On 10/15/2014 01:46 AM, Bodo Moeller wrote:
Here's a patch for the OpenSSL 1.0.1 branch that adds support for TLS_FALLBACK_SCSV, which can be used to counter the POODLE attack (CVE-2014-3566; https://www.openssl.org/~bodo/ssl-poodle.pdf).
Note that the CVE identifier was assigned to the SSL 3.0 protocol issue related to CBC padding. The new SCSV does not help with that at all. But that's not a problem: when both parties support TLS, OpenSSL is not vulnerable even if both sides still enable SSL 3.0 for interoperability reasons with other peers.
MITRE has not issued a CVE for the broken fallback behavior because it is not a security vulnerability—it works as designed. This means that the TLS_FALLBACK_SCSV patch currently has no CVE associated with it.
-- Florian Weimer / Red Hat Product Security ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
