{"id":6492,"date":"2014-11-30T07:29:11","date_gmt":"2014-11-30T07:29:11","guid":{"rendered":"https:\/\/dev.railscarma.com\/poodle-ssl-security-threat-explored\/"},"modified":"2022-08-30T07:32:51","modified_gmt":"2022-08-30T07:32:51","slug":"poodle-ssl-sicherheitsbedrohung-untersucht-2","status":"publish","type":"post","link":"https:\/\/www.railscarma.com\/de\/blog\/fachartikel\/poodle-ssl-sicherheitsbedrohung-untersucht-2\/","title":{"rendered":"Poodle \u2013 SSL-Sicherheitsbedrohung untersucht"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"6492\" class=\"elementor elementor-6492\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3800d95d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3800d95d\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-69f90962\" data-id=\"69f90962\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-343fe574 elementor-widget elementor-widget-text-editor\" data-id=\"343fe574\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"text-align: justify;\"><strong>Pudel<\/strong>&nbsp;ist eine Hunderasse mit Beinen, die Zuckerwatte \u00e4hneln. Er ist intelligent und ein fester Bestandteil auf Hundeausstellungen. Selbst die freundlichsten Hunde neigen zum Bei\u00dfen. Jetzt sehen wir alle Arten von Sicherheitswarnungen und Snafus wie Heartbleed und Shell Shock!!! Der neueste Neuzugang ist POODLE.<\/p>\n<p style=\"text-align: justify;\">\n<\/p><p style=\"text-align: justify;\">Alles begann damit, dass ein Team bei Google einen Angriff mit dem Namen entwickelte und testete <strong>PUDEL<\/strong>&nbsp;(Padding Oracle On Downgraded Legacy Encryption), das eine Schwachstelle im Secure Sockets Layer (SSL) Version 3-Protokoll oder kurz SSLv3 aufdeckte.<\/p>\n<p style=\"text-align: justify;\">SSLv3 ist eine veraltete, aber immer noch verwendete Verschl\u00fcsselung sowohl in \u00e4lteren als auch in neuen Webbrowsern. (SSLv3 ist ein 18 Jahre altes Protokoll, das durch das TLS-Protokoll ersetzt wurde)<\/p>\n<p style=\"text-align: justify;\">POODLE versucht, ein Downgrade der Verbindung zwischen Ihrem Webbrowser und dem Server auf SSLv3 zu erzwingen. Der POODLE-Angriff nutzt die in SSL\/TLS integrierte Protokollversionsverhandlungsfunktion aus, um die Verwendung von SSL 3.0 zu erzwingen, und nutzt dann diese neue Schwachstelle aus, um ausgew\u00e4hlte Inhalte innerhalb der SSL-Sitzung zu entschl\u00fcsseln. Die Entschl\u00fcsselung erfolgt Byte f\u00fcr Byte und erzeugt eine gro\u00dfe Anzahl von Verbindungen zwischen Client und Server.<\/p>\n<p style=\"text-align: justify;\"><strong>Wie machen Sie das?<\/strong><\/p>\n<p style=\"text-align: justify;\">Ein Angreifer kann einen JavaScript-Agenten auf einer Website ausf\u00fchren, um den Browser des Opfers dazu zu bringen, Cookies mit HTTPS-Anfragen an diese zu senden&nbsp;<b>https:\/\/xyz.com<\/b>, die vom Browser gesendeten SSL-Datens\u00e4tze abfangen und so \u00e4ndern, dass eine nicht zu vernachl\u00e4ssigende Wahrscheinlichkeit besteht, dass xyz.com den ge\u00e4nderten Datensatz akzeptiert. Wenn der ge\u00e4nderte Datensatz akzeptiert wird, kann der Angreifer ein Byte der Cookies entschl\u00fcsseln. Kekse<\/p>\n<p style=\"text-align: justify;\">TLS 1.0 und neuere Versionen f\u00fchren eine robustere Validierung der entschl\u00fcsselten Daten durch und sind daher nicht anf\u00e4llig f\u00fcr das gleiche Problem. Aber f\u00fcr SSLv3 gibt es keine L\u00f6sung.<\/p>\n<p style=\"text-align: justify;\"><strong>Wie schlimm ist das und wie wirkt sich das auf Sie aus?<\/strong><\/p>\n<p style=\"text-align: justify;\">Sichere Verbindungen verwenden haupts\u00e4chlich TLS (den Nachfolger von SSL). Die meisten Benutzer sind anf\u00e4llig, da Webbrowser und Server auf SSLv3 heruntergestuft werden, wenn es Probleme beim Aushandeln einer TLS-Sitzung gibt. Die meisten SSL\/TLS-Implementierungen bleiben abw\u00e4rtskompatibel mit SSL 3.0, um im Interesse einer reibungslosen Benutzererfahrung mit Legacy-Systemen zu interagieren. Ein Angreifer, der einen Man-in-the-Middle-Angriff durchf\u00fchrt, k\u00f6nnte ein Protokoll-Downgrade auf SSLv3 ausl\u00f6sen und diese Schwachstelle ausnutzen, um eine Teilmenge der verschl\u00fcsselten Kommunikation zu entschl\u00fcsseln und daraus Informationen zu extrahieren. Die POODLE-Schwachstelle funktioniert nur, wenn sowohl der Browser des Clients als auch die Verbindung des Servers SSLv3 unterst\u00fctzen.