January 17, 2021

TerabitWeb Blog

Fascinating Technology and Security Information

Yet another SSL Vulnerability

1 min read

This SSL 3.0 bug is not quite as dangerous as the Heartbleed.  However, it still can provide information unintended to be seen by the attacker.  POODLE, Padding Oracle On Downgraded Legacy Encryption, was discovered by a Google team and utilizes the compatibility mode of SSL 3.0 with an 18 year old outdated legacy encryption.  This allows communicating with a lesser encryption method, which is now completely outdated but allows an attacker to view a communication between the host and client.  This is only a medium threat, but still a threat.

Here is the article that I am referring to: POODLE exploits SSL 3.0 fallback

Here is a video describing how this actually works.

Copyright © All rights reserved. | Newsphere by AF themes.