POODLE Attack (CVE-2014-3566)

Description

During the scan, Kayran managed to detect a Poodle Attack vulnerability.
The Poodle Attack allow you to retrieve encrypted data sent by the client to a server if the Transport Layer Security being used is SSLv3.

If an attacker interrupts a secure connection between a browser and the website that is using TLSv1.0, and, when the browser retries to establish a connection to the server, it will use the next lower level protocol, once the protocol downgrade is successful, the attacker can exploit the vulnerabilities in SSLv3 to compromise the session.

The POODLE threat is a Man-In-The-Middle type of attack that forces modern clients and servers to downgrade the security protocol to SSLv3 from TLSv1.0 or higher.
This is done by interrupting the “handshake” between the client and server, resulting in the retry of the handshake with earlier protocol versions.

Recommendation

Disable SSLv3 within your web server and/or client (ideally both).
This will make the exploitation of the vulnerability impossible for the attacker.

References

https://marc.info/?l=bugtraq&m=142103967620673&w=2

< Return to all Vulnerabilities

Blue Team

We’ve talked about The Red Team before, but what about The Blue Team? How is this group different from the red one? Why would we

Read More »

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

Read More »

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »