How to Secure from POODLE SSLv3 Vulnerability (CVE-2014-3566)

Last updated October 15, 2014 by
Security , , , , ,

POODLE (CVE-2014-3566) is an security vulnerability in SSLv3 discovered by Google in September. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. All the websites supporting SSLv3 is vulnerable to POODLE, even if it also supports more recent versions of TLS. Using POODLE a hacker run Man-in-the-middle attacks attacks in your network stream and can steal secure HTTP cookies. This vulnerability has been found in SSLv3. For more information visit openssl security advisory.

poodle-openssl

Fix POODLE (CVE-2014-3566):

The easy and best solution is from preventing POODLE is disabling SSLv3 support from server side.

Apache Users:

Apache users edit your Apache configuration file /etc/httpd/conf.d/ssl.conf and update following values like below after making changes restart Apache service.

SSLProtocol all -SSLv3 -SSLv2

NGINX Users:

All the NGINX users edit your nginx configuration file /etc/nginx/nginx.conf and update following values as below. After updating setting restart nginx service.

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Rahul K.
Rahul K.
Connect on Facebook Connect on Twitter Connect on Google+

I, Rahul Kumar am the founder and chief editor of TecAdmin.net. I am a Red Hat Certified Engineer (RHCE) and working as an IT professional since 2009..

Related Posts

Leave a Reply

All rights reserved. © 2013-2018 TecAdmin.net. This site uses cookies. By using this website you agree our term and services