Displaying 20 results from an estimated 69 matches for "poodle".
Did you mean:
doodle
2014 Oct 19
3
Dovecote 1.2.17 poodle
Hi, how do I protect dovecot 1.2.17 against poodle?
Br
/Marc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141019/b4152487/attachment-0001.si...
2015 Jul 08
2
Samba 4 - disabling SSLv3 to mitigate POODLE effects
Good Day All
Sorry if this is a repeated email, but I need some information about how to
disable SSL on a Samba4.2.2 AD domain controller as the nessus scanner is
reporting the POODLE vulnerability and we are not allowed to have any of
that in our environment.
the nessus scan reports poodle vulnerability on all these ports:
443, 636, 3269
I had a look at previous posts but couldn't find a definitive answer
any help is highly appreciated.
Thank you
______________________...
2015 Jul 08
2
Samba 4 - disabling SSLv3 to mitigate POODLE effects
...2815. Registered Office: IBM House, Shelbourne Road, Ballsbridge, Dublin 4
(Embedded image moved to file: pic57151.gif)
From: "Kelvin Yip" <kelvin at icshk.com>
To: <samba at lists.samba.org>
Date: 08/07/2015 10:12
Subject: Re: [Samba] Samba 4 - disabling SSLv3 to mitigate POODLE
effects
Sent by: samba-bounces at lists.samba.org
I have file a bug and modified the source code to make samba4 do not use
SSLV3, but I am not able to make a patch to this.
https://bugzilla.samba.org/show_bug.cgi?id=11076
-----Original Message-----
From: samba-bounces at lists.samba...
2014 Oct 16
1
POODLE on CentOS
The following updates address POODLE on CentOS:
CentOS-5:
http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html
CentOS-6.5:
http://lists.centos.org/pipermail/centos-announce/2014-October/020697.html
CentOS-7:
http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html
Please note that the CentOS...
2015 Jul 09
0
Samba 4 - disabling SSLv3 to mitigate POODLE effects
...Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
On Behalf Of Mario Pio Russo
Sent: Wednesday, July 08, 2015 10:01 PM
To: Kelvin Yip
Cc: samba at lists.samba.org; samba-bounces at lists.samba.org
Subject: Re: [Samba] Samba 4 - disabling SSLv3 to mitigate POODLE effects
Thanks Kelvin
I'm a bit confised tho, is this patch already avaiable? if yes, what is the
parameter that disable ssl into the smb.conf? Maybe the guys from Enterprise
samba have already included the patch into their releases so it's just a
maatter of enabling the flag.
I'm us...
2015 Jul 09
1
Samba 4 - disabling SSLv3 to mitigate POODLE effects
...ublin 4
(Embedded image moved to file: pic12108.gif)
From: "Kelvin Yip" <kelvin at icshk.com>
To: Mario Pio Russo/Ireland/IBM at IBMIE
Cc: samba at lists.samba.org, samba-bounces at lists.samba.org
Date: 09/07/2015 02:55
Subject: Re: [Samba] Samba 4 - disabling SSLv3 to mitigate POODLE
effects
Sent by: "samba" <samba-bounces at lists.samba.org>
No patch available now. Download the source code and modified the source
code yourself, and then compile it.
-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.s...
2014 Oct 20
0
AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
Asterisk Project Security Advisory - AST-2014-011
Product Asterisk
Summary Asterisk Susceptibility to POODLE Vulnerability
Nature of Advisory Unauthorized Data Disclosure
Susceptibility Remote Unauthenticated Sessions
Severity Medium
Exploits Known No...
2014 Oct 20
0
AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
Asterisk Project Security Advisory - AST-2014-011
Product Asterisk
Summary Asterisk Susceptibility to POODLE Vulnerability
Nature of Advisory Unauthorized Data Disclosure
Susceptibility Remote Unauthenticated Sessions
Severity Medium
Exploits Known No...
2015 Jul 08
0
Samba 4 - disabling SSLv3 to mitigate POODLE effects
...gzilla.samba.org/show_bug.cgi?id=11076
-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
On Behalf Of Mario Pio Russo
Sent: Wednesday, July 08, 2015 4:48 PM
To: samba at lists.samba.org
Subject: [Samba] Samba 4 - disabling SSLv3 to mitigate POODLE effects
Good Day All
Sorry if this is a repeated email, but I need some information about how to
disable SSL on a Samba4.2.2 AD domain controller as the nessus scanner is
reporting the POODLE vulnerability and we are not allowed to have any of
that in our environment.
the nessus scan reports po...
2014 Oct 17
1
POODLE and TLSv1
I read this on the RHN commentary respecting cve-2014-3566:
https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/:
. . .
The first aspect of POODLE, the SSL 3.0 protocol vulnerability, has already
been fixed through iterative protocol improvements, leading to the current TLS
version, 1.2. It is simply not possible to address this in the context of the
SSL 3.0 protocol, a pr...
2014 Oct 15
0
Koji/CBS infra and sslv3/Poodle important notification
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
As most of you already know, there is an important SSLv3 vulnerability
(CVE-2014-3566 - see https://access.redhat.com/articles/1232123) ,
known as Poodle.
