SSLv3 Poodle Attack Check

Update:

All browsers have deactivated the SSL-Version 3.0 by default.

POODLE Test

If you see a poodle below, then your browser supports SSLv3 via block ciphers, and you may be vulnerable. If you see a Labrador below, your browser doesn’t support SSLv3, or only supports SSLv3 using stream ciphers.

You are safe!

Known Issues

Make sure you clear your cache between tests. 

The test requires that you are able to connect to an SSLv3 only site. There are some false positives/false negatives that you may experience. For example, if your connection is slow, the connection to the test site will time out and your browser may wrongly show up as not vulnerable. 

Browser Specific Issues:

Firefox

Firefox is picky as to what ciphers it accepts. The test site supports a wide range of ciphers to allow Firefox to connect. 

Safari

Apple stated that the Safari update released on Oct 17th no longer allows block ciphers via SSLv3. The test site (on purpose) only supports block ciphers as they are vulnerable to POODLE. However, the testing so far shows that Safari will still connect to the test site using ciphers like AES256. Safari should show up as not-vulnerable if it only supports stream ciphers over SSLv3. 

Android

Some issues have been reported.

More Information:

Has your email been leaked?

We recommend you to check if you have an account that has been compromised in a data breach on haveibeenpwned.com
Scroll to top