<\/p>\n<p style=\"text-align: justify;\"><strong>Wie kann ich testen, ob mein Browser anf\u00e4llig ist?<\/strong><\/p>\n<p style=\"text-align: justify;\">Besuchen Sie die Website poodletest.com, um dies zu testen. Wenn Sie einen Pudel sehen, sind Sie gef\u00e4hrdet. Wenn Sie einen Springfield Terrier sehen, sind Sie in Sicherheit.<\/p>\n<p style=\"text-align: justify;\">http:\/\/www.bolet.org\/TestSSLServer\/<br>http:\/\/code.google.com\/p\/sslaudit\/<\/p>\n<p style=\"text-align: justify;\"><strong>Was kann ich tun, um dies zu verhindern? Pudel-Impfung?<\/strong><\/p>\n<p style=\"text-align: justify;\">Deaktivieren Sie als Endbenutzer die SSLv3-Unterst\u00fctzung in Ihrem Webbrowser. Wenn es deaktiviert ist, kann POODLE Ihren Browser NICHT darauf herunterstufen. Um bew\u00e4hrte Sicherheitspraktiken zu f\u00f6rdern, w\u00fcrde ich dringend empfehlen, die h\u00f6chste Version von TLS zu verwenden. F\u00fcr die meisten Browser sollte dies TLS 1.2 sein.<strong><strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\"><strong>Wird dies mein Surferlebnis beeintr\u00e4chtigen?<strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\">Dies wird Auswirkungen auf einige \u00e4ltere Browser haben. Websites, deren Unterst\u00fctzung f\u00fcr SSLv3 bereits eingestellt wurde, werden mit \u00e4lteren Browsern und Betriebssystemen nicht mehr kompatibel sein. Bei alten Browsern wie Internet Explorer 6 unter Windows XP oder \u00e4lteren Versionen wird ein SSL-Verbindungsfehler angezeigt.<\/p>\n<p style=\"text-align: justify;\"><strong>SSL v3<\/strong>&nbsp;wird in zuk\u00fcnftigen Versionen vieler Webbrowser standardm\u00e4\u00dfig deaktiviert sein.<\/p>\n<p style=\"text-align: justify;\"><strong>Wie kann ich dies auf dem Server deaktivieren?<\/strong><\/p>\n<p style=\"text-align: justify;\">CloudFlare gab bekannt, dass es SSLv3 standardm\u00e4\u00dfig auf seinen Servern deaktiviert. So auch viele Dienstleister.<\/p>\n<p style=\"text-align: justify;\">Wenn Sie Apache ausf\u00fchren, nehmen Sie neben den anderen SSL-Anweisungen einfach diese \u00c4nderung in Ihrer Konfiguration vor:<\/p>\n<p style=\"text-align: justify;\">SSL-Protokoll Alle -SSLv2 -SSLv3<\/p>\n<p style=\"text-align: justify;\">Dadurch werden die SSL-Protokollversionen 2 und 3 deaktiviert.<\/p>\n<p style=\"text-align: justify;\"><strong>Wie k\u00f6nnen Entwickler dies verhindern?<\/strong><strong><strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\"><b>.NETZ<\/b><\/p>\n<p style=\"text-align: justify;\">Verwenden Sie die SecurityProtocol-Eigenschaft, um TLS zu aktivieren.<\/p>\n<p style=\"text-align: justify;\">Einzelheiten zur Verwendung der SecurityProtocol-Eigenschaft finden Sie unter:<\/p>\n<p style=\"text-align: justify;\">http:\/\/msdn.microsoft.com\/en-us\/library\/system.net.servicepointmanager.securityprotocol(v=vs.110).as&#8230;<\/p>\n<p style=\"text-align: justify;\">http:\/\/msdn.microsoft.com\/en-us\/library\/system.net.securityprotocoltype(v=vs.110).aspx<\/p>\n<p style=\"text-align: justify;\">Um beispielsweise TLS 1.2 in einer C# .NET-Implementierung zu erzwingen, w\u00fcrden Sie Folgendes verwenden:<\/p>\n<p style=\"text-align: justify;\">System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;<\/p>\n<p style=\"text-align: justify;\"><b>JAVA<\/b><\/p>\n<p style=\"text-align: justify;\">HINWEIS: TLS 1.2 wurde erstmals in JDK 7 unterst\u00fctzt und wird in JDK 8 standardm\u00e4\u00dfig sein: https:\/\/blogs.oracle.com\/java-platform-group\/entry\/java_8_will_use_tls<\/p>\n<p style=\"text-align: justify;\"><strong>Verwenden Sie die Methode SSLContext.getInstance, um TLS zu aktivieren.