New Tls Vulnerability (logjam)
Please fix this new TLS vulnerability in Safepay and the SSL-Scan Web protection.
Test site: https://weakdh.org
Thank you very much!
Comments
-
Please fix this new TLS vulnerability in Safepay and the SSL-Scan Web protection.
Test site: https://weakdh.org
Thank you very much!
As of this post all major browsers are vulnerable to Logjam
Hopefully fixes will out shortly0 -
OpenSSL.org has fixed the "LogJam Attack" vulnerability. https://www.openssl.org/news/secadv_20150611.txt
Please integrate this fix.0 -
OpenSSL.org has fixed the "LogJam Attack" vulnerability. https://www.openssl.org/news/secadv_20150611.txt
Please integrate this fix.
Just clicked on the link weakdh.org that you entered in your OP. I am using Firefox 38.0.6
Good News! Your browser is safe against the Logjam attack.
Same result with BDIS 2015 and BD W8 Security with SSL scan turned on.
I don't see a problem0 -
Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:
With Bitdefenders Safepay browser I get always (with and without SSL scan turned on): Warning! Your web browser is vulnerable to Logjam and can be tricked into using weak encryption. You should update your browser.
With Firefox I get the same results as with safepay. But I am using an older version of Firefox and therefore only with Sandboxie.0 -
-
Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:
With Bitdefenders Safepay browser I get always (with and without SSL scan turned on): Warning! Your web browser is vulnerable to Logjam and can be tricked into using weak encryption. You should update your browser.
With Firefox I get the same results as with safepay. But I am using an older version of Firefox and therefore only with Sandboxie.
In W7-SP1 with BDIS 2015 and Scan SSL turned on I am showing Firefox 38.0.6 is protected and IE 11.0.9600.17843 Update Versions 11.0.20 (KB3058515) is vulnerable
In W8.1 with BD W8 Security and Scan SSL turned on I am showing Friefox 38.0.6 is protected and IE 11.0.9600.17842 Update Versions 11.0.20 (KB3058515) is protected
Another reason I prefer BDW8 Security to BDIS 2015.0 -
Hm, the difference between BDIS 2015 and BDW8Security ist very interesting. I think/hope, with compatibility update of BDIS 2015 for Win10, the vulnerability will be fixed.
What is your result for IE11 with BDIS 2015 and its SSL scan turned off on Win7SP1? IE11 should shown as protected (see the second screenshot in my post #5).
EDIT for my Post #5, because SSL settings are different (visible in the screenshots there)
fromHm, with Bitdefender 18.22.0.1521 and SSL scan turned on, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:
to
Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on/off, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:0 -
In W7-SP1 with BDIS 2015 and Scan SSL turned on I am showing Firefox 38.0.6 is protected and IE 11.0.9600.17843 Update Versions 11.0.20 (KB3058515) is vulnerable
In W8.1 with BD W8 Security and Scan SSL turned on I am showing Friefox 38.0.6 is protected and IE 11.0.9600.17842 Update Versions 11.0.20 (KB3058515) is protected
Another reason I prefer BDW8 Security to BDIS 2015.
I think this may have more to do with Windows 8.1 than BD. As a test, I just checked IE11 on a machine with 8.1 and no extra protection besides Windows Defender, and it came up as safe.
EDIT: Nevermind! It looks like BDIS with SSL Scan enabled can cause browsers to be vulnerable. I should have read the thread more carefully.0 -
[...] BDIS with SSL Scan enabled can cause browsers to be vulnerable. [...]
Yes, that's right!0 -
Hm, the difference between BDIS 2015 and BDW8Security ist very interesting. I think/hope, with compatibility update of BDIS 2015 for Win10, the vulnerability will be fixed.
What is your result for IE11 with BDIS 2015 and its SSL scan turned off on Win7SP1? IE11 should shown as protected] (see the second screenshot in my post #5).
EDIT for my Post #5, because SSL settings are different (visible in the screenshots there)
from
to
Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on/off, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:
Protected0 -
Yes, that's right!
Sure seems that way.
I did have a related problem on another W7-SP1 computer with BDIS 2015. I use https://quick for my home page. With regard to the computer in question with SSL scan turnd on the webpage in question would not load in Friefox. Firefox blocked it as an unsafe. With SSL scan turned off no problem. The problem was this was not happening on my other W7-SP1 computer with BDIS 2015 nor was it happening on my two W8.1 computers with BDW8 Security.
Anyway I fiddled around with it on the computer that Firefox was blocking the webpage with SSL scan turned on but not blocking it with SSL scan turned off. I did something, unfortunately I can't recall what it was. Then BDIS popped up and said you need to restart your browser to be safe? or something like that. I restarted Firefox and was able to access the webpage in question with SSL scan turned on. It has loaded without any problems since then with SSL Scan turned on in BDIS 2015. Now that I am typing this I recall I had previously had the exact same thing happen on the other W7-SP1 computer with BDIS 2015 and again BDIS popped up asking me to restart Firefox and all has been good since then.0 -
I did have a related problem on another W7-SP1 computer with BDIS 2015. I use https://quick for my home page. With regard to the computer in question with SSL scan turnd on the webpage in question would not load in Friefox. Firefox blocked it as an unsafe. With SSL scan turned off no problem.
[...]
Then BDIS popped up and said you need to restart your browser to be safe? or something like that. I restarted Firefox and was able to access the webpage in question with SSL scan turned on. [...]
I think that this was another problem and had to do with the root certificate of Bitdefender in Firefox. There was probably an update of this root certificate.
To protect against the LogJam attack, Bitdefender has to integrate the patch of OpenSSL.org in its SSL proxy:OpenSSL.org has fixed the "LogJam Attack" vulnerability. https://www.openssl.org/news/secadv_20150611.txt
Maybe it has again to do with the files bdpredir_ssl.dll and bdpredir_ssl_pc.dll (Freak ssl attack) (Klick) of BDIS/BDTS0 -
-
Hello,
Safepay is safe against the Logjam attack as well.
Please update your Bitdefender, then restart the computer to see the changes.0 -
Yes, Safepay is now safe against the LogJam attack too.
0