VerifyIT

VerifyIT

Skip to content

Home
# SERVICES
^ BLOG
- Hardening
  - Browsers
    - Google Chrome
    - Internet Explorer
  - Cloud
    - Azure
  - Databases
    - DB2
    - MS SQL
    - MySQL
    - Oracle
  - Operating Systems
  - Webservers
    - Apache
    - IIS
- Compliance Scanning
- Monitoring
- Vulnerability Scanning
  - Nessus
  - Nikto
  - OpenVas
- Penetration Testing
* LOCATION
$CHARITY

MS KB3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure (POODLE)

Nessus Output

The workaround to disable SSL 3.0 for all server software installed on
the remote host has not been applied.

The workaround to disable SSL 3.0 for all client software installed on
the remote host has not been applied.

Fix for standalone Windows systems.

Disable SSL 3.0 in Windows For Server Software

 REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server" /f /v "Enabled"  /t REG_DWORD /d 0x0

REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server" /f /v "Enabled" /t REG_DWORD /d 0x0

Disable SSL 3.0 in Windows For Client Software

REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client" /f /v "Enabled"  /t REG_DWORD /d 0x0

REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client" /f /v "Enabled" /t REG_DWORD /d 0x0

Fix via Group Policy

References

http://technet.microsoft.com/en-us/security/advisory/3009008
https://support.microsoft.com/en-us/kb/245030
http://www.nessus.org/u?0c60701b
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Share this:

LinkedIn
Twitter
Facebook
Email
WhatsApp
Print
Telegram
Skype
More

Pinterest
Reddit
Tumblr
Pocket

This entry was posted in Audit, Compliance Scanning, Hardening, Nessus, Vulnerability Scanning, Windows on May 2, 2016 by webmaster.

Post navigation

← MS KB2960358: Update for Disabling RC4 in .NET TLS Microsoft Windows SMB Registry : Winlogon Cached Password Weakness →

Search for:

Partners

Top Posts

Configure the 'SSL Cipher Suite Order' Group Policy Setting
Link-Local Multicast Name Resolution (LLMNR) Detection
Read .nessus file into Excel (with Power Query)
Identify failed credentialed scans in Nessus / Security Center
Nonexistent Page (404) Physical Path Disclosure
The X-XSS-Protection header is not defined
MS15-011: Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
MS KB3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure (POODLE)
SSL Version 2 and 3 Protocol Detection
Hardening IIS

Recent Posts

Samba Exploits January 23, 2018
Uploading / Downloading Files January 21, 2018
OS Fingerprinting October 14, 2017
Scanning udp port 1434 SQL Browser October 12, 2017
Mount Windows share from Linux October 12, 2017
UDP port Scanning October 11, 2017
Privilege Escalation October 8, 2017
Reverse Shells October 8, 2017
Verify Permissions on files (Windows) May 1, 2017
PASSWORD_COMPLEXITY_UNSUPPORTED_ON_AGENT February 24, 2017

Categories

Proudly powered by WordPress