Open ssl security issue(vulnerabilities,ssl v 3 encryption,bug report) #3

 

Poodle Bleed Vulnerability Found in Relateiq.com

 

 

Poodlebleed Issue POC Report :

This vulnerability found by mtk .

What is Poodle Bleed Vulnerability in website?

Ans : A vulnerability in SSL 3.0/ssl v3/ssl v 3 (commonly known as Poodlebleed) could allow information disclosure.  This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and it is not specific to the Windows operating system or PlateSpin products or . PlateSpin servers leverage Microsoft IIS, which implements the SSL 3.0 protocol.

How to Test your Own Website ?

Ans : Goto Poodlebleed.com and test your own website .if there is any vulnerability so fix it as soon as possible.

 

Question is How to fix this SSL v 3 Vulnerabilities , So here is the way :

Disable SSLv3 in web browsers ? Answer is Below

Firefox

• Install the Mozilla add-on called “SSL Version Control”

Or

• Type about:config into the navigation bar and press [Enter]
• Accept the warning and proceed
• Search for tls
• Change the value of security.tls.version.min from 0 to 1 (0 = SSL 3.0; 1 = TLS 1.0)

Chrome

• Upgrade to the latest version of Chrome

Or

• Run Chrome with the following command-line flag: –ssl-version-min=tls1

Internet Explorer

• Go to Settings -> Internet Options -> Advanced Tab -> Uncheck “SSLv3″ under “Security”.

If you wanna ask any question so feel free to comment .