Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-expand-tabs-free domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/websitedevait/public_html/wp-includes/functions.php on line 6131
Is your SSL v3 affected by the POODLE attack? | Advanced Internet Technologies

Support

1-877-209-5184

Sales

1-877-404-4149

Is your SSL v3 affected by the POODLE attack?

Sep 12, 2023 | Linux Self Managed

There are a few things you can do to proactively fight against the POODLE SSL v3 vulnerability (CVE-2014-3566). In this instance we will take a look at POODLE vulnerability.

What is POODLE?

Poodle, which stands for Padding Oracle On Downgraded Legacy Encryption, is is a SSL3.0 security vulnerability used to view web browsing, or even control the web sessions entirely. It is recommended that the use of SSL v3 is disabled. More on the vulnterability can be read here:

http://googleonlinesecurity.blogspot.ca/2014/10/this-poodle-bites-exploiting-ssl-30.html

https://www.openssl.org/~bodo/ssl-poodle.pdf

What can you do?

If you are utilizing a vulnerable SSL and you are on our fully managed devices, you can place a ticket requesting to disable SSLv3. While there is a vulnerability, it could also impact users of IE 7.0 and before, and as such, AIT will not currently disable SSLv3 for this purpose.

If you are utilizing a vulnerable SSL and you are a Self managed server, there are steps you can go through to disable SSL v3 through your control panel.

Where can I test my SSL?

This URL is can be utilized to test your SSL v3 version for vulnerabilities.