Sign in

Scanning for SSL 3.0 -- What is a POODLE attack?

POODLE stands for "Padding Oracle On Downgraded Legacy Encryption" and is a man-in-the-middle exploit which takes advantage of Internet and security software clients' fallback to SSL 3.0.  POODLE exemplifies a vulnerability that succeeds thanks to a mechanism designed for reducing security for the sake of inter-operability. More here.


Transport Layer Security (TLS) is the successor to the Secure Sockets Layer (SSL). It is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message.

TLS is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. The TLS Handshake Protocol allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged. The TLS protocol is based on Netscape's SSL 3.0 protocol; however, TLS and SSL are not inter-operable. The TLS protocol does contain a mechanism that allows TLS implementation to back down to SSL 3.0--and therein lies a problem called POODLE.

If at all possible don't use SSL 3.0 in your network.




Powered by Zendesk