Thread: poodle - Padding Oracle On Downgraded Legacy Encryption SSL vulnerability
View Single Post
Old 10-30-2014, 01:08 PM   #27
rollei
Addict
rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.rollei ought to be getting tired of karma fortunes by now.
 
Posts: 219
Karma: 1000210
Join Date: Mar 2014
Device: Kobo
Quote:
Originally Posted by shalym View Post
Maybe...I know that my IE version came up as vulnerable on the Poodle site, but FF and Chrome did not. I then installed the Microsoft patch for IE, and re-tested, and now all three browsers are showing as not vulnerable.

Maybe I disabled SSL 3.0 in Firefox and Chrome when the vulnerability was first announced, and forgot that I did it?

Shari
@bookmarked has an excellent link here:
https://scotthelme.co.uk/sslv3-goes-...-off-protocol/

The link has a how-to guide on fixing the SSL3.0 issue. Follow through the guide for Firefox and verify that your settings are the same as the guide (security.tls.version.min = 1).
rollei is offline   Reply With Quote