- Mijn Account
SSL (Secure Sockets Layer) is a protocol used to establish a secure connection between a client and server. SSL 3.0 was introduced in 1996 and is still in wide use by the internet ecosystem (clients and servers). The latest version of this protocol is TLS (Transport Layer Security) 1.2. TLS 1.2 has not been fully adopted in the internet ecosystem as a large number of legacy systems cannot support TLS. Researchers today published a vulnerability with SSL 3.0, POODLE (Padding Oracle On Downgraded Legacy Encryption), that could allow an attacker to decrypt secure cookies sent over a secure connection.
Deze pagina is momenteel niet beschikbaar in uw taal of is opzettelijk alleen in het Engels beschikbaar. Als u deze site in uw taal of behoefte aan aanvullende informatie.
This vulnerability does not affect SSL Certificates. No change to existing SSL Certificates are necessary. Customers should review and update the configuration of their web servers to eliminate this vulnerability.
This affects all servers with SSL 3.0 enabled. Although this is a serious vulnerability, it is not at the scale of Heartbleed or Bash in terms of exposure. Hackers would need to already be in a successful Man-In-The-Middle (MITM) position to take advantage of this vulnerability.
CVE 20143566 SSL 3.0 vulnerability is with the SSL protocol.
SSL Certificates (which the SSL protocol uses to establish a secure connection) are not affected.
Existing SSL Certificates do not need to be replaced.
Organizations should disable SSL 3.0 altogether, or disable SSL 3.0 CBC-mode ciphers.
There is a possibility that an attacker who has network control can force a client and server to negotiate a SSL 3.0 connection by disrupting a proper SSL handshake. To remediate the forced downgrade vulnerability, the proper use of TLS_FALLBACK_SCSV is recommended. However, if SSL 3.0 or CBC-mode ciphers in SSL 3.0 are disabled, the forced downgrade vulnerability is less critical at this point.
Organizations with servers still running SSL 3.0 are those most at risk.
As a server administrator, you should check if your server is configured to allow communications over SSL 3.0, fully disable SSL 3.0, and only enable protocols TLS 1.0 and above.
Server administrators should implement the proper use of TLS_FALLBACK_SCSV to remediate the forced downgrade issue that is part of this vulnerability.
Consumers should disable SSL 3.0 in their browsers.
The uncertainty and lack of technical knowledge regarding this issue in the media may lead to scammers trying to capitalize on this in the form of phishing or malicious spam campaigns.
De producten die wij aanbieden zijn betrouwbaar, van hoge kwaliteit en concurrerend geprijsd. Trustico® bevat geen garantie op risico restituties op onze SSL Certificaat producten. Binnen zeven dagen na de nakoming u om welke reden dan ook verzoeken om een annulering en volledige terugbetaling van uw in aanmerking komend SSL Certificaat product. Onze terugbetalingsgarantie