[stunnel-users] SSLv3 connections vulnerable in my environment?

• Previous message (by thread): [stunnel-users] Trouble after disabling SSLv3 (another one)
• Next message (by thread): [stunnel-users] stunnel service leaves stale connections to rsync on the server side
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
 
I have a pretty standard stunnel server configuration with verify = 2
and clients, that don't speak TLS and can't easily be upgraded to
support TLS. So disabling SSLv3 leads to handshake errors, I need to
leave it enabled for now.
The SSL connection is always renegotiated, a proprietary protocol is
used inside SSL, and clients can be considered safe.
 
Can the poodle security flaw realistically be used by a man in the
middle to decrypt packets send over such an SSLv3 connection?
If so, is there any other way to protect against the attack?

Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20141021/c232ea46/attachment.html>

• Previous message (by thread): [stunnel-users] Trouble after disabling SSLv3 (another one)
• Next message (by thread): [stunnel-users] stunnel service leaves stale connections to rsync on the server side
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]