First published: Wed Oct 15 2014(Updated: )
Bodo Möller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen. References: <a href="http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html">http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html</a> <a href="https://www.openssl.org/~bodo/ssl-poodle.pdf">https://www.openssl.org/~bodo/ssl-poodle.pdf</a>
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Enterprise Linux | =5 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Desktop Supplementary | =5.0 | |
Redhat Enterprise Linux Desktop Supplementary | =6.0 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Supplementary | =5.0 | |
Redhat Enterprise Linux Server Supplementary | =6.0 | |
Redhat Enterprise Linux Server Supplementary | =7.0 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Redhat Enterprise Linux Workstation Supplementary | =6.0 | |
Redhat Enterprise Linux Workstation Supplementary | =7.0 | |
IBM AIX | =5.3 | |
IBM AIX | =6.1 | |
IBM AIX | =7.1 | |
Apple Mac OS X | <=10.10.1 | |
Mageia Mageia | =3.0 | |
Mageia Mageia | =4.0 | |
Novell Suse Linux Enterprise Desktop | =9.0 | |
Novell Suse Linux Enterprise Desktop | =10.0 | |
Novell Suse Linux Enterprise Desktop | =11.0 | |
Novell Suse Linux Enterprise Desktop | =12.0 | |
Novell Suse Linux Enterprise Software Development Kit | =11.0-sp3 | |
Novell Suse Linux Enterprise Software Development Kit | =12.0 | |
Novell Suse Linux Enterprise Server | =11.0-sp3 | |
Novell Suse Linux Enterprise Server Vmware | =11.0-sp3 | |
Novell Suse Linux Enterprise Server | =12.0 | |
openSUSE openSUSE | =12.3 | |
openSUSE openSUSE | =13.1 | |
Fedoraproject Fedora | =19 | |
Fedoraproject Fedora | =20 | |
Fedoraproject Fedora | =21 | |
OpenSSL OpenSSL | =0.9.8 | |
OpenSSL OpenSSL | =0.9.8a | |
OpenSSL OpenSSL | =0.9.8b | |
OpenSSL OpenSSL | =0.9.8c | |
OpenSSL OpenSSL | =0.9.8d | |
OpenSSL OpenSSL | =0.9.8e | |
OpenSSL OpenSSL | =0.9.8f | |
OpenSSL OpenSSL | =0.9.8g | |
OpenSSL OpenSSL | =0.9.8h | |
OpenSSL OpenSSL | =0.9.8i | |
OpenSSL OpenSSL | =0.9.8j | |
OpenSSL OpenSSL | =0.9.8k | |
OpenSSL OpenSSL | =0.9.8l | |
OpenSSL OpenSSL | =0.9.8m | |
OpenSSL OpenSSL | =0.9.8m-beta1 | |
OpenSSL OpenSSL | =0.9.8n | |
OpenSSL OpenSSL | =0.9.8o | |
OpenSSL OpenSSL | =0.9.8p | |
OpenSSL OpenSSL | =0.9.8q | |
