POODLE, a critical SSL flaw discovered in October that was patched and fixed by webmasters around the world after Google alerted software and hardware vendors, has again made its way and this time the vulnerability affects implementations of the newer Transport Layer Security (TLS) protocol.
POODLE (Padding Oracle On Downgraded Legacy Encryption) flaw, disclosed two months ago by Google security team, allowed attackers to perform Man-in-the-Middle (MitM) attack in order to intercept traffic between a user’s browser and an HTTPS website to decrypt sensitive information, like the user’s authentication cookies.
F5 Networks agrees that their F5 kit is vulnerable to the attack, and believes that A10 should also be releasing updates for patches in coming hours. “Everything less than TLS 1.2 with an AEAD cipher suite is broken“, Google’s Adam Langley notes. “I’m not completely sure that I’ve found every affected vendor but, now that this issue is public, any other affected products should quickly come to light.“
......Being Hacker...... 