Poodle: SSL v3 Vulnerability

By | October 15th, 2014|Articles|

Google announced it has uncovered a vulnerability in SSLv3 that could allow a man-in-the-middle javascript attack that compromises encrypted web traffic. The attack targets the lack of padding specification when using a CBC cipher. TLS has an explicit method for padding and is considered safe from this exploit. Since the [...]