[SR-Users] Susceptibility to POODLE Vulnerability?

Varghese Paul varghesepaul87 at gmail.com
Fri Oct 31 09:43:42 CET 2014 

HI all,

Can anyone tell any phones or browser (WSS) that only supports SSLv3
and have no support of TLS?

Regards

Varghese Paul

On Tue, Oct 21, 2014 at 8:04 PM, Daniel-Constantin Mierla <miconda at gmail.com
> wrote:

> As we had a note about sslv2 not being recommended when security is
> wanted, I put the same note for sslv3. It could be useful for new comers
> in the field.
>
> Cheers,
> Daniel
>
> On 21/10/14 08:34, Olle E Johansson wrote:
> >
> >
> > Rainer Piper skrev 2014-10-21 08:30:
> >> Am 21.10.2014 um 08:20 schrieb Olle E Johansson:
> >>>
> >>>>>
> >>>>> !!! *a warning **that the use of SSLv3 **susceptibility to POODLE
> >>>>> Vulnerability* !!!
> >>>>>
> >>> Well, since Poodle requires a web browser and java script we're not in
> >>> danger from a Poodle attack. Even so, we are not enabling SSL by
> >>> default, only enabling TLS. All versions of SSL are too old to be
> >>> secure. We can not add a warning text for every possible attack,
> >>> but have published information on twitter, facebook, G+ and
> >>> on the mailing lists.
> >>>
> >>> Are we aware of any phones or SIP servers that only supports SSLv3
> >>> and have no support of TLS?
> >>>
> >>> /O
> >>>
> >
> >>
> >> source: http://downloads.asterisk.org/pub/security/AST-2014-011.html
> >>
> >> you have to force asterisk to do TLSv1
> >> the defaults settings allowing a SSLv3/SSLv2 fallback.
> >
> > Yes, I am aware of that (and took part in the process). It's the same
> > as what Kamailio does if you check the default configuration.
> >
> > As a second step we will have to modify our defaults in the code (like
> > Asterisk).
> >
> > /O
> >
> > _______________________________________________
> > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> > sr-users at lists.sip-router.org
> > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
> --
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20141031/e60dff76/attachment.html>

More information about the sr-users mailing list