SSL vulnerability "Poodle"

Church Account is the primary user account (user name and password) for accessing online Church resources. Church Account was formerly known as LDS Account. This forum is a space to discuss all things related to Church Accounts (registration, account recovery, user experience, vulnerabilities, etc.).
Post Reply
tralston
New Member
Posts: 1
Joined: Sun Mar 09, 2014 9:18 pm

SSL vulnerability "Poodle"

#1

Post by tralston »

Google just released the details for an SSLv3 bug yesterday, Oct 14, 2014. For details, see https://poodle.io/. I've scanned lds.org and it's indeed vulnerable. I don't expect a lot of people to know about it since it was just released yesterday, but as always, sound the warning and get a team of security experts on it.

To scan for yourself, go here: https://www.expeditedssl.com/poodle

Has any one heard of this or discussed this in the admin forums?
Post Reply

Return to “Church Account”