a security vulnerability in SSLv3 (CVE-2014-3566) that could allow attacks by a process referred to as "padding oracle on downgraded legacy encryption"
Questions tagged [poodle]
6 questions
8
votes
1 answer
How do I disable SSLv3 in an OpenSSH SSH server to avoid POODLE?
In wake of the newly-discovered POODLE vulnerability, I'd like to disable SSLv3 on all of my SSH servers. How do I achieve this with OpenSSH?
drs
- 5,363
- 9
- 40
- 69
7
votes
1 answer
Disable SSLv3 In cURL?
I'm having a problem connecting to a website that is hosted with CloudFlare using cURL. When I try to connect to the website with HTTPS (using curl -v https://www.xxxxxx.com), it says:
* About to connect() to www.xxxxxx.com port 443 (#0)
* Trying…
SameOldNick
- 473
- 2
- 5
- 10
2
votes
2 answers
How to disable SSLv2 and SSLv3 in pure-ftpd
I am running pure-ftpd like this:
/usr/sbin/pure-ftpd -A -c10 -B -C3 -z -D -e -fftp -H -I15 -lpam -L2000:8 -m4 -p30000:30100 -s -u40 -x -r -i -k99 -G -Z -Y1 -J'HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3'
but in syslog-ng monitoring I get an error:
pure-ftpd:…
drpaneas
- 2,222
- 8
- 25
- 35
1
vote
2 answers
Implementing TLS 1.2 when I SSH into a box as a measure against POODLE
Is it possible to edit sshd_config or ssh_config, such that the SSH connection into a machine configured to use TLS1.2 is successful and rejects connections configured to use TLS1.1 and below, as well as SSL3 and below?
Is there any other way to do…
hack
- 13
- 1
- 4
1
vote
2 answers
Still vulnerable after disabling SSLv3
I'm trying to disable SSLv3 to avoid the Poodle problem. I'm using the following instructions as a guidleine: https://access.redhat.com/solutions/1232413
I've applied the following line to my config file:
SSLProtocol All -SSLv2 -SSLv3
and restarted…
Stephen
- 183
- 1
- 7
1
vote
2 answers
OpenSSL 1.0.1j - "POODLE" vulnerability fix (upgrade) on RHEL 6.5
I've got a problem when I upgraded my OpenSSL on RHEL 6.5. The OpenSSL is missing the library libcrypto.so.10. Instead the openssl 1.0.1j created lib is libcrypto.so.1.0.0. I've made a soft link, but it still does not work for other packages using…
hungwar
- 11
- 1
- 2