More info on the vulnerability: https://isc.sans.edu/diary/OpenSSL%3A+SSLv3+POODLE+Vulnerability+Official+Release/18827
Does anyone know if Serv-U is vulnerable to the POODLE SSLv3 exploit?
Serv-U accepts SSLv3 connections so I presume Serv-U is vulnerable. There is an option to disable SSLv2 connections, but not one for SSLv3 connections, why is this?
Is it vulnerable, if so what can we do to stop it being so? If it is, we need an urgent hotfix as this is all over the internet.