DROWN attack

The DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) attack is a cross-protocol security bug that attacks servers supporting modern SSLv3/TLS protocol suites by using their support for the obsolete, insecure, SSL v2 protocol to leverage an attack on connections using up-to-date protocols that would otherwise be secure. DROWN can affect all types of servers that offer services encrypted with SSLv3/TLS yet still support SSLv2, provided they share the same public key credentials between the two protocols. Additionally, if the same public key certificate is used on a different server that supports SSLv2, the TLS server is also vulnerable due to the SSLv2 server leaking key information that can be used against the TLS server.

"DROWN" redirects here. For other uses, see Drown (disambiguation).
DROWN
Broken lock logo symbolizing DROWN attack
CVE identifier(s)CVE-2016-0800
Date discoveredMarch 2016 (2016-03)
DiscovererNimrod Aviram, Sebastian Schinzel
Affected softwareSSL (v2)
Websitedrownattack.com

Full details of DROWN were announced in March 2016, along with a patch that disables SSLv2 in OpenSSL; the vulnerability was assigned the ID CVE-2016-0800. The patch alone will not be sufficient to mitigate the attack if the certificate can be found on another SSLv2 host. The only viable countermeasure is to disable SSLv2 on all servers.

The researchers estimated that 33% of all HTTPS sites were affected by this vulnerability as of March 1, 2016.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.