A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. CVE-2014-3566, also known as POODLE vulnerability, allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
According to the OpenSSL article: This POODLE Bites: Exploiting The SSL 3.0 Fallback, SSL3.0 [RFC6101] is an obsolete and insecure protocol and has been replaced by its successors TLS 1.0 [RFC2246], TLS 1.1 [RFC4346], and TLS 1.2 [RFC5246].
AdminUI
- Open the /opt/trend/imss/UI/adminUI/conf/server.xml file using a text editor.
- Look for the sslProtocol for 8445 port.
You will find sslProtocol="TLS".
Change this to: sslProtocols="TLSv1, TLSv1.1, TLSv1.2"
Make sure that there is an "s" at the end of sslProtocols.
- Save and close file.
- Restart the adminUI using the command "S99ADMINUI restart".
EUQUI
- Open the /opt/trend/imss/UI/euqUI/conf/EUQ.conf file using a text editor.
- Find the key SSLProtocol
If the key exists, it will look like this:
SSLProtocol All -SSLv2
Change the key to:
SSLProtocol All -SSLv2 -SSLv3
If it doesn't exist,append it at the end of file.
- Save and close the file.
- Open the /opt/trend/imss/UI/euqUI/conf/server.xml file using a text editor.
- Look for the sslProtocol for the 8446 port.
You will find sslProtocol="TLS".
Changed it to: sslProtocols="TLSv1, TLSv1.1, TLSv1.2"
Note: Make sure that there is an "s" at the end of sslProtocols.
- Restart EUQUI using the command "S99EUQ restart".
Postfix
We recommend disabling SSL 3.0 in Postfix if you are using TLS.
- Open the /opt/trend/imss/postfix/etc/postfix/main.cf file using a text editor.
- Look for the following keys:
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3If the keys do not exist, append them at the end of the file.
- Save and close the file.
- Restart postfix using the command "postfix restart".
AdminUI
- Open the /opt/trend/imss/UI/php/conf/widget.conf file using a text editor.
- Look for the SSLProtocol key.
If it existis, it looks like this:
SSLProtocol All -SSLv2
Change it to:
SSLProtocol All -SSLv2 -SSLv3
If the key doesn't exist, append it at the end of file.
- Save and close file.
- Restart adminUI using the command "S99ADMINUI restart".
EUQUI
- Open the /opt/trend/imss/UI/euqUI/conf/EUQ.conf file using a text editor.
- Look for the SSLProtocol key.
If it existis, it looks like this:
SSLProtocol All -SSLv2
Change it to:
SSLProtocol All -SSLv2 -SSLv3
If the key doesn't exist, append it at the end of file.
- Save and close the file.
- Open the /opt/trend/imss/UI/euqUI/conf/server.xml file using a text editor.
- Look for the sslProtocol for the 8446 port.
You will find sslProtocol="TLS".
Change it to: sslProtocols="TLSv1, TLSv1.1, TLSv1.2"
Make sure that there is an "s" at the end of sslProtocols.
- Restart EUQUI using the command "S99EUQ restart".
Postfix
- Open the /opt/trend/imss/postfix/etc/postfix/main.cf file using a text editor.
- Look for the following keys:
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 - Save and close the file.
- Restart postfix using the command "postfix restart".
