Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
Tripp★ Posted October 17, 2014 Posted October 17, 2014 I don't have much information on it but I figured I'd warn people incase they didn't get the message, as I couldn't find it posted on here, and I figured people might like to know about it. If you use SSL you might want to check if you're vulnerable to the bug "POODLE" which affects those that have SSLv3 enabled (https://www.ssllabs.com/ssltest/index.html) Information on POODLE: https://community.centminmod.com/threads/poodle-attacks-on-sslv3-vulnerability.1651/(And you can Google it)
ASTRAPI Posted October 17, 2014 Posted October 17, 2014 POODLE (Padding Oracle On Downgraded Legacy Encryption) CVE-2014-3566 recommended of implementing TLS_FALLBACK_SCSV in OpenSSL or disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0. Just update to OpenSSL 1.0.1j :smile: Determining Vulnerability: https://www.tinfoilsecurity.com/poodle You can also disable this on your browser: https://zmap.io/sslv3/browsers.html More details for securing your server: https://zmap.io/sslv3/servers.html
Grumpy Posted October 19, 2014 Posted October 19, 2014 lol my windows update had 24 updates because of this. xD (at least guessing bc of poodle)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.