OpenSSL OpenSSL | =0.9.8r | |
OpenSSL OpenSSL | =0.9.8s | |
OpenSSL OpenSSL | =0.9.8t | |
OpenSSL OpenSSL | =0.9.8u | |
OpenSSL OpenSSL | =0.9.8v | |
OpenSSL OpenSSL | =0.9.8w | |
OpenSSL OpenSSL | =0.9.8x | |
OpenSSL OpenSSL | =0.9.8y | |
OpenSSL OpenSSL | =0.9.8z | |
OpenSSL OpenSSL | =0.9.8za | |
OpenSSL OpenSSL | =0.9.8zb | |
OpenSSL OpenSSL | =1.0.0 | |
OpenSSL OpenSSL | =1.0.0-beta1 | |
OpenSSL OpenSSL | =1.0.0-beta2 | |
OpenSSL OpenSSL | =1.0.0-beta3 | |
OpenSSL OpenSSL | =1.0.0-beta4 | |
OpenSSL OpenSSL | =1.0.0-beta5 | |
OpenSSL OpenSSL | =1.0.0a | |
OpenSSL OpenSSL | =1.0.0b | |
OpenSSL OpenSSL | =1.0.0c | |
OpenSSL OpenSSL | =1.0.0d | |
OpenSSL OpenSSL | =1.0.0e | |
OpenSSL OpenSSL | =1.0.0f | |
OpenSSL OpenSSL | =1.0.0g | |
OpenSSL OpenSSL | =1.0.0h | |
OpenSSL OpenSSL | =1.0.0i | |
OpenSSL OpenSSL | =1.0.0j | |
OpenSSL OpenSSL | =1.0.0k | |
OpenSSL OpenSSL | =1.0.0l | |
OpenSSL OpenSSL | =1.0.0m | |
OpenSSL OpenSSL | =1.0.0n | |
OpenSSL OpenSSL | =1.0.1 | |
OpenSSL OpenSSL | =1.0.1-beta1 | |
OpenSSL OpenSSL | =1.0.1-beta2 | |
OpenSSL OpenSSL | =1.0.1-beta3 | |
OpenSSL OpenSSL | =1.0.1a | |
OpenSSL OpenSSL | =1.0.1b | |
OpenSSL OpenSSL | =1.0.1c | |
OpenSSL OpenSSL | =1.0.1d | |
OpenSSL OpenSSL | =1.0.1e | |
OpenSSL OpenSSL | =1.0.1f | |
OpenSSL OpenSSL | =1.0.1g | |
OpenSSL OpenSSL | =1.0.1h | |
OpenSSL OpenSSL | =1.0.1i | |
IBM VIOS | =2.2.0.10 | |
IBM VIOS | =2.2.0.11 | |
IBM VIOS | =2.2.0.12 | |
IBM VIOS | =2.2.0.13 | |
IBM VIOS | =2.2.1.0 | |
IBM VIOS | =2.2.1.1 | |
IBM VIOS | =2.2.1.3 | |
IBM VIOS | =2.2.1.4 | |
IBM VIOS | =2.2.1.5 | |
IBM VIOS | =2.2.1.6 | |
IBM VIOS | =2.2.1.7 | |
IBM VIOS | =2.2.1.8 | |
IBM VIOS | =2.2.1.9 | |
IBM VIOS | =2.2.2.0 | |
IBM VIOS | =2.2.2.1 | |
IBM VIOS | =2.2.2.2 | |
IBM VIOS | =2.2.2.3 | |
IBM VIOS | =2.2.2.4 | |
IBM VIOS | =2.2.2.5 | |
IBM VIOS | =2.2.3.0 | |
IBM VIOS | =2.2.3.1 | |
IBM VIOS | =2.2.3.2 | |
IBM VIOS | =2.2.3.3 | |
IBM VIOS | =2.2.3.4 | |
NetBSD NetBSD | =5.1 | |
NetBSD NetBSD | =5.1.1 | |
NetBSD NetBSD | =5.1.2 | |
NetBSD NetBSD | =5.1.3 | |
NetBSD NetBSD | =5.1.4 | |
NetBSD NetBSD | =5.2 | |
NetBSD NetBSD | =5.2.1 | |
NetBSD NetBSD | =5.2.2 | |
NetBSD NetBSD | =6.0 | |
NetBSD NetBSD | =6.0-beta | |
NetBSD NetBSD | =6.0.1 | |
NetBSD NetBSD | =6.0.2 | |
NetBSD NetBSD | =6.0.3 | |
