Описание
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker could potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | nss | Not affected | ||
| Red Hat Enterprise Linux 5 | openssl097a | Will not fix | ||
| Red Hat Enterprise Linux 6 | nss | Not affected | ||
| Red Hat Enterprise Linux 7 | nss | Not affected | ||
| Red Hat Enterprise Linux Extended Update Support 5.6 | openssl | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 6.7 | guest-images | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 7.2 | rhel-guest-image | Affected | ||
| Red Hat JBoss Enterprise Application Platform 5 | openssl | Not affected | ||
| Red Hat JBoss Enterprise Web Server 2 | openssl | Affected | ||
| Red Hat JBoss Enterprise Web Server 3 | openssl | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before ...
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
Уязвимость библиотеки OpenSSL, позволяющая нарушителю расшифровать передаваемые данные
EPSS
5.8 Medium
CVSS2