Check or Attack Name: SSLpatch

An unpatched version of the Secure Sockets Layer (SSL) allows an attacker to formulate a complex structured attack that could potentially decode an Internet transaction encrypted using SSL. This knowledge would not give the attacker an advantage in decoding any other transactions that had been made by the server, nor would it necessarily give the attacker an advantage in decoding any other transactions performed by the user. A web site operator could detect an attack through observations, such as abnormal network activity or high CPU utilization.

Apply the latest Windows NT 4.0 Service Pack. To apply the latest Windows NT Service Pack, follow these steps:

1. Open a web browser.
2. Go to http://support.microsoft.com/support/ntserver/Content/ServicePacks and follow the directions to download the appropriate service pack for your computer.
3. Find the installation program you downloaded to your computer.
4. Double-click the program icon to start the installation.
5. Follow the installation directions.

—OR—

Windows NT 4.0 SP3 users can apply the post-SP3 ssl-fix available from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfixes-postSP3/ssl-fix/.

—AND—

Residents of the US and Canada can download the North American (128-bit) version of Schannel.dll from http://mssecure.www.conxion.com/cgi-bin/ntitar.pl.

—AND—

Also, follow these guidelines to minimize the risk to your web servers:

• Change server-side certificates on a periodic basis. By changing the certificate on a server, an attacker will no longer be able to use this vulnerability to decode transactions that were encrypted with the previous private key.
• Use a certificate on only a single system. Sometimes in server farms (large clusters of servers) the same certificate is installed on multiple systems. This is not recommended for the most secure solutions. If multiple servers are configured with the same certificate, an attacker could use the processing strength of each server to try to break a single session, thus reducing the time required.
• Monitor normal trend performance and look for changes. Since this attack uses the processing power of the server against itself, regular monitoring of CPU utilization and network traffic could give warning of an attack. For example, watching for a large amount of network traffic from a single source might indicate an attack.

CERT Advisory CA-98.07, Vulnerability in Some Usages of PKCS#1, http://www.cert.org/ftp/cert_advisories/CA-98.07.PKCS

Microsoft Knowledge Base Article Q148427, Generic SSL (PCT/TLS) Updates for IIS and MS Internet Products, http://support.microsoft.com/support/kb/articles/q148/4/27.asp

Microsoft Security Bulletin MS98-002, Updates available for the SSL enabled Internet Server "The Error Message Vulnerability", http://www.microsoft.com/security/bulletins/ms98-002.asp

Bell Labs Innovations - Pages for Daniel Bleichenbacher, List of Publications, http://www.bell-labs.com/user/bleichen/bib.html tfixes-postSP3/ssl-fix/Q148427.TXT

Microsoft Knowledge Base Article Q148427, Generic SSL (PCT/TLS) Updates for IIS and MS Internet Products, ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfixes-postSP3/ssl-fix/Q148427.TXT

Microsoft Security Bulletin MS98-009, Update Available for Windows NT Privilege Elevation attack, http://www.microsoft.com/security/bulletins/ms98-009.asp