Difference between revisions of "SSLv3 Vulnerability"
Docs admin (Talk | contribs) (Created page with "Most attacks against SSL modify data as it travels between the client and the server, in order to target weaknesses in specific ciphers. For example, the POODLE attack (CVE-20...") |
Docs admin (Talk | contribs) |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Most attacks against SSL modify data as it travels between the client and the server, in order to target weaknesses in specific ciphers. For example, the POODLE attack (CVE-2014-3566) targets weaknesses in the SSLv3 protocol. | Most attacks against SSL modify data as it travels between the client and the server, in order to target weaknesses in specific ciphers. For example, the POODLE attack (CVE-2014-3566) targets weaknesses in the SSLv3 protocol. | ||
| − | |||
| − | WHM/cPanel and | + | Starting in WHM/cPanel 11.46, there are separate SSL cypher and protocol settings for all services managed by your cPanel server. The SSLv2 and SSLv3 protocols are disabled by default in 11.46. |
| − | |||
| − | + | If your server has not updated to cPanel 11.46, we recommend performing any needed updates and then updating cPanel to the latest version. | |
| − | |||
| − | + | Additional information can be found at the following link: [https://documentation.cpanel.net/display/CKB/How+to+Adjust+Cipher+Protocols https://documentation.cpanel.net/display/CKB/How+to+Adjust+Cipher+Protocols] | |
| − | |||
| − | + | If you have any questions or concerns, please to open a new support ticket within your {{Client Area}}. | |
| − | + | ||
| − | + | ||
Latest revision as of 23:44, 24 November 2014
Most attacks against SSL modify data as it travels between the client and the server, in order to target weaknesses in specific ciphers. For example, the POODLE attack (CVE-2014-3566) targets weaknesses in the SSLv3 protocol.
Starting in WHM/cPanel 11.46, there are separate SSL cypher and protocol settings for all services managed by your cPanel server. The SSLv2 and SSLv3 protocols are disabled by default in 11.46.
If your server has not updated to cPanel 11.46, we recommend performing any needed updates and then updating cPanel to the latest version.
Additional information can be found at the following link: https://documentation.cpanel.net/display/CKB/How+to+Adjust+Cipher+Protocols
If you have any questions or concerns, please to open a new support ticket within your Client Area.