<\/strong><\/p>\n<p style=\"text-align: justify;\"><strong>Einzelheiten zur Verwendung der SSLContext.getInstance-Methode finden Sie unter:<\/strong><\/p>\n<p style=\"text-align: justify;\">http:\/\/docs.oracle.com\/javase\/7\/docs\/api\/javax\/net\/ssl\/SSLContext.html#getInstance(java.lang.String)<\/p>\n<p style=\"text-align: justify;\">http:\/\/docs.oracle.com\/javase\/7\/docs\/api\/javax\/net\/ssl\/SSLContext.html#getInstance(java.lang.String,&#8230;<\/p>\n<p style=\"text-align: justify;\">http:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/security\/StandardNames.html#SSLContext<\/p>\n<p style=\"text-align: justify;\">Um beispielsweise den Standard-Sicherheitsschichtanbieter zum Aktivieren von TLS zu verwenden, w\u00fcrden Sie Folgendes verwenden:<\/p>\n<p style=\"text-align: justify;\">object = SSLContext.getInstance(\u201cTLS\u201d);<\/p>\n<p style=\"text-align: justify;\"><strong>Um TLS 1.2 zu erzwingen, w\u00e4hrend Sie die Java Secure Socket Extension (JSSE) von Sun verwenden, verwenden Sie Folgendes:<\/strong><\/p>\n<p style=\"text-align: justify;\">object = SSLConnect.getInstance(\u201eTLSv1.2\u201c, \u201eSunJSEE\u201c);<\/p>\n<p style=\"text-align: justify;\"><b>cURL<\/b><strong><strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\">Verwenden Sie die Option CURLOPT_SSLVERSION, um TLS zu aktivieren.<\/p>\n<p style=\"text-align: justify;\">Einzelheiten zur Verwendung der Option CURLOPT_SSLVERSION finden Sie unter:<\/p>\n<p style=\"text-align: justify;\">http:\/\/curl.haxx.se\/libcurl\/c\/CURLOPT_SSLVERSION.html<\/p>\n<p style=\"text-align: justify;\">Um beispielsweise zu erzwingen, dass cURL TLS 1.0 oder h\u00f6her verwendet, w\u00fcrden Sie Folgendes verwenden:<\/p>\n<p style=\"text-align: justify;\">C\/C++\/C#:<\/p>\n<p style=\"text-align: justify;\">curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);<\/p>\n<p style=\"text-align: justify;\">PHP:<\/p>\n<p style=\"text-align: justify;\">curl_setopt($curl_request, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);<\/p>\n<p style=\"text-align: justify;\">In cURL 7.34.0 oder h\u00f6her w\u00fcrden Sie zum Erzwingen von TLS 1.2 Folgendes verwenden:<\/p>\n<p style=\"text-align: justify;\">C\/C++\/C#:<\/p>\n<p style=\"text-align: justify;\">curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);<\/p>\n<p style=\"text-align: justify;\">PHP:<\/p>\n<p style=\"text-align: justify;\">curl_setopt($curl_request, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);<\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.railscarma.com\/de\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>SchienenCarma<\/strong><\/a> Das Team bereitete sich auf den vollst\u00e4ndigen Verteidigungsmodus vor, um alle L\u00fccken zu schlie\u00dfen, die durch diese Schwachstelle offen blieben. Wir haben die erforderlichen Patches auf unsere Anwendungen angewendet, um unsichere SSL\/TLS-Optionen zu deaktivieren.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Verweise<\/strong><\/h3>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/community.developer.authorize.net\/t5\/The-Authorize-Net-Developer-Blog\/Important-POODLE-Information-Updated\/ba-p\/48163\">http:\/\/community.developer.authorize.net\/t5\/The-Authorize-Net-Developer-Blog\/Important-POODLE-Information-Updated\/ba-p\/48163<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/arstechnica.com\/security\/2014\/10\/ssl-broken-again-in-poodle-attack\/\">http:\/\/arstechnica.com\/security\/2014\/10\/ssl-broken-again-in-poodle-attack\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/zmap.io\/sslv3\/\">https:\/\/zmap.io\/sslv3\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.imperialviolet.org\/2014\/10\/14\/poodle.html\">https:\/\/www.imperialviolet.org\/2014\/10\/14\/poodle.html<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/blog.cryptographyengineering.com\/2014\/10\/attack-of-week-poodle.html\">http:\/\/blog.cryptographyengineering.com\/2014\/10\/attack-of-week-poodle.html<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/blog.mozilla.org\/security\/2014\/10\/14\/the-poodle-attack-and-the-end-of-ssl-3-0\/\">https:\/\/blog.mozilla.org\/security\/2014\/10\/14\/the-poodle-attack-and-the-end-of-ssl-3-0\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.theregister.co.uk\/2014\/10\/16\/poodle_analysis\/\">http:\/\/www.theregister.co.uk\/2014\/10\/16\/poodle_analysis\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.theregister.co.uk\/2014\/10\/14\/google_drops_ssl_30_poodle_vulnerability\/\">http:\/\/www.theregister.co.uk\/2014\/10\/14\/google_drops_ssl_30_poodle_vulnerability\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.pcworld.com\/article\/2834015\/security-experts-warn-of-poodle-attack-against-ssl-30.html\">http:\/\/www.pcworld.com\/article\/2834015\/security-experts-warn-of-poodle-attack-against-ssl-30.html<\/a><\/p>\n<p style=\"text-align: justify;\">http:\/\/www.alertlogic.com\/blog\/poodle-man-middle-attack-sslv3\/<\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-290A\">https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-290A<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.openssl.org\/~bodo\/ssl-poodle.pdf\">https:\/\/www.openssl.org\/~bodo\/ssl-poodle.pdf<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.makeuseof.com\/tag\/stop-poodle-from-biting-your-browser\/\">http:\/\/www.makeuseof.com\/tag\/stop-poodle-from-biting-your-browser\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/community.qualys.com\/blogs\/securitylabs\/2014\/10\/15\/ssl-3-is-dead-killed-by-the-poodle-attack\">https:\/\/community.qualys.com\/blogs\/securitylabs\/2014\/10\/15\/ssl-3-is-dead-killed-by-the-poodle-attack<\/a><\/p>\n<h3 style=\"text-align: justify;\"><\/h3>\n<h3 style=\"text-align: justify;\"><strong>Pudel deaktivieren<\/strong><\/h3>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.linode.com\/docs\/security\/security-patches\/disabling-sslv3-for-poodle\">https:\/\/www.linode.com\/docs\/security\/security-patches\/disabling-sslv3-for-poodle<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/askubuntu.com\/questions\/537196\/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566\">http:\/\/askubuntu.com\/questions\/537196\/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566<\/a><\/p>\n<p><a href=\"\/de\/kontaktiere-uns\/\">Nehmen Sie Kontakt mit uns auf.<\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-18abb3a8 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"18abb3a8\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-20ff2b60\" data-id=\"20ff2b60\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-738ca7ed elementor-widget elementor-widget-heading\" data-id=\"738ca7ed\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Abonnieren Sie die neuesten Updates<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3ca92304 elementor-widget elementor-widget-shortcode\" data-id=\"3ca92304\" data-element_type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t\t\t\t<script type=\"text\/javascript\">\n\t\t\t\t\t\tvar gCaptchaSibWidget;\n                        var onloadSibCallbackInvisible = function () {\n\n                            var element = document.getElementsByClassName('sib-default-btn');\n                            var countInvisible = 0;\n                            var indexArray = [];\n                            jQuery('.sib-default-btn').each(function (index, el) {\n                                if ((jQuery(el).attr('id') == \"invisible\")) {\n                                    indexArray[countInvisible] = index;\n                                    countInvisible++\n                                }\n                            });\n\n                            jQuery('.invi-recaptcha').each(function (index, el) {\n                                grecaptcha.render(element[indexArray[index]], {\n                                    'sitekey': jQuery(el).attr('data-sitekey'),\n                                    'callback': sibVerifyCallback,\n                                });\n                            });\n                        };\n\t\t\t\t\t<\/script>\n\t\t\t\t\t                <script src=\"https:\/\/www.google.com\/recaptcha\/api.js?onload=onloadSibCallbackInvisible&render=explicit\" async defer><\/script>\n\t\t\t\t\n\t\t\t<form id=\"sib_signup_form_1\" method=\"post\" class=\"sib_signup_form\" action=\"\">\n\t\t\t\t<div class=\"sib_loader\" style=\"display:none;\"><img\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.railscarma.com\/wp-includes\/images\/spinner.gif\" alt=\"Lader\"><\/div>\n\t\t\t\t<input type=\"hidden\" name=\"sib_form_action\" value=\"subscribe_form_submit\">\n\t\t\t\t<input type=\"hidden\" name=\"sib_form_id\" value=\"1\">\n                <input