• Home
  • Ubuntu 18.04
    • Whats New?
    • Upgrade Ubuntu
    • Install Java
    • Install Node.js
    • Install Docker
    • Install Git
    • Install LAMP Stack
  • Tutorials
    • AWS
    • Shell Scripting
    • Docker
    • Git
    • MongoDB
  • Funny Tools
  • FeedBack
  • Submit Article
  • About Us
TecAdmin
Menu
  • Home
  • Ubuntu 18.04
    • Whats New?
    • Upgrade Ubuntu
    • Install Java
    • Install Node.js
    • Install Docker
    • Install Git
    • Install LAMP Stack
  • Tutorials
    • AWS
    • Shell Scripting
    • Docker
    • Git
    • MongoDB
  • Funny Tools
  • FeedBack
  • Submit Article
  • About Us

How to Secure from POODLE SSLv3 Vulnerability (CVE-2014-3566)

Written by Rahul, Updated on October 15, 2014

POODLE (CVE-2014-3566) is an security vulnerability in SSLv3 discovered by Google in September. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. All the websites supporting SSLv3 is vulnerable to POODLE, even if it also supports more recent versions of TLS. Using POODLE a hacker run Man-in-the-middle attacks attacks in your network stream and can steal secure HTTP cookies. This vulnerability has been found in SSLv3. For more information visit openssl security advisory.

poodle-openssl

Fix POODLE (CVE-2014-3566):

The easy and best solution is from preventing POODLE is disabling SSLv3 support from server side.

Apache Users:

Apache users edit your Apache configuration file /etc/httpd/conf.d/ssl.conf and update following values like below after making changes restart Apache service.

SSLProtocol all -SSLv3 -SSLv2

NGINX Users:

All the NGINX users edit your nginx configuration file /etc/nginx/nginx.conf and update following values as below. After updating setting restart nginx service.

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Share it!
Share on Facebook
Share on Twitter
Share on LinkedIn
Share on Reddit
Share on Tumblr
Share on Whatsapp
Rahul
Rahul
Connect on Facebook Connect on Twitter

I, Rahul Kumar am the founder and chief editor of TecAdmin.net. I am a Red Hat Certified Engineer (RHCE) and working as an IT professional since 2009..

Leave a Reply Cancel reply

Popular Posts

  • How To Install Python 3.9 on Ubuntu 20.04 5
  • How to Install Python 3.9 on CentOS/RHEL 7 & Fedora 32/31 0
  • How To Install VNC Server on Ubuntu 20.04 1
  • How To Install NVM on macOS with Homebrew 0
  • (Solved) apt-add-repository command not found – Ubuntu & Debian 0
© 2013-2020 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy