Install the latest version of the Metasploit 4 Framework (MSF4) on Ubuntu 11.04 Natty Narwhal using the following commands. This downloads and installs the generic Linux binary which comes bundled with all the necessary components you need for Metasploit to install and run. This should work for most users and is the easiest way to get Metasploit Framework running under Ubuntu and other Debian based Linux distros quickly.
This year may be remembered as the year of the “named” bugs — first Heartbleed, then Shellshock, and now POODLE — another bug surrounding SSL encryption. Unlike standard CVE designations, a vulnerability with a name tends to invoke fear in the heart of systems… although the actual impact of these varies wildly.
Google researchers released details about POODLE yesterday, with technical details hosted at the OpenSSL website. Although these papers are certainly interesting reads, there are only a few things you need to know to protect both yourself and your network assets from POODLE attacks.
First, it’s important to know that POODLE affects SSL 3.0 by allowing a man-in-the-middle attacker to reveal plaintext data in an otherwise encrypted connection. Although this is clearly a major problem, the attack vector is much more difficult to exploit than, say, Heartbleed (which can be exploited by a remote attacker to leak memory from a system) or Shellshock (which can actually run arbitrary code on a vulnerable system).
Protecting yourself (as a user) from POODLE is easy: all you need to do is remove support for SSL 3.0 from your browser (using ssl-version-min=tls1 in Chrome or setting security.tls.version.min to 1 in Firefox). From the server side, Google is currently recommending enabling TLS_FALLBACK_SCSV on web servers.
Fortunately for IT administrators, POODLE’s severity doesn’t approach the criticality of Heartbleed or Shellshock… although it does provide even more reason to have an adequately up-to-date vulnerability management program. Redspin will continue to track this issue, and ensure that the vulnerability is assessed in all of our security assessment engagements.