Tripp★ Posted October 17, 2014 Share Posted October 17, 2014 I don't have much information on it but I figured I'd warn people incase they didn't get the message, as I couldn't find it posted on here, and I figured people might like to know about it. If you use SSL you might want to check if you're vulnerable to the bug "POODLE" which affects those that have SSLv3 enabled (https://www.ssllabs.com/ssltest/index.html) Information on POODLE: https://community.centminmod.com/threads/poodle-attacks-on-sslv3-vulnerability.1651/(And you can Google it) Link to comment Share on other sites More sharing options...
ASTRAPI Posted October 17, 2014 Share Posted October 17, 2014 POODLE (Padding Oracle On Downgraded Legacy Encryption) CVE-2014-3566 recommended of implementing TLS_FALLBACK_SCSV in OpenSSL or disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0. Just update to OpenSSL 1.0.1j :smile: Determining Vulnerability: https://www.tinfoilsecurity.com/poodle You can also disable this on your browser: https://zmap.io/sslv3/browsers.html More details for securing your server: https://zmap.io/sslv3/servers.html Link to comment Share on other sites More sharing options...
Grumpy Posted October 19, 2014 Share Posted October 19, 2014 lol my windows update had 24 updates because of this. xD (at least guessing bc of poodle) Link to comment Share on other sites More sharing options...
ASTRAPI Posted October 20, 2014 Share Posted October 20, 2014 Windows always need something more :smile: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.