SSL 3.0 vulnerability CVE-2014-3566 and POODLE


This vulnerability is a flaw in the protocol design. An attacker that controls the network between the client and the server can interfere with any attempted handshake offering TLS 1.0 or later and force both client and server to use SSL 3.0 protocol instead. They can then use other attack techniques (eg. BEAST attack) to decipher transmitted data.
 
For information on effects on Kerio products, please read THIS PAGE.



Article Number: 1682
Posted: Fri, Oct 17, 2014 2:36 PM
Last Updated: Wed, Apr 1, 2015 8:48 AM
Posted: Vendula Lucakova

Online URL: http://kb.kerio.com/product/kerio-operator/ssl-30-vulnerability-cve-2014-3566-and-poodle-1682.html