15 10, 2014

Poodle: SSL v3 Vulnerability

By | 2016-10-24T19:43:26+00:00 October 15th, 2014|Articles|

Google announced it has uncovered a vulnerability in SSLv3 that could allow a man-in-the-middle javascript attack that compromises encrypted web traffic. The attack targets the lack of padding specification when using a CBC cipher. TLS has an explicit method for padding and is considered safe from this exploit. Since the [...]