You are here
Home > Preporuke > Sigurnosni nedostatak u radu SSLv3 protokola

Sigurnosni nedostatak u radu SSLv3 protokola

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

Advisory ID: cisco-sa-20141015-poodle

Revision 1.0

For Public Release 2014 October 15 17:30 UTC (GMT)

+———————————————————————

Summary
+======

On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVD625YpI1I6i1Mx3AQiVjg//ZLd1JhV/gDndxN6TuH/n/bponB+OJvMh
f+AaQuzXK1s3TiQGUhkZ2ug81EOhy63Rosm8zJfQ0eZwf4sDjoZhxpLm0AKdrTTf
dC47e3Hqde+u2g1mgU+Xcc7V+duv3X0wUjev1/7/GuKL3TwDmyTXwf/MXaKgfkTQ
T0Rd+PfNM6xQK4T4lS0AolEN8AcQDyYPAhkV3iCPyuaBBVP7GEPK75m5MFhAHqas
mgbZ4qQFLDfEF8fY4oMIgsUaEOzoMCsbaqX/SULaU/CDxixo07yx4CaqAcGdGrtd
zOoFNs5wy6amZ7pkyvvKbxkzM2O/i9KkBfMpYEPQZ2ThQa8tzXqOTyBtZXSZBZhY
RTUMMIwcfyrJARq3JxYPELHegTCvs6RE9qsRkVJQQ53arni32PjTckOGwUaHZRjx
y4ZhoMSN8+oGocaPbMBrPqDtqPbFNPcSCCcDNAzYN2lLj7jaodIn60W3jVTWR9Nv
ggM8gURWsRdqV2Br2eIEIJcJ4w8W1YFl3wogLH4u3ktqELEDBKbAkFR5F1T7tbp+
GEaVDxr8Z5jq+mxVSqn02uf3OSbQ0CYJLc/CXOu1NVmjqgNjnXsh29NfUv7R/YUp
6J8xgnQEH9g+/ZfaojwUvgRw2NHrydYiJLwmbjP0Y2WxtDFjAMO2I24+xPCW3Cb2
qRBOFESo42k=
=Gs3Q
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorMarijo Plepelic
Cert idNCERT-REF-2014-10-0017-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa java-1.6.0-sun

Otkriveni su sigurnosni nedostaci u programskom paketu java-1.6.0-sun za operacijski sustav Red Hat. Otkriveni nedostaci potencijalnim napadačima omogućuju utjecaj na...

Close