Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted October 17, 201410 yr I don't have much information on it but I figured I'd warn people incase they didn't get the message, as I couldn't find it posted on here, and I figured people might like to know about it. If you use SSL you might want to check if you're vulnerable to the bug "POODLE" which affects those that have SSLv3 enabled (https://www.ssllabs.com/ssltest/index.html) Information on POODLE: https://community.centminmod.com/threads/poodle-attacks-on-sslv3-vulnerability.1651/(And you can Google it)
October 17, 201410 yr POODLE (Padding Oracle On Downgraded Legacy Encryption) CVE-2014-3566 recommended of implementing TLS_FALLBACK_SCSV in OpenSSL or disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0. Just update to OpenSSL 1.0.1j :smile: Determining Vulnerability: https://www.tinfoilsecurity.com/poodle You can also disable this on your browser: https://zmap.io/sslv3/browsers.html More details for securing your server: https://zmap.io/sslv3/servers.html
October 19, 201410 yr lol my windows update had 24 updates because of this. xD (at least guessing bc of poodle)
Archived
This topic is now archived and is closed to further replies.