Описание
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| arora | unfixed | package | ||
| bouncycastle | not-affected | package | ||
| chromium-browser | fixed | 39.0.2171.71-1 | package | |
| chromium-browser | end-of-life | wheezy | package | |
| chromium-browser | end-of-life | squeeze | package | |
| conkeror | unfixed | package | ||
| cyassl | removed | package | ||
| wolfssl | fixed | 3.4.8+dfsg-1 | package | |
| dwb | unfixed | package | ||
| openssl | fixed | 1.0.1j-1 | package | |
| openssl | no-dsa | wheezy | package | |
| openssl | no-dsa | squeeze | package | |
| galeon | unfixed | package | ||
| gnutls26 | removed | package | ||
| gnutls26 | no-dsa | squeeze | package | |
| gnutls26 | no-dsa | wheezy | package | |
| gnutls28 | fixed | 3.3.8-5 | package | |
| kazehakase | unfixed | package | ||
| kdebase | removed | package | ||
| kde-baseapps | unfixed | package | ||
| epiphany-browser | unfixed | package | ||
| haskell-tls | fixed | 1.2.9-2 | package | |
| haskell-tls | no-dsa | wheezy | package | |
| icedove | fixed | 31.3.0-1 | package | |
| icedove | end-of-life | squeeze | package | |
| iceweasel | fixed | 31.2.0esr-2 | package | |
| iceweasel | end-of-life | squeeze | package | |
| matrixssl | removed | package | ||
| matrixssl | no-dsa | squeeze | package | |
| matrixssl | no-dsa | wheezy | package | |
| midori | unfixed | package | ||
| netsurf | fixed | 3.6-1 | package | |
| nss | fixed | 2:3.17.1-1 | package | |
| nss | no-dsa | squeeze | package | |
| nss | no-dsa | wheezy | package | |
| openjdk-6 | fixed | 6b34-1.13.6-1 | package | |
| openjdk-7 | fixed | 7u75-2.5.4-1 | package | |
| openjdk-8 | fixed | 8u40~b04-1 | package | |
| polarssl | fixed | 1.3.9-2 | package | |
| polarssl | no-dsa | squeeze | package | |
| polarssl | no-dsa | wheezy | package | |
| pound | fixed | 2.6-6 | package | |
| pound | no-dsa | squeeze | package | |
| surf | unfixed | package | ||
| tlslite | removed | package | ||
| tlslite | no-dsa | wheezy | package | |
| uzbl | unfixed | package | ||
| erlang | fixed | 1:17.3-dfsg-3 | package | |
| erlang | no-dsa | squeeze | package | |
| erlang | no-dsa | wheezy | package | |
| lighttpd | fixed | 1.4.35-4 | package |
Примечания
http://www.kb.cert.org/vuls/id/BLUU-9PYTFQ
wolfssl actually fixed with the initial upload to unstable after the rename
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1510163
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
Fix is to disable SSLv3 in library or application configurations
Browsers based on webkit (with the exception of Chromium) or khtml are not covered by security support
EPSS
Связанные уязвимости
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
EPSS