NetBSD NetBSD | =6.0.4 | |
NetBSD NetBSD | =6.0.5 | |
NetBSD NetBSD | =6.0.6 | |
NetBSD NetBSD | =6.1 | |
NetBSD NetBSD | =6.1.1 | |
NetBSD NetBSD | =6.1.2 | |
NetBSD NetBSD | =6.1.3 | |
NetBSD NetBSD | =6.1.4 | |
NetBSD NetBSD | =6.1.5 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 | |
Oracle Database | =11.2.0.4 | |
Oracle Database | =12.1.0.2 | |
=5 | ||
=6.0 | ||
=7.0 | ||
=5.0 | ||
=6.0 | ||
=6.0 | ||
=7.0 | ||
=5.0 | ||
=6.0 | ||
=7.0 | ||
=6.0 | ||
=7.0 | ||
=6.0 | ||
=7.0 | ||
=5.3 | ||
=6.1 | ||
=7.1 | ||
<=10.10.1 | ||
=3.0 | ||
=4.0 | ||
=9.0 | ||
=10.0 | ||
=11.0 | ||
=12.0 | ||
=11.0-sp3 | ||
=12.0 | ||
=11.0-sp3 | ||
=11.0-sp3 | ||
=12.0 | ||
=12.3 | ||
=13.1 | ||
=19 | ||
=20 | ||
=21 | ||
=0.9.8 | ||
=0.9.8a | ||
=0.9.8b | ||
=0.9.8c | ||
=0.9.8d | ||
=0.9.8e | ||
=0.9.8f | ||
=0.9.8g | ||
=0.9.8h | ||
=0.9.8i | ||
=0.9.8j | ||
=0.9.8k | ||
=0.9.8l | ||
=0.9.8m | ||
=0.9.8m-beta1 | ||
=0.9.8n | ||
=0.9.8o | ||
=0.9.8p | ||
=0.9.8q | ||
=0.9.8r | ||
=0.9.8s | ||
=0.9.8t | ||
=0.9.8u | ||
=0.9.8v | ||
=0.9.8w | ||
=0.9.8x | ||
=0.9.8y | ||
=0.9.8z | ||
=0.9.8za | ||
=0.9.8zb | ||
=1.0.0 | ||
=1.0.0-beta1 | ||
=1.0.0-beta2 | ||
=1.0.0-beta3 | ||
=1.0.0-beta4 | ||
=1.0.0-beta5 | ||
=1.0.0a | ||
=1.0.0b | ||
=1.0.0c | ||
=1.0.0d | ||
=1.0.0e | ||
=1.0.0f | ||
=1.0.0g | ||
=1.0.0h | ||
=1.0.0i | ||
=1.0.0j | ||
=1.0.0k | ||
=1.0.0l | ||
=1.0.0m | ||
=1.0.0n | ||
=1.0.1 | ||
=1.0.1-beta1 | ||
=1.0.1-beta2 | ||
=1.0.1-beta3 | ||
=1.0.1a | ||
=1.0.1b | ||
=1.0.1c | ||
=1.0.1d | ||
=1.0.1e | ||
=1.0.1f | ||
=1.0.1g | ||
=1.0.1h | ||
=1.0.1i | ||
=2.2.0.10 | ||
=2.2.0.11 | ||
=2.2.0.12 | ||
=2.2.0.13 | ||
=2.2.1.0 | ||
=2.2.1.1 | ||
=2.2.1.3 | ||
=2.2.1.4 | ||
=2.2.1.5 | ||
=2.2.1.6 | ||
=2.2.1.7 | ||
=2.2.1.8 | ||
=2.2.1.9 | ||
=2.2.2.0 | ||
=2.2.2.1 | ||
=2.2.2.2 | ||
=2.2.2.3 | ||
=2.2.2.4 | ||
=2.2.2.5 | ||
=2.2.3.0 | ||
=2.2.3.1 | ||
=2.2.3.2 | ||
=2.2.3.3 | ||
=2.2.3.4 | ||
=5.1 | ||
=5.1.1 | ||
=5.1.2 | ||
=5.1.3 | ||
=5.1.4 | ||
=5.2 | ||
=5.2.1 | ||
=5.2.2 | ||
=6.0 | ||
=6.0-beta | ||
=6.0.1 | ||
=6.0.2 | ||
=6.0.3 | ||
=6.0.4 | ||
=6.0.5 | ||
=6.0.6 | ||
=6.1 | ||
=6.1.1 | ||
=6.1.2 | ||
=6.1.3 | ||
=6.1.4 | ||
=6.1.5 | ||
=7.0 | ||
=8.0 | ||
=11.2.0.4 | ||
=12.1.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.