IBM Domino SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)
Medium Nessus Plugin ID 90512
The application installed on the remote host is affected by an information disclosure vulnerability.
The version of IBM Domino (formerly Lotus Domino) installed on the remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.