Poodle leak CVE-2014-3566
A web session to our systems may be vulnerable if the browser still acccepts SSLv3! Please switch off SSL3 in your browser; we show how to manage.
A new leak named Poodle may allow a vulnerability, if the attacker forces a fallback to an outdated encryption standard. This fallback has to be accepted on both sides, RTU an browser, and can be disabled in your PC.
With a simle test you may check, if your browser supports the fallback to SSLv3. Open page https://www.poodletest.com/ (needs java script). If you see a Springfield Terrier, you are not vulnerable.
With update to setIT V5.003.05 using the new kernel#12 a fallback to an elder release of SSL inside the RTU is disabled.
Additional information to bash
The bug officially was noticed by CVE-2014-3566. Additional information may be found here:
To disable the fallback in Mozilla/Firefox, please open the browser and type "about:config". Modify the variable "security.tls.version.min" to 1.