While it's easy to disable SSLv3 in the allowed Protocols at the
server level (for example SSLProtocol All -SSLv2 -SSLv3 for apache),
some clients are still defaulting to SSLv3, and Koji does that.
We currently have disabled SSLv3 on our cbs.centos.org koji instance,
so if you're a cbs/ko...
2014 Nov 04
2
Samba 4 - disabling SSLv3 to mitigate POODLE effects
Hi all,
Am trying to find a way to disable SSLv3 protocol in smb.conf on Samba4.
I am using the following:
tls enabled = yes
tls keyfile = tls/myKey.pem
tls certfile = tls/myCert.pem
tls cafile =
With a self-signed cert.
But when I remote connect from another host using:
openssl s_client -showcerts -connect samba4-dc:636 -ssl3
I get a successful
2014 Oct 16
1
CESA-2014:1652 Important CentOS 6 openssl Security Update
...d and release a openssl-1.0.1e-30.el6_6.2.src.rpm as
a zero day update to CentOS-6.6 when that is released as we are currently
building CentOS-6.6 from the released Red Hat Enterprise Linux sources.
Please also note that even after installing this update, further action is
required to mitigate the POODLE issue on CentOS-6. Please see this link for
steps to take and ways to test for both the POODLE and TLS_FALLBACK_SCSV issues.
http://wiki.centos.org/Security/POODLE
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
2014 Oct 16
1
CESA-2014:1652 Important CentOS 6 openssl Security Update
...d and release a openssl-1.0.1e-30.el6_6.2.src.rpm as
a zero day update to CentOS-6.6 when that is released as we are currently
building CentOS-6.6 from the released Red Hat Enterprise Linux sources.
Please also note that even after installing this update, further action is
required to mitigate the POODLE issue on CentOS-6. Please see this link for
steps to take and ways to test for both the POODLE and TLS_FALLBACK_SCSV issues.
http://wiki.centos.org/Security/POODLE
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
2015 Jul 09
4
Contributing to the CentOS wiki
Hello all,
I'd like to contribute to the CentOS wiki. Per these docs[0], I
should email this list with the following information.
Username: DanielFarrell
Contribution subject: Update CBS Koji Poodle patch docs
Contribution location: http://goo.gl/7Oe9QO (CBS HOWTO#Quickstart)
I'd like to make the docs related to patching Koji for the Poodle
exploit[1] generally more clear. For example, it's worth noting the
commit (5b5b7d95) that will need to be included in a release for
the patch ste...
2015 Jan 09
2
dovecot on wheezy, best ssl configuration ?
On 1/9/2015 3:06 AM, Philipp Resch <philipp at devh.de> wrote:
> It seems as if claws mail is preferring SSLv3
And since dovecot is really not affected by the poodle vulnerability, if
you can't upgrade (I believe 2.2 is in the backports repo?), probably
easiest to just reenable SSLv3...
2015 Feb 03
3
Another Fedora decision
...the top of my head:
>
Thank you.
The CentOS wiki pages found by a title page search are:
http://wiki.centos.org/HelpOnConfiguration/SecurityPolicy
http://wiki.centos.org/HowTos/Security
http://wiki.centos.org/Security
http://wiki.centos.org/Security/Heartbleed
http://wiki.centos.org/Security/POODLE
http://wiki.centos.org/Security/Shellshock
with translations for the zh and zh-tw languages.
2010 Feb 05
1
About graphics
...9;m building a graph (barplot) in which the X axis label
disappears.
I tried to use the option mgp of par() and I could not get
the desired result.
Note that want the axis labels horizontally.
caes = c(37,20,19,16,75,103)
names(caes) = c("Pinscher", "Pastor \n Alem?o", "Poodle",
"Rottweiller", "SRD", "Outros")
caess = sort(caes, decreasing=F)
par(mar=c(3, 5.7, 1, 1), mgp=c(4.5, .5, 0), las=1)
barplot(caess, cex.axis=1, cex.names=1, ylab="Ra?as dos
C?es",
xlab="Frequ?ncias", bty='l', col="LightY...
2014 Oct 20
0
Asterisk 1.8.28-cert2, 1.8.31.1, 11.6-cert7, 11.13.1, 12.6.1, 13.0.0-beta3 Now Available (Security Release)
...2, 11.6-cert7, 1.8.31.1,
11.13.1, 12.6.1, and 13.0.0-beta3.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of these versions resolves the following security vulnerability:
* AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
Asterisk is susceptible to the POODLE vulnerability in two ways:
1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their
encrypted connections.
2) The core TLS handling in Asterisk, which is used by the chan_sip channel
driver, Asterisk Manager Inte...
2014 Oct 21
2
Testing "dark" SSL sites
So, with all the hubbub around POODLE and ssl, we're preparing a new load
balancer using HAProxy.
So we have a set of unit tests written using PHPUnit, having trouble
validating certificates. How do you test/validate an SSL cert for a prototype
"foo.com" server if it's not actually active at the IP address that m...