OpenSSL up to 1.0.0i SSLv3 Downgrade POODLE cryptographic issues

A vulnerability, which was classified as critical, was found in OpenSSL up to 1.0.0i (Network Encryption Software). This affects an unknown part of the component SSLv3 Downgrade Handler. Upgrading to version 0.9.8zc, 1.0.0o or 1.0.1j eliminates this vulnerability. It is possible to mitigate the problem by applying the configuration setting SSLProtocol All -SSLv2 -SSLv3. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published 1 days after the disclosure of the vulnerability.

Field10/15/2014 10:21 AM05/02/2019 05:35 PM
qualys_id8612986129
qualys_titleIBM WebSphere Application Server Multiple Vulnerabilities (swg21697368)-DeprecatedIBM WebSphere Application Server Multiple Vulnerabilities (swg21697368)-Deprecated
msf_idssl_version.rbssl_version.rb
msf_filenamemetasploit-framework/modules/auxiliary/scanner/http/ssl_version.rbmetasploit-framework/modules/auxiliary/scanner/http/ssl_version.rb
msf_titleHTTP SSL/TLS Version Detection (POODLE scanner)HTTP SSL/TLS Version Detection (POODLE scanner)
suricata_id20194152019415
suricata_sigET POLICY SSLv3 inbound connection to server vulnerable to POODLE attackET POLICY SSLv3 inbound connection to server vulnerable to POODLE attack
suricata_classpolicy-violationpolicy-violation
mischttp://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.htmlhttp://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.html
seealso68000 68040 68743 68695 68795 68747 68757 68781 68780 68905 70696 73295 74941 75096 75097 75098 75099 77870 82677 87123 90110 90111 92602 92813 103829 10378268000 68040 68743 68695 68795 68747 68757 68781 68780 68905 70696 73295 74941 75096 75097 75098 75099 77870 82677 87123 90110 90111 92602 92813 103829 103782
cvss2_vuldb_eUU
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
cvss3_vuldb_eUU
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
reaction_days11
0day_days16601660
exposure_days11
cvss3_nvd_basescore6.86.8
smss19.10.201419.10.2014
smss_rank22
typeNetwork Encryption SoftwareNetwork Encryption Software
nameOpenSSLOpenSSL
version1.0.0/1.0.0a/1.0.0b/1.0.0c/1.0.0d/1.0.0e/1.0.0f/1.0.0g/1.0.0h/1.0.0i1.0.0/1.0.0a/1.0.0b/1.0.0c/1.0.0d/1.0.0e/1.0.0f/1.0.0g/1.0.0h/1.0.0i
componentSSLv3 Downgrade HandlerSSLv3 Downgrade Handler
affectedlistWebserver (Apache, nginx, ...) Webbrowser (Google Chrome, Microsoft Internet Explorer, Mozilla Firefox, ...) Mail Server (Sendmail, Postfix, ...) PBX (Asterisk)Webserver (Apache, nginx, ...) Webbrowser (Google Chrome, Microsoft Internet Explorer, Mozilla Firefox, ...) Mail Server (Sendmail, Postfix, ...) PBX (Asterisk)
introductiondate12698208001269820800
cwe310 (cryptographic issues)310 (cryptographic issues)
risk22
popularity8080
historic11
cvss2_vuldb_basescore5.85.8
cvss2_vuldb_tempscore4.34.3
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiNN
cvss2_nvd_aiNN
cvss3_meta_basescore6.86.8
cvss3_meta_tempscore5.95.9
cvss3_vuldb_basescore6.86.8
cvss3_vuldb_tempscore5.95.9
cvss3_nvd_avNN
cvss3_nvd_acHH
cvss3_nvd_prNN
cvss3_nvd_uiNN
cvss3_nvd_sCC
cvss3_nvd_cHH
cvss3_nvd_iNN
cvss3_nvd_aNN
titlewordPOODLEPOODLE
advisoryquoteEncryption in SSL 3.0 uses either the RC4 stream cipher, or a block cipher in CBC mode. (...) The most severe problem of CBC encryption in SSL 3.0 is that its block cipher padding is not deterministic, and not covered by the MAC (Message Authentication Code): thus, the integrity of padding cannot be fully verified when decrypting. Padding by 1 to L bytes (where L is the block size in bytes) is used to obtain an integral number of blocks before performing blockwise CBC (cipher­block chaining) encryptionEncryption in SSL 3.0 uses either the RC4 stream cipher, or a block cipher in CBC mode. (...) The most severe problem of CBC encryption in SSL 3.0 is that its block cipher padding is not deterministic, and not covered by the MAC (Message Authentication Code): thus, the integrity of padding cannot be fully verified when decrypting. Padding by 1 to L bytes (where L is the block size in bytes) is used to obtain an integral number of blocks before performing blockwise CBC (cipher­block chaining) encryption
