The SSLv3 vulnerability (CVE-2014-3566), commonly known as the POODLE vulnerability, was announced on October 14, 2014. SSLv3 protocol is used to provide security for communications over the Internet.This flaw may allow encrypted information to be exposed by a hacker with access to the network. The vulnerability exists because the block cipher padding is not covered by the message authentication code and exposes users to a potential man-in-the-middle attack.
1. Apply Hotfix
Cyberoam has released Over-The-Air Hotfix for the affected CyberoamOS versions listed below.
For all other CyberoamOS versions, it is recommended to upgrade to the latest CyberoamOS version 10.6.1 Build 810 and then apply the Hotfix.
For all the fixed firmware versions - 10.6.1 Build 810, 756, 736, 631 and 10.6.2 Build 298, 284
1. If following alert is displayed on the Dashboard, reboot the appliance to apply the hotfix: ‘’Need to restart the appliance to apply the hotfix to mitigate SSL3.0 (POODLE) vulnerability.’’The alert will be removed once the patch is applied successfully.
2. If alert is not displayed on the dashboard:
2. Upgrade IPS Signatures
To mitigate the POODLE vulnerability, Cyberoam has released IPS Signature Versions 3.11.92 and 5.11.92 containing the following IPS signatures:
We request all Cyberoam customers to verify and update the version of IPS Signature from the Dashboard.
To check the IPS Signature Version, refer the Web Admin Console Dashboard. By default, the IPS Signatures are updated automatically. It can also be updated manually, for details, refer articleUpgrade IPS Signature Manually.
When the IPS policy with signature is applied through Firewall, all the SSL connections attempting to exploit the said vulnerability will be detected since the default action of the signatures is ‘’Alert’’. To drop all such packets, the administrator can set the default action manually to ‘’Drop’’.
Document Version 1.0 – 12 November, 2014
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.