Category: Security

Another security vulnerability came to light today, on SSL this time. What: POODLE attack (Padding Oracle On Downgraded Legacy  Encryption) will allow stealing “secure” HTTP cookies (or other bearer  tokens such as HTTP Authorization header contents). Test: If the below command succeeds it means that this vulnerability exists. $ curl -v3 -X HEAD “https://yourwebsite.com” Details […]