type=\"hidden\" name=\"sib_form_alert_notice\" value=\"Please fill out this field\">\n                <input type=\"hidden\" name=\"sib_form_invalid_email_notice\" value=\"Your email address is invalid\">\n                <input type=\"hidden\" name=\"sib_security\" value=\"ec95fb1fc4\">\n\t\t\t\t<div class=\"sib_signup_box_inside_1\">\n\t\t\t\t\t<div style=\"\/*display:none*\/\" class=\"sib_msg_disp\">\n\t\t\t\t\t<\/div>\n                                            <div id=\"sib_captcha_invisible\" class=\"invi-recaptcha\" data-sitekey=\"6LdikOAaAAAAAJ6SWrrKVQrtw7TQpQAEnv0HS0G3\"><\/div>\n                    \t\t\t\t\t<p class=\"sib-email-area\">\r\n    <label class=\"sib-email-area\"><\/label>\r\n    <input type=\"email\" class=\"sib-email-area\" name=\"email\" required=\"required\" placeholder=\"E-Mail-Adresse\">\r\n<\/p>\r\n<p class=\"sib-NAME-area\">\r\n    <label class=\"sib-NAME-area\"><\/label>\r\n    <input type=\"text\" class=\"sib-NAME-area\" name=\"NAME\" placeholder=\"Name\">\r\n<\/p>\r\n<p>\r\n    <input type=\"submit\" id=\"invisible\" class=\"sib-default-btn\" value=\"Abonnieren\">\r\n<\/p>\t\t\t\t<\/div>\n\t\t\t<input type=\"hidden\" name=\"trp-form-language\" value=\"de\"\/><\/form>\n\t\t\t<style>\n\t\t\t\tform#sib_signup_form_1 p.sib-alert-message {\n    padding: 6px 12px;\n    margin-bottom: 20px;\n    border: 1px solid transparent;\n    border-radius: 4px;\n    -webkit-box-sizing: border-box;\n    -moz-box-sizing: border-box;\n    box-sizing: border-box;\n}\nform#sib_signup_form_1 p.sib-alert-message-error {\n    background-color: #f2dede;\n    border-color: #ebccd1;\n    color: #a94442;\n}\nform#sib_signup_form_1 p.sib-alert-message-success {\n    background-color: #dff0d8;\n    border-color: #d6e9c6;\n    color: #3c763d;\n}\nform#sib_signup_form_1 p.sib-alert-message-warning {\n    background-color: #fcf8e3;\n    border-color: #faebcc;\n    color: #8a6d3b;\n}\n\t\t\t<\/style>\n\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t  <div class=\"related-post slider\">\r\n        <div class=\"headline\">zusammenh\u00e4ngende Posts<\/div>\r\n    <div class=\"post-list owl-carousel\">\r\n\r\n            <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Kaminari-Juwel\" href=\"https:\/\/www.railscarma.com\/de\/blog\/fachartikel\/kaminari-juwel\/?related_post_from=37277\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"Kaminari-Juwel\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Kaminari-Juwel\" href=\"https:\/\/www.railscarma.com\/de\/blog\/fachartikel\/kaminari-juwel\/?related_post_from=37277\">\r\n        Kaminari-Juwel  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Warum sollte man im Jahr 2026 Ruby on Rails-Entwickler anheuern?\" href=\"https:\/\/www.railscarma.com\/de\/blog\/ror\/warum-sollte-man-ruby-on-rails-entwickler-engagieren\/?related_post_from=30627\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"Warum sollte man im Jahr 2022 Ruby-on-Rails-Entwickler einstellen?\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Warum sollte man im Jahr 2026 Ruby on Rails-Entwickler anheuern?\" href=\"https:\/\/www.railscarma.com\/de\/blog\/ror\/warum-sollte-man-ruby-on-rails-entwickler-engagieren\/?related_post_from=30627\">\r\n        Warum sollte man im Jahr 2026 Ruby on Rails-Entwickler anheuern?  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Bedeutung der Softwarearchitektur in der Entwicklung von Unternehmenssoftware\" href=\"https:\/\/www.railscarma.com\/de\/blog\/ror\/bedeutung-der-softwarearchitektur-bei-der-entwicklung-von-unternehmenssoftware\/?related_post_from=36250\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"Bedeutung der Softwarearchitektur in der Entwicklung von Unternehmenssoftware\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Bedeutung der Softwarearchitektur in der Entwicklung von Unternehmenssoftware\" href=\"https:\/\/www.railscarma.com\/de\/blog\/ror\/bedeutung-der-softwarearchitektur-bei-der-entwicklung-von-unternehmenssoftware\/?related_post_from=36250\">\r\n        Bedeutung der Softwarearchitektur in der Entwicklung von Unternehmenssoftware  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Ruby IDE: Die besten IDEs