Skip Content

The University of Texas at Arlington
menuMENU
  • Report an Incident
  • Home
  • Security Awareness
  • Policies and Standards
  • Risk Management
  • TX-RAMP
  • Contact Us
search
clear

New SSLv3 Vulnerability

October 15, 2014

Also known as “Poodle”, this vulnerability could allow an attacker to steal web site login information or payment data.

“A vulnerability exists within the SSL version 3.0 protocol… allowing an attacker to hijack and decrypt session cookies that are utilized between a user’s web browser and the web site. This could lead to attackers obtaining enough information to temporarily impersonate web site visitor account logins and/or online payment systems.”

REFERENCES:

Google:

http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html

WIRED:

http://www.wired.com/2014/10/poodle-explained/

SANS:

https://isc.sans.edu/forums/diary/OpenSSL+SSLv3+POODLE+Vulnerability+Official+Release/18827

Information Security Office

Box 19800, Arlington, Texas 76019

Phone 817-272-5487 | Fax 817-272-2612

security@uta.edu

© 2022 The University of Texas at Arlington
Students | Faculty & Staff | Accessibility | Site Policies | Privacy and Legal Notice

Contact the webmaster