[OpenVPN-NL] Security advisory - POODLE
Steffan Karger
steffan.karger at fox-it.com
Wed Oct 15 11:05:41 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Summary:
OpenVPN-NL is not vulnerable to the POODLE attack on SSLv3 [1].
Background:
On October 14th 2014, Google released a SSLv3 vulnerability called
'POODLE' [1]. The vulnerability allows an attacker to obtain the
plaintext of connections secured with SSLv3.
OpenVPN-NL is not vulnerable, since OpenVPN-NL never supported SSLv3 or
SSLv3 fallback.
[1]
http://googleonlinesecurity.blogspot.nl/2014/10/this-poodle-bites-exploiting-ssl-30.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJUPjjkAAoJEEEwndWOY1w5CIIH/2vFFL4eCqRn2U6MqPNSUWis
nMMFJpjsKWXc2ItGEGJwYCrPqpGJfJ47NVAfQRO3q+hXg7sgaj7MT+Phyv4+id7Z
535GIMLCXP9WCliUJFYac7665XdfwrmzNcFTFuqrqtfVwBsajMuECasExga/ubuV
GjZ/7cNYOhtfzQcS4JnqcDbWERwqzky0RvkDnaVVFWQqKyuceJBzdIML+iY46+d2
0eAhdn58VZb8LZqYEPZYD/AnRGbR7R1SgGQ58wRMz07fcYyA8x4YxbAzaHztO9Yf
2nuifBGxk/3TX0WKDIQcNbP56gUcAuilfHW7JriqbiAMV6ya5b8lPpGBUbm3xh8=
=pSYZ
-----END PGP SIGNATURE-----
More information about the list-openvpn-nl
mailing list