CVE-2014-3566 POODLE攻擊明文數據獲取漏洞

From PwnWiki
Revision as of 11:29, 7 April 2021 by Pwnwiki (talk | contribs) (Created page with "==INFO== The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers t...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

INFO

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.


POC

https://github.com/JustYoomoon/Exploit/blob/main/CVE-2014-3566.zip

Retrieved from "https://pwnwiki.com/index.php?title=CVE-2014-3566_POODLE攻擊明文數據獲取漏洞&oldid=1077"