Home   Company   Solutions   Products   Sales   Services   Support
  Press Central

Santa Ana, CA, Nov.9, 2009 - CAI Networks has announced new WebMux firmware stops MITM attack on HTTPS web servers.

On November 5, 2009, Marsh Ray and Steve Dispensa publically disclosed the possibility of having MITM(Man In The Middle) attackes on web servers using HTTPS/TLS protocol. At the same day, published a fix for their OpenSSL software. CAI Networks, Inc. immediately worked out a solution for its customers. A new firmware has made available immediately to all current customers to address this issue.

SSL and TLS is a critical part of all business transactions. Any web site using encryption is affected by this SSL/TLS vulnerability. HTTP servers will, both IIS and Apache under certain condition, replay the man-in-the-middle inserted arbitrary prefix in the new authentication context. If the attacker can cause the server to renegotiate its SSL session, the attacker will be able to subsitute the real client information with faked data, while both the client and server still believing their communication secure.

There is no easy way to fix this bug on the server, if the server hosts more than one ciphers. CAI Networks, Inc.'s fix is based on the fix from OpenSSL. It basically disables SSL renegotiation, let WebMux terminate the SSL traffic and send only clear traffic to the HTTP servers. WebMux with this SSL patch firmware will stop the SSL renegotiation. If that is not desired behavior, we can load the firmware without this fix instead. Each WebMux allows up to 32 certificates being used for 32 totally different domains. OpenSSL is currently working on a TLS extension. We will keep our firmware updated with all the new changes and extension accordingly.

WebMux′s security update is in all new WebMux currently shipping. It is also available to customers with WebMux under warranty and support contract as a firmware update. Customers with out of warranty units can have its firmware updated for a fee.

About CAI Networks, Inc.

Founded in 1987, CAI Networks ( specializes in Internet appliances and Internet server reliability solutions and is a leading provider of IP load balancers. CAI has its engineering and sales offices in Southern California. WebMux is installed worldwide by businesses, government agencies, and ISPs to maintain the reliability and availability of websites, portals, and web-based applications. CAI Networks is a member of the Microsoft and Oracle partner networks.


CAI, DnsMux, and WebMux are trademarks of CAI Networks, Inc. Oracle is a registered trademark of Oracle and/or its affiliates.

For more information, please contact:

CAI Networks, Inc.

Copyright © 2009 CAI Networks, Inc.


Contact us   Jobs   Press   Privacy   Terms of use
Copyright © 1987-2009 CAI Networks, Inc. Copyright © 1998-2000 Red Hill Networks, Inc. All rights reserved.