To prevent POODLE (“Padding Oracle On Downgraded Legacy Encryption”) attach which is a man-in-the-middle exploit that takes advantage of SSL3.0 vulnerability it is necessary to disable SSLv3 in your web server configuration.
To check if you are vulnerable to this attack you can use the form on following website:
https://www.digicert.com/help/ Continue reading “Apache: How to Disable the SSL v3 Protocol on Debian”
Easy and dirty solution for your EOL (end of life) Ubuntu 13.04 Raring Ringtail for the Heartbleed / cve-2014-0160?
wget https://launchpad.net/ubuntu/+archive/primary/+files/openssl_1.0.1c-3ubuntu2.7_armhf.deb \ https://launchpad.net/ubuntu/+archive/primary/+files/libssl1.0.0_1.0.1c-3ubuntu2.7_armhf.deb \ https://launchpad.net/ubuntu/+archive/primary/+files/libssl-dev_1.0.1c-3ubuntu2.7_armhf.deb
Continue reading “Fix heartbleed / cve-2014-0160 on ARM Ubuntu 13.04 with packages from 12.04”