date1413244800 (10/14/2014)1413244800 (10/14/2014)
locationWebsiteWebsite
typeSecurity AdvisorySecurity Advisory
urlhttp://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.htmlhttp://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.html
identifierThis POODLE Bites: Exploiting The SSL 3.0 FallbackThis POODLE Bites: Exploiting The SSL 3.0 Fallback
person_nameAdam Langley/Bodo Möller/Thai Duong/Krzysztof KotowiczAdam Langley/Bodo Möller/Thai Duong/Krzysztof Kotowicz
confirm_urlhttp://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspxhttp://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx
disputed00
price_0day$5k-$25k$5k-$25k
advisoryquoteThe weakness is the easiest to exploit if there’s an entire block of padding, which (before encryption) consists of L­1 arbitrary bytes followed by a single byte of value L­1The weakness is the easiest to exploit if there’s an entire block of padding, which (before encryption) consists of L­1 arbitrary bytes followed by a single byte of value L­1
nameUpgradeUpgrade
date1413331200 (10/15/2014)1413331200 (10/15/2014)
upgrade_version0.9.8zc/1.0.0o/1.0.1j0.9.8zc/1.0.0o/1.0.1j
config_settingSSLProtocol All -SSLv2 -SSLv3SSLProtocol All -SSLv2 -SSLv3
cveCVE-2014-3566CVE-2014-3566
cve_assigned1400025600 (05/14/2014)1400025600 (05/14/2014)
cve_nvd_published14132448001413244800
cve_nvd_summaryThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
oval_idoval:org.mitre.oval:def:29233oval:org.mitre.oval:def:29233
osvdb113251113251
secunia6182561825
secunia_titleApple iOS Multiple VulnerabilitiesApple iOS Multiple Vulnerabilities
secunia_riskNot CriticalNot Critical
securityfocus7057470574
securityfocus_date1413244800 (10/14/2014)1413244800 (10/14/2014)
securityfocus_classDesign ErrorDesign Error
securityfocus_titleOpenSSL CVE-2014-3566 Man In The Middle Information Disclosure VulnerabilityOpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
sectracker10310291031029
sectracker_date1413331200 (10/15/2014)1413331200 (10/15/2014)
sectracker_causeAccess control errorAccess control error
xforce9701397013
xforce_titleMultiple products SSLv3 protocol information disclosureMultiple products SSLv3 protocol information disclosure
xforce_identifierssl-cve20143566-info-discssl-cve20143566-info-disc
xforce_riskMedium RiskMedium Risk
heise24252502425250
nessus_id8092180921
nessus_nameAmazon Linux AMI : java-1.7.0-openjdk (ALAS-2015-471) (POODLE)Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2015-471) (POODLE)
nessus_filenameoraclelinux_ELSA-2014-1652.nasloraclelinux_ELSA-2014-1652.nasl
nessus_riskCriticalCritical
nessus_familyAmazon Linux Local Security ChecksAmazon Linux Local Security Checks
nessus_typelocallocal
nessus_port00
nessus_date1421971200 (01/23/2015)1421971200 (01/23/2015)
openvas_id6559465594
openvas_filenamegb_CESA-2015_0085_java_centos6.naslgb_CESA-2015_0085_java_centos6.nasl
openvas_titleCentOS Update for java CESA-2015:0085 centos6CentOS Update for java CESA-2015:0085 centos6
openvas_familyCentOS Local Security ChecksCentOS Local Security Checks
cvss3_vuldb_avN
cvss3_vuldb_acH
cvss3_vuldb_prN
cvss3_vuldb_uiN
cvss3_vuldb_sC
cvss3_vuldb_cH
cvss3_vuldb_iN
cvss3_vuldb_aN
company_nameGoogle Security Team
secunia_date1413849600 (10/21/2014)

Do you want to use VulDB in your project?

Use the official API to access entries easily!