Security researchers at Google recently discovered the POODLE SSL vulnerability, a security flaw in an older version of the SSL/TLS protocol, SSL 3.0.

Important facts about POODLE

  • SFTP, SCP and SSH are not vulnerable to POODLE attacks – only FTPS and HTTPS are vulnerable as they use SSL/TLS.
  • POODLE affects the SSL3 protocol. SSL3 is an older member of the SSL/TLS family of protocols, which was succeeded by TLS1.0 in 1999.
  • Modern software (less than 10 years old) generally supports TLS1 or later, which is not vulnerable to POODLE (but see below).
  • Even though modern software supports TLS1 or later, it may fall back to SSL3 if it’s communicating with old software that only supports SSL3. This is where the danger lies.
  • POODLE is a ‘man-in-the-middle’ attack meaning that the attacker must be able to place itself in between the server and the client without either being aware of it. This means that the attacker must have control over some point on the network path between the two end-points.
  • The greatest danger lies with web browsers (i.e. HTTPS), as they are far more vulnerable to a man-in-the-middle attack (usually via malicious Javascript on a website). In particular, the malicious code can force a fallback to SSL3 and hence trigger a POODLE attack even when TLS is being used on the client and the server.

The remedy

Firstly, disable use of SSL3 in your browser and your FTPS clients. This means attackers can no longer downgrade your connection to SSL3. Consult your client software’s vendor website for more details. Of course, this means your clients can no longer communicate with old servers that doesn’t support TLS1 or later.

Secondly, use SFTP instead of FTPS if you can (although the main danger is with web browser use).

Our Products

  • CompleteFTP supports TLS1.1, but will fall back to SSL3 if that’s the latest protocol that the client supports. At the time of writing, the latest version of CompleteFTP is 8.1.2. This version does not allow SSL3 to be disabled. Our developers are working to add a control for disabling SSL3. We expect the fix to be released during the week of 20 October 2014. The release will be announced on our mailing list, on Twitter and on our Announcements forum.
  • edtFTPnet/PRO: allows the TLS1 protocol to be selected explicitly via the SecureFTPConnection.SSLVersion property, which means that the client will not fall back to SSL3 if TLS1 or higher is chosen.
  • edtFTPj/PRO: does not currently allow the SSL3 protocol to be disabled. Our developers are working to enable this. We expect the fix to be released during the week of 20 October 2014. The release will be announced on our mailing list, on Twitter and on our Announcements forum.

EDIT: As of 3 November 2014, all three products disable SSLv3 by default.