SSL Poodle

What is Poodle Vulnerability ?

Poodle(Padding Oracle On Downgraded Legacy Encryption) is a cryptographic design vulnerability. Vulnerability caused by undecided padding bits of SSLv3 and using identification after decryption.

With this vulnerability, for each byte, an attacker could successfully decrypt SSLv3 encrypted traffic with a probability of 1/256. So an average of 256 * N attempts are required to decipher a total of N bytes of data.

The most feasible attack vector of vulnerability is the MITM (man in the middle) state. The attacker, which allows the traffic between the client and the server to pass over itself, can interfere with SSL handshaking steps and force SSLv3 to be used in the connection. Of course, the client and server should support SSLv3 as well as the more recent protocols.

An attacker who meets the above conditions will have the chance to decipher the SSLv3 encrypted traffic partially between the client and the server. Some important sections of traffic (eg HTTP cookies) allow extremely dangerous attacks such as session theft.