Resolution for POODLE: SSLv3 vulnerability (CVE-2014-3566)

By | October 16, 2014

This vulnerability allows a  attacker to decrypt ciphertext using a padding oracle side-channel attack.

POODLE affects Secure Socket Layer (SSL) version 3.0. It does not affect Transport Layer Security (TLS).

To remediate this vulnerability SSL 3.0 should be disabled

To check if your server is vulnerable

follow the below steps

Make a script file say and copy the contents as seen below


ret=$(echo Q | timeout 5 openssl s_client -connect "${1-`hostname`}:${2-443}" -ssl3 2> /dev/null)
if echo "${ret}" | grep -q 'Protocol.*SSLv3'; then
  if echo "${ret}" | grep -q 'Cipher.*0000'; then
    echo "SSL 3.0 disabled"
    echo "SSL 3.0 enabled"
  echo "SSL disabled or other error"

save and exit


give permissions for the file to execute

#chomd u+x

next run the command for vulnerability check

#./                                                    #note change with your server names.

you will get an output as

ssl 3.0 is enabled

if your server is vulnerable else you will get a output

ssl 3.0 is disabled

if your server is not vulnerable

if you see ssl 3.0 is enabled, follow the below steps

append the ssl.conf file for httpd service(443) with the below command .

sed -i ‘/^SSLProtocol/c\SSLProtocol ALL -SSLv2 -SSLv3’ /etc/httpd/conf.d/ssl.conf

and recheck to see the vulnerability is gone.


Leave a Reply

Your email address will not be published. Required fields are marked *