November 4, 2014

How to Fix SSLv3 Vulnerability (POODLE) in Apache and NGINX on CentOS

POODLE (CVE-2014-3566) is an security vulnerability in SSLv3 discovered by Google in September. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. All the websites supporting SSLv3 is vulnerable to POODLE, even if it also supports more recent versions of TLS. Using POODLE a hacker run Man-in-the-middle attacks attacks in your network stream and can steal secure HTTP cookies.

Read complete article here to check how to fix this issue on Apach2(HTTPD)/NGINX Servers on CentOS/RHEL Systems.

Click Here!