f\u00fcr die Ruby on Rails-Entwicklung\" href=\"https:\/\/www.railscarma.com\/de\/blog\/ror\/ruby-idee-die-besten-ideen-fur-die-ruby-on-rails-entwicklung\/?related_post_from=36125\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"BESTE IDEEN F\u00dcR DIE RUBY ON RAILS-ENTWICKLUNG\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Ruby IDE: Die besten IDEs f\u00fcr die Ruby on Rails-Entwicklung\" href=\"https:\/\/www.railscarma.com\/de\/blog\/ror\/ruby-idee-die-besten-ideen-fur-die-ruby-on-rails-entwicklung\/?related_post_from=36125\">\r\n        Ruby IDE: Die besten IDEs f\u00fcr die Ruby on Rails-Entwicklung  <\/a>\r\n\r\n        <\/div>\r\n      \r\n  <\/div>\r\n\r\n  <script>\r\n      <\/script>\r\n  <style>\r\n    .related-post {}\r\n\r\n    .related-post .post-list {\r\n      text-align: left;\r\n          }\r\n\r\n    .related-post .post-list .item {\r\n      margin: 10px;\r\n      padding: 10px;\r\n          }\r\n\r\n    .related-post .headline {\r\n      font-size: 14px !important;\r\n      color: #999999 !important;\r\n          }\r\n\r\n    .related-post .post-list .item .post_thumb {\r\n      max-height: 220px;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n          }\r\n\r\n    .related-post .post-list .item .post_title {\r\n      font-size: 14px;\r\n      color: #000000;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    .related-post .post-list .item .post_excerpt {\r\n      font-size: 12px;\r\n      color: #3f3f3f;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    .related-post .owl-dots .owl-dot {\r\n          }\r\n\r\n      <\/style>\r\n      <script>\r\n      jQuery(document).ready(function($) {\r\n        $(\".related-post .post-list\").owlCarousel({\r\n          items: 2,\r\n          responsiveClass: true,\r\n          responsive: {\r\n            0: {\r\n              items: 1,\r\n            },\r\n            768: {\r\n              items: 2,\r\n            },\r\n            1200: {\r\n              items: 2,\r\n            }\r\n          },\r\n                      rewind: true,\r\n                                loop: true,\r\n                                center: false,\r\n                                autoplay: true,\r\n            autoplayHoverPause: true,\r\n                                nav: true,\r\n            navSpeed: 1000,\r\n            navText: ['<i class=\"fas fa-chevron-left\"><\/i>', '<i class=\"fas fa-chevron-right\"><\/i>'],\r\n                                dots: false,\r\n            dotsSpeed: 1200,\r\n                                                    rtl: false,\r\n          \r\n        });\r\n      });\r\n    <\/script>\r\n  <\/div>","protected":false},"excerpt":{"rendered":"<p>Poodle&nbsp;is a breed of dog with legs that resembles cotton candies. It is intelligent and a regular staple at dog shows. Even the most friendly dogs have the propensity to bite. Now we see all kinds of security alerts and snafus likes heartbleed and shell shock!!! The latest in addition is POODLE. This is all &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/www.railscarma.com\/de\/blog\/how-to-build-a-scalable-saas-platform-using-ruby-on-rails\/\"> <span class=\"screen-reader-text\">Wie man eine skalierbare SaaS-Plattform mit Ruby on Rails aufbaut<\/span> Weiterlesen \u00bb<\/a><\/p>","protected":false},"author":1,"featured_media":32075,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[384],"tags":[609,513,610],"class_list":["post-6492","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technical-articles","tag-security-threats","tag-ssl","tag-sslv3"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Poodle: SSL Security Threat Explored - RailsCarma Blog<\/title>\n<meta name=\"description\" content=\"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.railscarma.com\/de\/blog\/fachartikel\/poodle-ssl-sicherheitsbedrohung-untersucht-2\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Poodle: SSL Security Threat Explored - RailsCarma Blog\" \/>\n<meta property=\"og:description\" content=\"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.railscarma.com\/de\/blog\/fachartikel\/poodle-ssl-sicherheitsbedrohung-untersucht-2\/\" \/>\n<meta property=\"og:site_name\" content=\"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/RailsCarma\/\" \/>\n<meta property=\"article:published_time\" content=\"2014-11-30T07:29:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-30T07:32:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"644\" \/>\n\t<meta property=\"og:image:height\" content=\"292\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@railscarma\" \/>\n<meta name=\"twitter:site\" content=\"@railscarma\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"5\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21\"},\"headline\":\"Poodle \u2013 SSL Security Threat Explored\",\"datePublished\":\"2014-11-30T07:29:11+00:00\",\"dateModified\":\"2022-08-30T07:32:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\"},\"wordCount\":1085,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.railscarma.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"keywords\":[\"security threats\",\"SSL\",\"sslv3\"],\"articleSection\":[\"Technical Articles\"],\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\",\"url\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\",\"name\":\"Poodle: SSL Security Threat Explored - RailsCarma Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.railscarma.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"datePublished\":\"2014-11-30T07:29:11+00:00\",\"dateModified\":\"2022-08-30T07:32:51+00:00\",\"description\":\"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session\",\"breadcrumb\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\",\"url\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"contentUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"width\":644,\"height\":292},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.railscarma.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Poodle \u2013 SSL Security Threat Explored\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.railscarma.com\/#website\",\"url\":\"https:\/\/www.railscarma.com\/\",\"name\":\"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\",\"description\":\"RailsCarma is a Ruby on Rails Development Company in Bangalore. We specialize in Offshore Ruby on Rails Development based out in USA and India. Hire experienced Ruby on Rails developers for the ultimate Web Experience.\",\"publisher\":{\"@id\":\"https:\/\/www.railscarma.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.railscarma.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.railscarma.com\/#organization\",\"name\":\"RailsCarma\",\"url\":\"https:\/\/www.railscarma.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png\",\"contentUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png\",\"width\":200,\"height\":46,\"caption\":\"RailsCarma\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/RailsCarma\/\",\"https:\/\/x.com\/railscarma\",\"https:\/\/www.linkedin.com\/company\/railscarma\/\",\"https:\/\/myspace.com\/railscarma\",\"https:\/\/in.pinterest.com\/railscarma\/\",\"https:\/\/www.youtube.com\/channel\/UCx3Wil-aAnDARuatTEyMdpg\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/www.railscarma.com\/hire-ruby-on-rails-developer\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pudel: SSL-Sicherheitsbedrohung untersucht \u2013 RailsCarma Blog","description":"Der POODLE-Angriff nutzt die in SSL\/TLS integrierte Protokollversionsverhandlungsfunktion aus, um die Verwendung von SSL 3.0 zu erzwingen, und nutzt dann diese neue Schwachstelle aus, um ausgew\u00e4hlte Inhalte innerhalb der SSL-Sitzung zu entschl\u00fcsseln","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.railscarma.com\/de\/blog\/fachartikel\/poodle-ssl-sicherheitsbedrohung-untersucht-2\/","og_locale":"de_DE","og_type":"article","og_title":"Poodle: SSL Security Threat Explored - RailsCarma Blog","og_description":"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session","og_url":"https:\/\/www.railscarma.com\/de\/blog\/fachartikel\/poodle-ssl-sicherheitsbedrohung-untersucht-2\/","og_site_name":"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development","article_publisher":"https:\/\/www.facebook.com\/RailsCarma\/","article_published_time":"2014-11-30T07:29:11+00:00","article_modified_time":"2022-08-30T07:32:51+00:00","og_image":[{"width":644,"height":292,"url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_creator":"@railscarma","twitter_site":"@railscarma","twitter_misc":{"Verfasst