Jump to content

Yet another critical SSL Security Flaw... "POODLE"

Recommended Posts

I don't have much information on it but I figured I'd warn people incase they didn't get the message, as I couldn't find it posted on here, and I figured people might like to know about it.

If you use SSL you might want to check if you're vulnerable to the bug "POODLE" which affects those that have SSLv3 enabled (https://www.ssllabs.com/ssltest/index.html)

Information on POODLE: https://community.centminmod.com/threads/poodle-attacks-on-sslv3-vulnerability.1651/(And you can Google it)

Link to comment
Share on other sites

POODLE (Padding Oracle On Downgraded Legacy Encryption) CVE-2014-3566 recommended of implementing TLS_FALLBACK_SCSV in OpenSSL or disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0.

Just update to OpenSSL 1.0.1j :smile:

Determining Vulnerability:


You can also disable this on your browser:


More details for securing your server:

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...