On Tuesday, October 14, 2014, Google researchers announced the discovery of a vulnerability that affects systems with SSL 3.0 enabled. This vulnerability has been named POODLE (Padding Oracle On Downgraded Legacy Encryption). Details are available at https://www.openssl.org/~bodo/ssl-poodle.pdf.
It has been strongly encouraged to discontinue the use of SSL 3.0.
Info Sources
http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
One reply on “Security News – POODLE Security Vulnerability”
[…] I’ve touched on it here: http://jermsmit.com/security-news-poodle-security-vulnerability/ […]