{"id":7112,"date":"2014-12-10T10:37:38","date_gmt":"2014-12-10T15:37:38","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=7112"},"modified":"2014-12-10T10:37:38","modified_gmt":"2014-12-10T15:37:38","slug":"researchers-say-poodle-can-be-repurposed-to-attack-tls-10-percent-of-the-servers-vulnerable","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/10\/researchers-say-poodle-can-be-repurposed-to-attack-tls-10-percent-of-the-servers-vulnerable\/","title":{"rendered":"Researchers say Poodle can be repurposed to attack TLS, 10 percent of the servers vulnerable"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.techspot.com\/news\/59103-poodle-attack-tls-10-percent-servers-vulnerable.html\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/12\/2014-06-11.jpg\" alt=\"\" \/><\/a><\/p>\n<p>A couple of months after researchers at Google uncovered POODLE (Padding Oracle On Downgraded Legacy Encryption), a vulnerability in a specific version of the SSL protocol, security firm Qualys has announced that the issue also affects implementations of the TLS protocol.<\/p>\n<p>Poodle allows attackers to compromise the secure connection between a user&#8217;s browser and a website server, allowing them to steal data or launch an attack. Initially, it was believed that the vulnerability affected only SSL v3.0, which is nearly 15 years old at this point, but it has now been discovered that the problem, which arises from an error in the handling of padding, also affects some implementations of TLS.<\/p>\n<p>The Qualys report says that even though TLS is very strict about how its padding is formatted, some of its implementations do not check the padding structure after decryption, making them vulnerable to the attack.<\/p>\n<p>So far, load balancers manufactured by F5 and A10 have found to be vulnerable, which means that the problem is likely to affect some of the most popular web sites in the world, including Bank of America, VMware, Accenture, and more.<\/p>\n<p>According to the security firm&#8217;s most recent SSL Pulse scan, which covers 1 million of the most popular HTTPS-enabled websites, nearly 10 percent of the servers are vulnerable to a Poodle attack against TLS.<\/p>\n<p>F5 has already posted patches for their products, and A10 is also expected to follow suit. Meanwhile, webmasters can check if their servers, or load balancers, are vulnerable by using the Qualys SSL Labs server test.<\/p>\n<p>via <a href=\"http:\/\/www.techspot.com\/news\/59103-poodle-attack-tls-10-percent-servers-vulnerable.html\" target=\"_blank\">Researchers say Poodle can be repurposed to attack TLS, 10 percent of the servers vulnerable &#8211; TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A couple of months after researchers at Google uncovered POODLE (Padding Oracle On Downgraded Legacy Encryption), a vulnerability in a [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,7,9],"tags":[1024,1177],"class_list":["post-7112","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-software","tag-ssl","tag-vulnerabilities"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1QI","jetpack-related-posts":[{"id":6634,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/10\/15\/google-discovers-vulnerability-in-ssl-3-0-dubbed-poodle\/","url_meta":{"origin":7112,"position":0},"title":"Google discovers vulnerability in SSL 3.0 dubbed &#8216;Poodle&#8217;","author":"NCCT","date":"October 15, 2014","format":false,"excerpt":"Google has published details of a vulnerability in the design of SSL version 3.0. The attack, referred to as POODLE (Padding Oracle On Downgraded Legacy Encryption), allows the plaintext of secure connections to be calculated by a network attacker according to a Google blog post on the matter. Despite the\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6713,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/10\/28\/rogue-tor-exit-node-server-added-malware-to-legitimate-downloads\/","url_meta":{"origin":7112,"position":1},"title":"Rogue Tor &#8216;exit node&#8217; server added malware to legitimate downloads","author":"NCCT","date":"October 28, 2014","format":false,"excerpt":"The Tor Project has flagged a server in Russia after a security researcher found it slipped in malware when users were downloading files. Tor is short for The Onion Router, which is software that offers users a greater degree of privacy when browsing the Internet by routing traffic through a\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5681,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/03\/meet-cupid-the-heartbleed-attack-that-spawns-evil-wi-fi-networks\/","url_meta":{"origin":7112,"position":2},"title":"Meet \u201cCupid,\u201d the Heartbleed attack that spawns \u201cevil\u201d Wi-Fi networks","author":"NCCT","date":"June 3, 2014","format":false,"excerpt":"Enlarge \/ A packet capture showing Cupid attacking a wireless network. SysValue \u00a0 \u00a0 It just got easier to exploit the catastrophic Heartbleed vulnerability against wireless networks and the devices that connect to them thanks to the release last week of open source code that streamlines the process of plucking\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/cdn.arstechnica.net\/wp-content\/uploads\/2014\/06\/heartbleed_cupid_img1-640x356.png?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/cdn.arstechnica.net\/wp-content\/uploads\/2014\/06\/heartbleed_cupid_img1-640x356.png?resize=350%2C200 1x, https:\/\/i0.wp.com\/cdn.arstechnica.net\/wp-content\/uploads\/2014\/06\/heartbleed_cupid_img1-640x356.png?resize=525%2C300 1.5x"},"classes":[]},{"id":5958,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/10\/crypto-certificates-impersonating-google-and-yahoo-pose-threat-to-windows-users\/","url_meta":{"origin":7112,"position":3},"title":"Crypto certificates impersonating Google and Yahoo pose threat to Windows users","author":"NCCT","date":"July 10, 2014","format":false,"excerpt":"People using Internet Explorer and possibly other Windows applications could be at risk of attacks that abuse counterfeit encryption certificates recently discovered masquerading as legitimate credentials for Google, Yahoo, and possibly an unlimited number of other Internet properties. A blog post published Tuesday by Google security engineer Adam Langley said\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":7128,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/10\/security-now-485-expensive-lessons\/","url_meta":{"origin":7112,"position":4},"title":"Security Now 485: Expensive Lessons","author":"NCCT","date":"December 10, 2014","format":false,"excerpt":"Hosts: Steve Gibson with Leo Laporte Poodle Bites (again!), TURLA - an APT (Advanced Persistent Threat) targeting Linux, and very expensive lessons learned from Target and Sony's recent security breaches.","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6118,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/04\/is-your-dropcam-live-feed-being-watched-by-someone-else\/","url_meta":{"origin":7112,"position":5},"title":"Is your Dropcam live feed being watched by someone else?","author":"NCCT","date":"August 4, 2014","format":false,"excerpt":"Dropcam, the popular video monitoring camera, bills itself as \u201csuper simple security.\u201d But a pair of researchers plan to show at the Defcon hacking conference later this week how a Dropcam could be a weak point. Patrick Wardle and Colby Moore, both of whom work for security firm Synack, tore\u2026","rel":"","context":"In &quot;Hardware&quot;","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7112","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=7112"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7112\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=7112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=7112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=7112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}