New Tls Vulnerability (logjam)

Please fix this new TLS vulnerability in Safepay and the SSL-Scan Web protection.


Test site: https://weakdh.org


Thank you very much!

Comments

  • Please fix this new TLS vulnerability in Safepay and the SSL-Scan Web protection.


    Test site: https://weakdh.org


    Thank you very much!


    As of this post all major browsers are vulnerable to Logjam


    Hopefully fixes will out shortly

  • OpenSSL.org has fixed the "LogJam Attack" vulnerability. https://www.openssl.org/news/secadv_20150611.txt


    Please integrate this fix.

  • OpenSSL.org has fixed the "LogJam Attack" vulnerability. https://www.openssl.org/news/secadv_20150611.txt


    Please integrate this fix.


    Just clicked on the link weakdh.org that you entered in your OP. I am using Firefox 38.0.6


    Good News! Your browser is safe against the Logjam attack.


    Same result with BDIS 2015 and BD W8 Security with SSL scan turned on.


    I don't see a problem :)

  • Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:


    post-136936-1434328659_thumb.jpg post-136936-1434328683_thumb.jpg


    With Bitdefenders Safepay browser I get always (with and without SSL scan turned on): Warning! Your web browser is vulnerable to Logjam and can be tricked into using weak encryption. You should update your browser.


    With Firefox I get the same results as with safepay. But I am using an older version of Firefox and therefore only with Sandboxie.

  • 100
    100
    edited June 2015

    Firefox 24.8.1 and Internet Explorer 11 (on Windows 7 x64) are both protected from the LogJam Attack by ESET Smart Security 8 and its SSL scan!


    SSL scan on post-136936-1434387131_thumb.jpg SSL scan off post-136936-1434387162_thumb.jpg

  • Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:


    post-136936-1434328659_thumb.jpg post-136936-1434328683_thumb.jpg


    With Bitdefenders Safepay browser I get always (with and without SSL scan turned on): Warning! Your web browser is vulnerable to Logjam and can be tricked into using weak encryption. You should update your browser.


    With Firefox I get the same results as with safepay. But I am using an older version of Firefox and therefore only with Sandboxie.


    In W7-SP1 with BDIS 2015 and Scan SSL turned on I am showing Firefox 38.0.6 is protected and IE 11.0.9600.17843 Update Versions 11.0.20 (KB3058515) is vulnerable


    In W8.1 with BD W8 Security and Scan SSL turned on I am showing Friefox 38.0.6 is protected and IE 11.0.9600.17842 Update Versions 11.0.20 (KB3058515) is protected


    Another reason I prefer BDW8 Security to BDIS 2015. :)

  • 100
    100
    edited June 2015

    Hm, the difference between BDIS 2015 and BDW8Security ist very interesting. I think/hope, with compatibility update of BDIS 2015 for Win10, the vulnerability will be fixed.


    What is your result for IE11 with BDIS 2015 and its SSL scan turned off on Win7SP1? IE11 should shown as protected (see the second screenshot in my post #5).


    EDIT for my Post #5, because SSL settings are different (visible in the screenshots there)


    from


    Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:


    to


    Hm, with Bitdefender 18.22.0.1521 and SSL scan turned on/off, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:

  • cohbraz
    cohbraz
    edited June 2015
    In W7-SP1 with BDIS 2015 and Scan SSL turned on I am showing Firefox 38.0.6 is protected and IE 11.0.9600.17843 Update Versions 11.0.20 (KB3058515) is vulnerable


    In W8.1 with BD W8 Security and Scan SSL turned on I am showing Friefox 38.0.6 is protected and IE 11.0.9600.17842 Update Versions 11.0.20 (KB3058515) is protected


    Another reason I prefer BDW8 Security to BDIS 2015. :)


    I think this may have more to do with Windows 8.1 than BD. As a test, I just checked IE11 on a machine with 8.1 and no extra protection besides Windows Defender, and it came up as safe.


    EDIT: Nevermind! It looks like BDIS with SSL Scan enabled can cause browsers to be vulnerable. I should have read the thread more carefully.

  • 100
    100
    edited June 2015
    [...] BDIS with SSL Scan enabled can cause browsers to be vulnerable. [...]


    Yes, that's right!

  • Hm, the difference between BDIS 2015 and BDW8Security ist very interesting. I think/hope, with compatibility update of BDIS 2015 for Win10, the vulnerability will be fixed.



    What is your result for IE11 with BDIS 2015 and its SSL scan turned off on Win7SP1? IE11 should shown as protected] (see the second screenshot in my post #5).


    EDIT for my Post #5, because SSL settings are different (visible in the screenshots there)


    from


    to


    Hm, with Bitdefender 18.22.0.1521 and SSL scan turned
    on/off, i get the following results with Internet Explorer 11 on Windows 7 x64 and latest updates on Bitdefender and Windows:


    Protected :)

  • Nesivos
    Nesivos
    edited June 2015
    Yes, that's right!


    Sure seems that way.


    I did have a related problem on another W7-SP1 computer with BDIS 2015. I use https://quick for my home page. With regard to the computer in question with SSL scan turnd on the webpage in question would not load in Friefox. Firefox blocked it as an unsafe. With SSL scan turned off no problem. The problem was this was not happening on my other W7-SP1 computer with BDIS 2015 nor was it happening on my two W8.1 computers with BDW8 Security.


    Anyway I fiddled around with it on the computer that Firefox was blocking the webpage with SSL scan turned on but not blocking it with SSL scan turned off. I did something, unfortunately I can't recall what it was. Then BDIS popped up and said you need to restart your browser to be safe? or something like that. I restarted Firefox and was able to access the webpage in question with SSL scan turned on. It has loaded without any problems since then with SSL Scan turned on in BDIS 2015. Now that I am typing this I recall I had previously had the exact same thing happen on the other W7-SP1 computer with BDIS 2015 and again BDIS popped up asking me to restart Firefox and all has been good since then.

  • 100
    100
    edited June 2015
    I did have a related problem on another W7-SP1 computer with BDIS 2015. I use https://quick for my home page. With regard to the computer in question with SSL scan turnd on the webpage in question would not load in Friefox. Firefox blocked it as an unsafe. With SSL scan turned off no problem.


    [...]


    Then BDIS popped up and said you need to restart your browser to be safe? or something like that. I restarted Firefox and was able to access the webpage in question with SSL scan turned on. [...]


    I think that this was another problem and had to do with the root certificate of Bitdefender in Firefox. There was probably an update of this root certificate.


    To protect against the LogJam attack, Bitdefender has to integrate the patch of OpenSSL.org in its SSL proxy:


    OpenSSL.org has fixed the "LogJam Attack" vulnerability. https://www.openssl.org/news/secadv_20150611.txt


    Maybe it has again to do with the files bdpredir_ssl.dll and bdpredir_ssl_pc.dll (Freak ssl attack) (Klick) of BDIS/BDTS

  • 100
    100
    edited June 2015

    Patched today with update to 18.23.0.1604 (for Internet Explorer and Firefox). Thank you very much!


    Both screenshots are showing the result with SSL-scan turned on:


    post-136936-1435090721_thumb.jpg post-136936-1435090749_thumb.jpg


    But the Safepay browser is still vulnerable.

  • Georgia
    Georgia ✭✭✭

    Hello,


    Safepay is safe against the Logjam attack as well.


    Please update your Bitdefender, then restart the computer to see the changes.

  • 100
    100
    edited July 2015

    Yes, Safepay is now safe against the LogJam attack too.