Packages affected: apache2, dovecot, postfix, vsftpd, lighttpd, proftpd
Don't turn on SSLv2 for the server packages in Ubuntu server. Instead, services would be served using SSLv3 and TLS.
Most services are now only available via TLS or SSLv3, rather than the insecure SSLv2. If you must serve clients which only know SSLv2, you will have to edit some server configuration files.
All or most of our services provide SSLv3 and SSLv2, but most clients first try to connect through SSLv2. Some clients default to SSLv2 because sending an SSLv3 'HALO' to a SSLv2-only server results in failure. If we disable SSLv2, all clients would end up connecting over SSLv3. SSLv2 has lots of security issues and shouldn't be used at all. SSLv2 is disabled by default in Firefox 2+, Internet Explorer 7+ and Opera 9.5+.
- Rick opens up an aging web browser and visits a site served by a default SSL Apache configuration on Ubuntu server. He doesn't know it, but he connects over weak SSLv2 and may be vulnerable to MITM attacks, brute-forcing of a 40-bit MAC, etc.
- Tony opens up his email client and connects to Ubuntu's dovecot and postfix. Ubuntu services offer him SSLv2 encryption by default.
- Configuration files
- Disable SSLv2 by default in configuration files.
- Alternative to custom configuration is compiling OpenSSL without the support for SSLv2
- Would prevent servers from accomodating ancient clients that don't know SSLv3 or TLS without a custom OpenSSL install. But it more effectively blocks SSLv2. Consider this for a future release.
- SSLv2 isn't supported by GnuTLS, so programs linked against it are safe by default - slapd, cups
- Implementation would be only inside configuration files of affected packages.
Once this specification is implemented, testing could be done using common email and web clients, which would connect to Ubuntu encrypted services.