Researchers have discovered a new vulnerability on Transport layer security named “ALPACA” which is planned to be presented in Black Hat USA 2021.Tweet
A team of researchers from Ruhr University Bochum, Münster University of Applied Sciences, and Paderborn University had identified a new TLS vulnerability named “Application Layer Protocol Content Confusion Attack using which an attackers can redirect traffic from one sub-domain to another leading to be a valid TLS session.
How this can be exploited?
Using this “ALPACA” attack an adversary can steal website’s cookies or perform XSS attack .The study said “the potential consequences to the general ALPACA attack are dependent on the interactions of two unknown protocols, so any number of undesirable behaviors may be possible.”
Is your website / mail server/ ftp vulnerable?
The answer is yes, if below conditions are true:
- Hosted several TLS enabled application servers on same hostname.
- If you used multi-domain Certificates.
- you may be vulnerable if you wild-card certificates.
- If your application servers has exploitable(read as vulnerable) upload, download or any other reflection vectors which may dangerously impact the security posture of the webserver.
Responsible Disclosure Timeline
- 2020-10-20: Initial contact with Eric Rescorla (author of TLS standard, CTO of Mozilla)
- 2020-12-03: Initial contact with OpenSSL.
- 2021-02-02: Initial contact with other TLS library maintainers.
- 2021-02-20: Initial contact with all affected application servers (FTP, Email).
- 2021-03-25: Initial contact with nginx and Apache.
- 2021-06-09: Public disclosure.
-–For more Cyber security news in crisp content . Please follow our site via twitter handle @cyberworkx1