Windows Schannel TLS Export Cipher Bug Lets Remote Users Downgrade Session Security
|
|
SecurityTracker Alert ID: 1031833 |
|
SecurityTracker URL: http://securitytracker.com/id/1031833
|
|
CVE Reference:
CVE-2015-1637
(Links to External Site)
|
Updated: Mar 10 2015
|
Original Entry Date: Mar 5 2015
|
Impact:
Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8, 8.1, 2012, 2012 R2, RT, RT 8.1; and prior service packs
|
Description:
A vulnerability was reported in Windows Schannel. A remote user can downgrade the TLS session security and potentially recover keys.
A remote user that can conduct a man-in-the-middle attack can force a downgrade to an export-grade cipher suite and then conduct a key factoring attack to recover the target server's RSA private key. The remote user can then determine the TLS master key for that session.
[Editor's note: This is known as a "FREAK" attack.]
The original advisory is available at:
https://www.smacktls.com/#freak
The miTLS Team reported this vulnerability.
|
Impact:
A remote user can downgrade the session security and then conduct a key factoring attack to recover the target server's export-grade RSA private key and to obtain the TLS master key for that session.
|
Solution:
The vendor has issued a fix.
The vendor's advisories are available at:
https://technet.microsoft.com/library/security/ms15-031
https://technet.microsoft.com/library/security/3046015
|
Vendor URL: technet.microsoft.com/library/security/ms15-031 (Links to External Site)
|
Cause:
State error
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
