of weak ciphers.



This is usually reported from your security scanner.
It does not matter if you have a strong encryption with 128 bit, it all depends on your SSL Cipher version supported. In security it is said that with a weak SSL cipher version server is still vulnerable to attacks.

There are 3 types of SSL Version,

SSL 2.0, 3.0 and 3.1 or TLS. TLS stands for Transport Layer Security. SSL 2.0 which is the oldest version supported is considered as weak and needs to be disabled.

To get rid of the error first check if your SSL port,

Go to your webcahe home and opmn.

$ORACLE_HOME/opmn/bin/opmnctl status -l

-------------------+--------------------+---------+----------+------------+----------+-----------+------
ias-component      | process-type       |     pid | status   |        uid |  memused |    uptime | ports
-------------------+--------------------+---------+----------+------------+----------+-----------+------
HTTP_Server        | HTTP_Server        |  933924 | Alive    |  327877050 |     9056 |  00:40:56 | http1:7778,http2:7200
LogLoader          | logloaderd         |     N/A | Down     |        N/A |      N/A |       N/A | N/A
dcm-daemon         | dcm-daemon         |     N/A | Down     |        N/A |      N/A |       N/A | N/A
OC4J               | home               | 1941518 | Alive    |  327877051 |    42648 |  00:40:58 | ajp:12508,rmi:12408,jms:12608
WebCache           | WebCache           | 3408104 | Alive    |  327877052 |   700644 |  00:40:58 | http:7777,invalidation:9401,statistics:9402,https:443,http_1:80
WebCache           | WebCacheAdmin      | 1200336 | Alive    |  327877053 |    18860 |  00:40:58 | administration:9400
DSA                | DSA                |     N/A | Down     |        N/A |      N/A |       N/A | N/A



In my case my https port is 443.

Now use the following command and check if SSLv2 is used.

openssl s_client -ssl2 -connect localhost:443
CONNECTED(00000003)

This gets connected with SSL version v2, it means that SSL 2.0 is enabled and the server is vulnerable to attacks.

To disable SSL 2.0,

Open webcache.xml under $ORACLE_HOME/webcache.

Modify the line below,

 <LISTEN IPADDR="ANY" PORT="443" PORTTYPE="NORM" SSLENABLED="SSLV3_V2H" CLIENT_CERT="NO" STRONG_CRYPTO_ONLY="NO" Key="IPADDR PORT">

to

 <LISTEN IPADDR="ANY" PORT="443" PORTTYPE="NORM" SSLENABLED="SSLV3" CLIENT_CERT="NO" STRONG_CRYPTO_ONLY="NO" Key="IPADDR PORT">


Here I have modified SSLENABLED="SSLV3_V2H" to SSLENABLED="SSLV3"


Once the file is modified restart your webcache component.

opmnctl restartproc process-type=WebCache

Now test if SSL 2.0 has been disabled with the same command,

openssl s_client -ssl2 -connect localhost:443
CONNECTED(00000003)
1576972:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:



This has wored and you see an handshake failure on port 443.










Comments

Guest said…
Hey, nice site you have here! Keep up the excellent work!



ISTQB Training Institute in Chennai
Hello! Nice post! Is this possible to use TLS instead SSL?

Popular posts from this blog

SQL Interview Questions on Subqueries

SUB Queries:
1. List the employees working in research department 2. List employees who are located in New York and Chicago
3. Display the department name in which ANALYSTS are working
4. Display employees who are reporting to JONES
5. Display all the employees who are reporting to Jones Manager
6. Display all the managers in SALES and ACCOUNTING department
7. Display all the employee names in Research and Sales Department who are having at least 1 person reporting to them
8. Display all employees who do not have any reportees
9. List employees who are having at least 2 reporting
10. List the department names which are having more than 5 employees
11. List department name having at-least 3 salesman
12. List employees from research and accounting having at-least 2 reporting
13. Display second max salary
14. Display 4th max salary
15. Display 5th max salary  -- Answer for nth Max Salary
Co-Related Subqueries:
16. Write a query to get 4th max salary from EMP table
17. Write a query to get 2nd…

'Linux-x86_64 Error: 28: No space left on device' While trying to start the database -- Error

SQL> startup mount pfile='/tmp/initdlfasp12.ora'
ORA-27102: out of memory
Linux-x86_64 Error: 28: No space left on device


This as you can see is on Linux x86 with 64 bit processor. We got this error after we changed SGA on 10gR2 database. So was sure that this is something to do with the OS.

Parameters to check for this are shmall.

shmall is the total amount of shared memory, in pages, that the system can use at one time.

$cat /proc/sys/kernel/shmmax
53687091200

$ getconf PAGE_SIZE
4096

As per Oracle SHMALL should be set to the total amount of physical RAM divided by page size.

Our system has 64GB memory, so change kernel.shmall = 1024 * 1024 * 1024 * 64 / 4096 = 16777216


Once this value is calculated you can modify Linux system configuration file directly.

$ su - root
vi /etc/sysctl.conf file:
kernel.shmall=16777216

and

# sysctl -p

Once this is done the database was started without any problem.

Answers for SUB Queries

1. SQL> select empno, ename from emp where deptno=(select deptno from dept where dname='RESEARCH');


2. SQL> select empno, ename from emp where deptno in (select deptno from dept where loc in ('NEW YORK','CHICAGO'));

3. SQL> select dname from dept where deptno in ( select deptno from emp where job ='ANALYST');

4. SQL> select empno, ename, mgr from emp where mgr = (select empno from emp where ename='JONES');

5. SQL> select empno, ename, mgr from emp where mgr = (select mgr from emp where ename='JONES')

6. SQL> select empno, ename, job from emp where deptno in ( select deptno from dept where dname in ('SALES','ACCOUNTING'))

7. SQL> select empno, ename, job from emp where deptno in ( select deptno from dept where dname in ('SALES','RESEARCH')) and empno in (select mgr from emp)

8. SQL> select empno, ename from emp where empno not in ( select mgr from emp where mgr is not null)

9. select…