SAE IT-systems
Im Gewerbegebiet Pesch 14 50767 Köln, Deutschland
0221 598080 0221 5980860 DE812996839 Dipl.-Ing Joachim Schuster

Security notifications

Poodle leak CVE-2014-3566

A web session to our systems may be vulnerable if the browser still acccepts SSLv3! Please switch off SSL3 in your browser; we show how to manage.

A new leak named Poodle may allow a vulnerability, if the attacker forces a fallback to an outdated encryption standard. This fallback has to be accepted on both sides, RTU an browser, and can be disabled in your PC.

With a simle test you may check, if your browser supports the fallback to SSLv3. Open page https://www.poodletest.com/ (needs java script).  If you see a Springfield Terrier, you are not vulnerable.

With update to setIT V5.003.05 using the new kernel#12 a fallback to an elder release of SSL inside the RTU is disabled.

Additional information to bash

The bug officially was noticed by CVE-2014-3566. Additional information may be found here:

https://www.openssl.org/~bodo/ssl-poodle.pdf

https://technet.microsoft.com/en-us/library/security/3009008

To disable the fallback in Mozilla/Firefox, please open the browser and type "about:config". Modify the variable "security.tls.version.min" to 1.

Picture credits:
© https://www.poodletest.com/

Images

Kontakt

SAE IT-systems GmbH & Co. KG
Im Gewerbegebiet Pesch 14
50767 Cologne, Germany

Phone: +49 221 / 59 808-0
Fax: +49 221 / 59 808-60
E-Mail: info( at )sae-it.de

Hotline
Do you have technical problems?
Don't hesitate to contact us!

Phone: +49 221 / 59 808-55
E-Mail: service( at )sae-it.de

Contact Form

May we help you?
Do you have a question, like to get further information or just speak your mind?
*=mandatory

Repair application
If you want to report a faulty or damaged component, please use our repair application.

If you have questions, please contact our Repair and Service department: +49 221/59808-55

Top