Copy below as poodle.sh
Execute this command as below:
sh poodle.sh <site>
sh poodle.sh <site>:<port>
echo "Usage: "
echo "sh poodle.sh <hostname>:<port>"
echo "sh poodle.sh google.com:443"
echo "sh poodle.sh symantec.com:443"
if [ $# -ne 1 ]
elif [ "$hostname" == '-h' ]
echo $hostname | grep ":" >/dev/null
if [ $? -ne 0 ]
echo "Sending Test request to $hostname....."
output=`openssl s_client -connect $hostname -ssl3 < /dev/null` 2>/dev/null
echo "Test Complete ....."
echo $output | grep "ssl handshake failure" >/dev/null
if [ $? -eq 0 ]
echo "Server verified : $hostname"
echo "Wow !! No POODLE issue found "
echo "Server checked: $hostname --> Issue exist "
echo "Please disble SSL V3 on the server"
POODLE : Padding Oracle On Downgraded Legacy Encryption : – This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack.
Three Google security researchers discovered the flaw and detailed how it could be exploited through what they called a Padding Oracle On Downgraded Legacy Encryption (POODLE) attack (CVE-2014-3566).
POODLE affects older standards of encryption, specifically Secure Socket Layer (SSL) version 3. It does not affect the newer encryption mechansim known as Transport Layer Security (TLS).
How to test this against your Server:
openssl s_client -connect <server>:443 -ssl3
If above command succeeds, it indicates that SSLV3 is enabled on your server.
Script @ https://troubleshootblog.com/2014/10/20/ssl-v3-poodle-shell-script-to-verify-the-server/
To fix this, disable sslV3 on your server.
How to fix this on Apache:
> SSLProtocol All -SSLv2 -SSLv3 <- Removes SSLv2 and SSLv3 from Config
> service apache restart <- Restart server