‘DROWN’ – Decrypting RSA with Obsolete and Weakened eNcryption
Various products may be affected by this vulnerability, given the common vulnerability and exposures designation of CVE-2016-0800.
A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites. Traffic between clients and non-vulnerable servers can be decrypted provided another server supporting
SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP) shares the RSA keys of the non-vulnerable server.
Users can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS servers, if they’ve not done so already. Disabling all SSLv2 ciphers is also sufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and 1.0.2f) have been deployed. Servers that have not disabled the SSLv2 protocol, and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2 ciphers are nominally disabled, because malicious clients can force the use of SSLv2 with EXPORT ciphers.
For more information see:
- http://www.theregister.co.uk/2016/03/01/drown_tls_protocol_flaw/
- https://drownattack.com/
- https://www.openssl.org/news/secadv/20160301.txt
Or search for
‘ CVE-2016-0800 ‘
If you have any further questions, please email support@netnorth.co.uk
Regards
Netnorth Support