KelvinSmith
-
Posts
2 -
Joined
-
Last visited
Content Type
Profiles
Forums
Release Notes
Bug Tracker
Help page
Help page-CN
Release Note5
Rules and recruitment
Release Note6
Posts posted by KelvinSmith
-
-
Unfortunately, a lot of services and servers depend on SSL, not just HTTPS sites.
Like: mail servers, SSH, and other business applications use custom port depend on SSL, and they all need to be updates to stop supporting SSLv3.
All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle on Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.
SSLv3 error alert
in Archived General Discussion
Posted
Dinataspace replied at 2015-3-16 19:11
On this March, there is a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker ...
Yeah. The FREAK Attack is latest in cyber vulnerability. After DDoS that lead to Internet slowdown globally, enterprises are under constant strain. Therefore, it becomes important for us to know about FREAK and adopt ways to safeguarding ourselves.