Jump to content

Poodle SSL exploit


Recommended Posts

  • Staff

Welcome to the forum.


MBAE is designed to detect and block "Remote Code Execution" vulnerability exploits. Poodle is not a remote code execution exploit but rather a weak encryption protocol which can be decrypted by a man in the middle. The best solution against Poodle is for the website owners to turn off compatibility with SSL and rely only on TLS, as most of them have already. Even if your browser still supports SSL, if you browse Facebook, Google, your bank, etc. you are not vulnerable as they have fixed it already on their end.


More information in the MBAE FAQ. Specifically look for questions #4, #5 and #6:


Link to post
Share on other sites

Will a future Anti-Exploit release address the Poodle exploit? I just ran the test mentioned here and it declared my browser vulnerable even though I'm running Anti-Exploit. Thanks.

NGN478, as pbust said, it's not MBAE's piece of cake, to pretect against such kind of exploits.

But if you're using Firefox and want to be not vulnerable, you can always install originating from Mozilla extension (SSL Version Control) allowing you to choose minimum version of TLS by a simple drop-down list in Tools --> Addons or change a preference in about:config (security.tls.version.min), setting it to 1. However in most recent Firefox versions (Mozilla said it's gonna be in 34.0) Firefox doesn't support SSLv3 by default. In most recent Chrome versions (I'm using 39.0.2171.36) it is also turned off and Poodle Test gives a "not vulnerable" result.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.