What IS POODLE: SSLv3 vulnerability?

POODLE stands for Padding Oracle On Downgraded Legacy Encryption. This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack.

Who is affected by this Vulnerability?

POODLE affects older standards of encryption, specifically Secure Socket Layer (SSL) version 3. It is a protocol flaw, not an implementation issue; every implementation of SSL 3.0 suffers from it. This vulnerability affects every piece of software that can be coerced into communicating with SSLv3. This means that any software that implements a fallback mechanism that includes SSLv3 support is vulnerable and can be exploited. Some common pieces of software that may be affected are web browsers, web servers, VPN servers, mail servers, etc.

It does not affect the newer encryption mechanism known as Transport Layer Security (TLS).

Generic Workarounds:

Any of these four solutions avoids the vulnerability.

Prevention steps to be followed for Apache Web Server

Prevention steps to be followed for Windows Server

Prevention steps to be followed onHAProxy Load Balancer

Prevention steps to be followed on Nginx Web Server