The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enterprise_linux | Redhat | 5 (including) | 5 (including) |
Enterprise_linux_desktop | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_desktop | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_desktop_supplementary | Redhat | 5.0 (including) | 5.0 (including) |
Enterprise_linux_desktop_supplementary | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_server | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_server | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_server_supplementary | Redhat | 5.0 (including) | 5.0 (including) |
Enterprise_linux_server_supplementary | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_server_supplementary | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_workstation | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_workstation | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_workstation_supplementary | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_workstation_supplementary | Redhat | 7.0 (including) | 7.0 (including) |