You probably remember hearing about the POODLE vulnerability back in October when Google engineers first publicly released information about it. POODLE stands for Padding Oracle On Downgraded Legacy Encryption and basically allows for a Man-in-the-Middle (MitM) attack. Originally, it was thought to only affect SSL 3.0, but that is changing as new information is released.
Over at PC World, they have a pretty good write-up that explains what’s happening with the return of POODLE. They wrote:
According to Ivan Ristic, who runs the SSL Labs at security vendor Qualys, about 10 percent of servers monitored by the SSL Pulse project are vulnerable to POODLE attacks through TLS. The SSL Pulse project monitors the HTTPS-enabled sites from the list of top 1 million most visited sites published by Internet statistics firm Alexa—around 151,000 sites in November.
That is quite a few sites that may have continued problems with POODLE even if they stopped using SSL 3.0. According to most reports, the vulnerability found to affect SSL 3.0 back in October may also cause problems with TLS versions up to 1.2. This is definitely something you’re going to want to check out on your network to make sure you’re safe and secure.
Here are some other relevant links that you’ll probably want to check out.
- Security Bulletin: TLS padding vulnerability affects IBM HTTP Server (CVE-2014-8730)
- POODLE Attacks The SSL/TLS Problem
- Microsoft Enables Removal of SSL 3.0 Fallback In IE
- Meaner POODLE bug that bypasses TLS crypto bites 10 percent of websites
- Crypto In The Crosshairs Again
- Zombie POODLE wanders in, cocks leg on TLS
Quite a bit has been written about POODLE again this week, but we’d like to hear from you. Are you having problems with protecting from POODLE attacks or is your network correctly set up and secured? Leave us a comment below and let us know what you think of this problem that has raised its head once again.