CVEs importants qui ont impactés nos web apps | Important CVEs that have impacted our web apps

Une liste non-exhaustive des CVEs qui ont eu un impact important et généralisé sur la sécurité de nos applications web.

A list of important CVEs that have had a great general impact on our web app security.

DROWN- CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.

Resources:

• CVE-2016-0800
• Sherif's writeup and test
• Online Test 
• Details on openssl.org

FREAK - CVE-2015-0204

SSL/TLS vulnerability that allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data.

Resources:

• CVE-2015-0204 
• FreakAttack.com 
• Client test tool
• SSL Labs SSL Testing
• Symantec SSL Checker
• HT-Bridge Free SSL/TLS Server Test
• Shodan Query

LOGJAM - CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE.

Resources:

• CVE-2015-4000 
• WeakDH.org
• Server test tool  

WinShock - CVE-2014-6321 - MS14-066

Schannel in Microsoft Windows Server allows remote attackers to execute arbitrary code via crafted packets.

Resources:

• CVE-2014-6321
• Exploit 

ShellShock (BashBug) - CVE-2014-6271

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.

Resources:

• CVE-2014-6271
• See my previous post
• Metasploit mod_cgi exploit (1 of n) 
• Shodan Query (for CGI)

Poodle - CVE-2014-3566

Padding Oracle On Downgraded Legacy Encryption (POODLE). The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack.

Resources:

• CVE-2014-3566
• Exploiting The SSL 3.0 Fallback
• SSL Testing

Heartbleed - CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c.

Resources:

• CVE-2014-0160
• Heartbleed.com
• Test script on Exploit DB
• Shodan query (showing who's still vulnerable) 
• SSL testing
• Shell script testssl.sh
• Metasploit module (scan, dump memory, get private key)

Others worth mentioning

• Bar-Mitzvah RC4 Attack - CVE-2015-2808, Paper
• Rosetta Flash [CSRF, JSONP abuse, SOP bypass] - CVE-2014-4671
• ChangeCipherSpec (CCS) Injection - CVE-2014-0224, Test Tool 
• BEAST - CVE-2011-3389
• CRIME, TLS - CVE-2012-4929, Test Tool  

References

• Top 10 web hacking techniques of 2014
• TLS Security
• Qualys SSL Labs
• Top 10 exploited in 2014 from Verizon's DBIR 2015 (includes POODLE)