SSLv3.POODLE.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure vulnerability in OpenSSL.
The vulnerability is due to an error in the application when it handles maliciously crafted SSLv3 messages. A remote attacker can exploit this to access sensitive information. The signature detects for 200 SSLv3 messages within a span of 10 seconds.
Affected Products
OpenSSL prior to 1.0.1j
OpenSSL prior to 1.0.0o
OpenSSL prior to 0.9.8zc
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor
https://www.openssl.org/news/secadv_20141015.txt
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |