On Oct 14th Google published details of an SSL 3.0 vulnerability, which allows an attacker to secure session through a man-in-the-middle attack. Support for SSL 3.0 is available in all popular mail, ftp and web clients, which makes all your clients vulnerable to an exploit based on this bug. Since SSL 3.0 is an 18 year old obsolete technology, we recommend it to be disabled in all cPanel servers.
Here is a quick script for you to check if your cPanel/WHM server is vulnerable. Execute the following as root. If you get ANY cipher output, your server can be considered vulnerable.Read More »How to secure cPanel server from SSLV3 Poodle Vulnerability?