This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Disable SSL 3.0 on your servers

4 posts / 0 new

Topic locked

Last post

#1 Tue, 10/14/2014 - 20:15

nibb

Disable SSL 3.0 on your servers

There is a serious security flaw which relies on exploiting the fallback mechanism con the SSL/TLS protocol.

More info written by Google: https://www.openssl.org/~bodo/ssl-poodle.pdf

It is advisable for Virtualmin users to disable the fallback option in their servers.

#2 Wed, 10/15/2014 - 00:11

vincen

Thanks for info but where is the option to disable that ? does it have any consequences ?

Vincèn

#3 Wed, 10/15/2014 - 00:32 (Reply to #2)

taiko

That would be nice

#4 Thu, 10/16/2014 - 14:53

andreychek

Additional details on mitigating this issue on Virtualmin systems are available here:

http://virtualmin.com/node/34811

Topic locked