SSL 3.0 Protocol Vulnerability and POODLE Attack | US-CERT
by dervish on Oct.17, 2014, under Security
Systems AffectedAll systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.Some Transport Layer Security (TLS) implementations are also vulnerable to the POODLE attack.
Source: SSL 3.0 Protocol Vulnerability and POODLE Attack | US-CERT
Leave a Reply
You must be logged in to post a comment.