Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » SSL 3.0 falls in the face of POODLE attack, needs to be disabled

SSL 3.0 falls in the face of POODLE attack, needs to be disabled

2014/10/15

Softpedia - (International) Researchers with Google designed an attack named POODLE that can exploit a flaw in the design of the Secure Sockets Layer 3.0 (SSL 3.0) protocol that can allow the extraction of data from secure connections using the protocol. SSL 3.0 has been superseded by several other protocols but is still used in some clients and servers and as a backup protocol by Web browsers if modern protocols are unavailable.

Source: http://news.softpedia.com/news/SSL-3-0-Falls-In-Face-of-POODLE-Attack-Needs-To-Be-Disabled-462136.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:07