K15702: SSLv3 vulnerability CVE-2014-3566

Security Advisory Description A flaw in the design of Secure Socket Layer SSL version 3.0 has been discovered that may allow a network attacker to force a client to negotiate an SSL handshake using SSL version 3.0 ciphers instead of Transport Layer Security TLS version 1.x ciphers. The attacker c...

Important: openssl

Issue Overview: Bodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen...