cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 11

FREAK Attack and MWG Proxy

I'm wondering why the FREAK vulnerability is not a topic to discuss. Did I miss something?

The current setup of the MWG shows a vulnerable status.

10 Replies

Re: FREAK Attack and MWG Proxy

Moved to Corporate User Assistance for faster support.

---

Peter

Moderator

Re: FREAK Attack and MWG Proxy

We did discuss this internally and this is the current response from Intel/McAfee regarding FREAK & Business Products:


McAfee Firewall Enterprise (MFE) was vulnerable but was patched on March 4, 2015, with general maintenance hotfix 7.0.1.03.H11.



At this time, Intel Security does not know of any other McAfee products that are affected. Investigation of all McAfee products is ongoing.



I have asked another Moderator for any updates on the matter.

Re: FREAK Attack and MWG Proxy

hi

I have an outstanding Service Request with Corporate Support asking for confirmation on which McAfee products are vulnerable to this exploit.

Ex_Brit has already posted the current response from Intel Security in Post #3 above, but I will chase up on the MWG product.

Regards

Rich

Volunteer Moderator

Certified Product Specialist - ePO

Re: FREAK Attack and MWG Proxy

Hi

The Latest announcement from Intel is:

"The security impact is quite low risk because it is not easy to perform an exploit on this vulnerability and it requires additional exploits and expert know-how:

a) There must be a man-in-the-middle. (Which already requires much effort (e.g. using an additional exploit) on the attacker side.)

b) The downgrade attack must be executed.

c) The RSA key must be broken by brute force (considered as additional exploit) (e.g. on a EC2 cluster; again, expert crypto know-how is needed for that)

Yes, in theory, this all can be done, but in the real world the risk is negligibly small. MWG is vulnerable because of using the vulnerable openSSL library after the analysis. Fix will be released within 2 weeks"

Former Member
Not applicable
Report Inappropriate Content
Message 6 of 11

Re: FREAK Attack and MWG Proxy

Thank you Richard for your reply,

I agree that probably the scriptkiddies will be unable to benefit from this vulnerability, but as we know it's a bad world out there and if there is a hole in the chees the mouse is not far away.

Thank you also for the expected timeframe - good the hear.

Re: FREAK Attack and MWG Proxy

Hi,

I can confirm that en engineering statement has been released reporting the same as above.

Regards

Rich

Volunteer Moderator

Certified McAfee Product Specialist - ePO

Troja
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 8 of 11

Re: FREAK Attack and MWG Proxy

Hi all,

there is a McAfee SNS newsletter available. FREAK vulnerability is fixed in MWG with the latest Releases.

McAfee Web Gateway 7.4.2.8 (Main Release) and McAfee Web Gateway 7.5.1.1 (Controlled Release) are now available.

Both releases include patches for the following Open SSL vulnerabilities:

  • CVE-2015-0204 - FREAK Vulnerability
  • CVE-2014-3569
  • CVE-2014-3570
  • CVE-2014-3571
  • CVE-2014-3572
  • CVE-2014-8275
  • CVE-2015-0205
  • CVE-2015-0206
  • CVE-2015-0209
  • CVE-2015-0286
  • CVE-2015-0287
  • CVE-2015-0288
  • CVE-2015-0289
  • CVE-2015-0293

See the following Security Bulletins for more information on the vulnerabilities:

Web Gateway 7.4.2.8 (Main Release)

In addition to the vulnerability fixes, Web Gateway 7.4.2.8 resolves a number of miscellaneous issues.

Troja
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 9 of 11

Re: FREAK Attack and MWG Proxy

Another Question,

is it possible to define a MWG ruleset to check if a webserver is vulnerable to the FREAK vulnerability.

Hay anyone any infos?

Cheers

Former Member
Not applicable
Report Inappropriate Content
Message 10 of 11

Re: FREAK Attack and MWG Proxy

Today we have installed 7.4.2.9, but this test is still negative:

FREAK Attack: Client Check

Any ideas?

Thanks

Martin

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community