Recently a vulnerability in the SSLv3 protocol was discovered by Google researchers, which allows to decrypt session keys and, as a consequence, read confidential information. Much like the 2011 BEAST attack, this man-in-the-middle attack enforces an SSLv3 connection, although your Browser and the server on the other end may support higher/newer protocols.
Further information:
It is strongly recommended to deactivate SSL 3.0 completely in your Browser and on any server. You can check here, if your server configuration needs to be updated:
NEW You can also bulk check multiple servers.
Until now we found 2063 servers vulnerable to the POODLE attack. The most recent additions to this list are:
Server | Service | letzte Prüfung |
---|---|---|
premierssignes.cslaval.qc.ca
|
https | |
cacti.bingol.edu.tr
|
https | |
uralmash-go.ru
|
https | |
remote.sp-sonnenschutz.de
|
https | |
internal.dchousing.org
|
https | |
internal.dchousing.org
|
https | |
mailfa.com
|
https | |
portalapp.incra.gov.br
|
https | |
nmsrevolution.com
|
https | |
mirador.education.gouv.sn
|
https | |
www.mactaggartthirdfund.org
|
https | |
hneremote.hne-ag.biz
|
https | |
hneremote.hne-ag.biz
|
https | |
hneremote.hne-ag.biz
|
https | |
email.comfone.com
|
https |