Thread: poodle - Padding Oracle On Downgraded Legacy Encryption SSL vulnerability
View Single Post
Old 10-30-2014, 08:31 AM   #25
shalym
Wizard
shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.shalym ought to be getting tired of karma fortunes by now.
 
shalym's Avatar
 
Posts: 3,058
Karma: 54671821
Join Date: Feb 2012
Location: New England
Device: PW 1, 2, 3, Voyage, Oasis 2 & 3, Fires, Aura HD, iPad
Quote:
Originally Posted by Lynx-lynx View Post
@shalym that's interesting. When I tested my Firefox (same vers as you) I was vulnerable so I installed the patch and then tested it across the 3 differen testing sites all with the same not vulnerable report.

Maybe you should just install the patch anyway.
Maybe...I know that my IE version came up as vulnerable on the Poodle site, but FF and Chrome did not. I then installed the Microsoft patch for IE, and re-tested, and now all three browsers are showing as not vulnerable.

Maybe I disabled SSL 3.0 in Firefox and Chrome when the vulnerability was first announced, and forgot that I did it?

Shari
shalym is offline   Reply With Quote