673 matches found
MS KB3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure (POODLE)
The remote host is missing one of the workarounds referenced in the Microsoft Security Advisory 3009008. If the client registry key workaround has not been applied, any client software installed on the remote host including IE is affected by an information disclosure vulnerability when using SSL...
SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)
The remote host is affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. MitM attackers can decrypt a...
Security changes in Opera 25; the poodle attacks
Security Security changes in Opera 25; the poodle attacks Share October 15th, 2014 So the last weeks have been rather hectic behind the scenes in the browser security world, when Google security group found a new way to exploit a rather well known design weakness in SSLv3 published in the paper...
POODLE SSL 3.0 Attack Exploits Widely-used Web Encryption Standard
Another Heartbleed-like vulnerability has been discovered in the decade old but still widely used Secure Sockets Layer SSL 3.0 cryptographic protocol that could allow an attacker to decrypt contents of encrypted connections to websites. Google's Security Team revealed on Tuesday that the most...
New POODLE SSL 3.0 Attack Exploits Protocol Fallback Issue
A new attack on the SSLv3 protocol, disclosed Tuesday, takes advantage of an issue with the protocol that enables a network attacker to recover the plaintext communications of a victim. The attack is considered easier to exploit than similar previous attacks against SSL/TLS, such as BEAST and...
CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw
Description of Problem The recently disclosed protocol flaw in SSLv3, referred to as CVE-2014-3566 or POODLE, could expose some deployments that support SSLv3 to a risk of an active Man in the Middle MITM attack. A successful attack could lead to the disclosure of the information that is being se...
UBUNTU-CVE-2014-3566
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue...
CVE-2014-3566
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue...
Check Point response to the POODLE Bites vulnerability (CVE-2014-3566)
...
IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)
The version of IBM Domino formerly Lotus Domino installed on the remote host is 9.0.x prior to 9.0.1 Fix Pack 2 FP2. It is, therefore, affected by the following vulnerabilities : - An unspecified error exists related to the TLS implementation and the IBM HTTP server that could allow certain error...
Microsoft Windows Secure Sockets Layer Version 3.0 (CVE-2004-0120)
Secure Socket Layer SSL is a cryptographic protocol that provides security and data integrity for communications over TCP/IP networks. The protocol is considered obsolete and insecure. This protection can detect and prevent connections attempting to use this protocol. In particular, this protecti...
SSL Version 2 and 3 Protocol Detection
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL are affected by several cryptographic flaws, including: - An insecure padding scheme with CBC ciphers. - Insecure session renegotiation and resumption schemes. An attacker can exploit these flaws ...
PT-2014-1693
Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.0.1i OpenSSL through 1.0.1i PAN-OS versions 6.1.1 and earlier PAN-OS versions 6.0.7 and earlier PAN-OS versions 5.1.x and 5.0.x EOS versions 4.12.0 through 4.12.7.1 EOS versions 4.13.0 through 4.13.6 Apple mac os x...