von":"admin","Gesch\u00e4tzte Lesezeit":"5\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#article","isPartOf":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/"},"author":{"name":"admin","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21"},"headline":"Poodle \u2013 SSL Security Threat Explored","datePublished":"2014-11-30T07:29:11+00:00","dateModified":"2022-08-30T07:32:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/"},"wordCount":1085,"commentCount":0,"publisher":{"@id":"https:\/\/www.railscarma.com\/#organization"},"image":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","keywords":["security threats","SSL","sslv3"],"articleSection":["Technical Articles"],"inLanguage":"de","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/","url":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/","name":"Pudel: SSL-Sicherheitsbedrohung untersucht \u2013 RailsCarma Blog","isPartOf":{"@id":"https:\/\/www.railscarma.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage"},"image":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","datePublished":"2014-11-30T07:29:11+00:00","dateModified":"2022-08-30T07:32:51+00:00","description":"Der POODLE-Angriff nutzt die in SSL\/TLS integrierte Protokollversionsverhandlungsfunktion aus, um die Verwendung von SSL 3.0 zu erzwingen, und nutzt dann diese neue Schwachstelle aus, um ausgew\u00e4hlte Inhalte innerhalb der SSL-Sitzung zu entschl\u00fcsseln","breadcrumb":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/"]}]},{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage","url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","contentUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","width":644,"height":292},{"@type":"BreadcrumbList","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.railscarma.com\/"},{"@type":"ListItem","position":2,"name":"Poodle \u2013 SSL Security Threat Explored"}]},{"@type":"WebSite","@id":"https:\/\/www.railscarma.com\/#website","url":"https:\/\/www.railscarma.com\/","name":"RailsCarma \u2013 Ruby on Rails-Entwicklungsunternehmen, spezialisiert auf Offshore-Entwicklung","description":"RailsCarma ist ein Ruby on Rails-Entwicklungsunternehmen in Bangalore. Wir sind auf die Offshore-Ruby-on-Rails-Entwicklung mit Sitz in den USA und Indien spezialisiert. Stellen Sie erfahrene Ruby on Rails-Entwickler f\u00fcr das ultimative Web-Erlebnis ein.","publisher":{"@id":"https:\/\/www.railscarma.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.railscarma.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.railscarma.com\/#organization","name":"SchienenCarma","url":"https:\/\/www.railscarma.com\/","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png","contentUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png","width":200,"height":46,"caption":"RailsCarma"},"image":{"@id":"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/RailsCarma\/","https:\/\/x.com\/railscarma","https:\/\/www.linkedin.com\/company\/railscarma\/","https:\/\/myspace.com\/railscarma","https:\/\/in.pinterest.com\/railscarma\/","https:\/\/www.youtube.com\/channel\/UCx3Wil-aAnDARuatTEyMdpg"]},{"@type":"Person","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21","name":"Administrator","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/www.railscarma.com\/hire-ruby-on-rails-developer\/"]}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/posts\/6492","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/comments?post=6492"}],"version-history":[{"count":0,"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/posts\/6492\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/media\/32075"}],"wp:attachment":[{"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/media?parent=6492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/categories?post=6492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.railscarma.com\/de\/wp-json\/wp\/v2\/tags?post=6492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}