Nmap Development mailing list archives
POODLE vulnerability in TLS not just SSL
From: Jasey DePriest <jrdepriest () gmail com>
Date: Tue, 9 Dec 2014 09:46:27 -0600
With the revelation that the POODLE attack can be used against some implementations of TLS, will the ssl-poodle script be updated to detect vulnerable systems? Qualys SSLLabs already checks for it as POODLE (TLS). References: http://arstechnica.com/security/2014/12/meaner-poodle-bug-that-bypasses-tls-crypto-bites-10-percent-of-websites/ https://isc.sans.edu/forums/diary/POODLE+Strikes+Bites+Again/ https://www.imperialviolet.org/2014/12/08/poodleagain.html https://www.ietf.org/mail-archive/web/tls/current/msg14058.html https://www.ietf.org/mail-archive/web/tls/current/msg14072.html --- Thanks! Jasey DePriest
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- POODLE vulnerability in TLS not just SSL Jasey DePriest (Dec 09)
- Re: POODLE vulnerability in TLS not just SSL Daniel Miller (Dec 09)
- Re: POODLE vulnerability in TLS not just SSL Mariusz Ziulek (Dec 21)
- Re: POODLE vulnerability in TLS not just SSL Daniel Miller (Dec 09)