Announcements

Security Update: Poodle 2

  Thread closed by the administrator. It is viewable, but not accepting new replies.
  • 1.  Security Update: Poodle 2

    Posted 12-12-2014 11:19:00 PM
    No replies, thread closed.
    The Delphix Security Team has evaluated Poodle 2 and found that we are not vulnerable. 

    Summary of Poodle2 from below article: ..." even though TLS is very strict about how its padding is formatted, it turns out that some TLS implementations omit to check the padding structure after decryption. Such implementations are vulnerable to the POODLE attack even with TLS."

    Delphix is not vulnerable to such attacks.

    For more information please see: https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls">https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls">https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls
    #DemoEnvironment
    #OracleEBS