Certain TLS Implementations Vulnerable to POODLE Attacks

["US-CERT" <US-CERT () ncas us-cert gov>]

NCCIC / US-CERT

National Cyber Awareness System:

Certain TLS Implementations Vulnerable to POODLE Attacks [ 
https://www.us-cert.gov/ncas/current-activity/2014/12/09/Certain-TLS-Implementations-Vulnerable-POODLE-Attacks ] 
12/09/2014 03:20 PM EST 
Original release date: December 09, 2014

A new variant of the POODLE attack may affect some TLS implementations on account of an issue similar to one present in 
SSL 3.0. Successful exploitation may enable actors to derive plaintext from encrypted communications.

US-CERT encourages users and administrators to review TA14-290A [ https://www.us-cert.gov/ncas/alerts/TA14-290A ] for 
additional information on the POODLE attack and apply any necessary updates to address the vulnerability.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]