POODLE Vulnerability and the Solution!

Posted on August 22nd, 2016

POODLE stands for Padding Oracle On Downgraded Legacy Encryption. This defenselessness permits a Man-in-the-Middle (MITM) assailant to decode ciphertext utilizing a cushioning prophet side-channel assault.

POODLE influences more established models of encryption, particularly Secure Socket Layer (SSL) variant 3. It doesn’t influence the more up to date encryption component known as Transport Layer Security (TLS).


Frameworks Influenced

All frameworks and applications using the Safe Attachment Layer (SSL) 3.0 with Cipher Block Chaining (CBC) mode ciphers might be vulnerable. Be that as it may, the POODLE assault shows this powerlessness utilizing web programs and web servers, which is a standout amongst the in all probability abuse situations.

Some Transport Layer Security (TLS) usage are likewise powerless against the POODLE assault.



US-CERT knows about an outline powerlessness found in the way SSL 3.0 handles piece figure mode cushioning. The POODLE assault shows how an aggressor can misuse this helplessness to decode and extract data from inside an encoded exchange.



The SSL 3.0 defenselessness originates from the route squares of information are scrambled under a particular sort of encryption calculation inside the SSL convention. The POODLE assault exploits the convention adaptation arrangement highlight incorporated with SSL/TLS to constrain the utilization of SSL 3.0 and afterward influences this new defenselessness to unscramble select substance inside the SSL session. The decoding is done byte by byte and will create an expansive number of associations between the customer and server.

While SSL 3.0 is an old encryption standard and has for the most part been supplanted by TLS, most SSL/TLS usage remain in reverse good with SSL 3.0 to interoperate with legacy frameworks in light of a legitimate concern for a smooth client experience. Regardless of the possibility that a customer and server both backing an adaptation of TLS the SSL/TLS convention suite takes into consideration convention variant transaction (being alluded to as the “downsize move” in other reporting). The POODLE assault influences the way that when a safe association endeavor comes up short, servers will fall back to more seasoned conventions, for example, SSL 3.0. An assailant who can trigger an association disappointment can then drive the utilization of SSL 3.0 and endeavor the new assault.


Two different conditions must be met to effectively execute the POODLE assault:

1) The attacker must have the capacity to control segments of the customer side of the SSL association (changing the length of the info)

2) The attacker must have visibility of the subsequent ciphertext. The most well-known approach to accomplish these conditions would be to go about as Man-in-the-Middle (MITM), requiring an entire separate type of assault to build up that level of access.

These conditions make effective abuse fairly troublesome. Situations that are as of now at above-normal danger for MITM assaults, (for example, open WiFi) expel some of those difficulties.

On December 8, 2014, it was openly reported that a few TLS usages are likewise helpless against the POODLE assault.



The POODLE assault can be utilized against any framework or application that backings SSL 3.0 with CBC mode figures. This influences most current programs and sites, additionally incorporates any product that either references a helpless SSL/TLS library (e.g. OpenSSL) or actualizes the SSL/TLS convention suite itself. By misusing this powerlessness in an imaginable online situation, an assailant can access touchy information went inside the encoded web session, for example, passwords, treats and other confirmation tokens that can then be utilized to acquire complete access to a site (mimicking that client, getting to database content, and so on.).



There is presently no fix for the powerlessness SSL 3.0 itself, as the issue is crucial to the convention; be that as it may, handicapping SSL 3.0 backing in framework/application setups is the most reasonable arrangement as of now accessible.

A portion of the same specialists that found the helplessness likewise built up a fix for one of the essential conditions; TLS_FALLBACK_SCSV is a convention expansion that keeps MITM aggressors from having the capacity to compel a convention minimize. OpenSSL has added support for TLS_FALLBACK_SCSV to their most recent forms and suggest the accompanying redesigns:

1) OpenSSL 1.0.1 clients ought to move up to 1.0.1j.

2) OpenSSL 1.0.0 clients ought to move up to 1.0.0o.

3) OpenSSL 0.9.8 clients ought to move up to 0.9.8zc.


Both customers and servers need to bolster TLS_FALLBACK_SCSV to anticipate minimize assaults. Other SSL 3.0 executions are in all probability additionally influenced by POODLE.


If you need any further assistance please reach our support department.



Leave a Reply