S E C U R I T Y

Loading

Details
Stay Up To Date
Parent Checks

  • SSL Vulnerabilities

Need Membership

No

Need Proof Of Ownership

No

Estimate Time (Second)

6

SSL Poodle Detail

Check your SSL/TLS configuration for Poodle vulnerability. Make sure that you are using secure communication that is not breakable.

What is Poodle Vulnerability ?

Poodle(Padding Oracle On Downgraded Legacy Encryption) is a cryptographic design vulnerability. Vulnerability caused by undecided padding bits of SSLv3 and using identification after decryption.

With this vulnerability, for each byte, an attacker could successfully decrypt SSLv3 encrypted traffic with a probability of 1/256. So an average of 256 * N attempts are required to decipher a total of N bytes of data.

The most feasible attack vector of vulnerability is the MITM (man in the middle) state. The attacker, which allows the traffic between the client and the server to pass over itself, can interfere with SSL handshaking steps and force SSLv3 to be used in the connection. Of course, the client and server should support SSLv3 as well as the more recent protocols.

An attacker who meets the above conditions will have the chance to decipher the SSLv3 encrypted traffic partially between the client and the server. Some important sections of traffic (eg HTTP cookies) allow extremely dangerous attacks such as session theft.


Some Advice for Common Problems

There are two ways to prevent from Poodle attack. First one is to completely disabling the SSL 3.0 on the client side and the server side. Alternative method is the implementation of TLS_FALLBACK_SCSV on browser and server side. This will make downgrade attacks impossible.