News

03/03/2016

DROWN SSL/TLS Vulnerability

Our firewall security partner has flagged a vulnerability in services that rely on Secure Sockets Layer/Transport Layer Services (SSL/TLS) encryption. The vulnerability is called DROWN (Decrypting RSA using Obsolete and Weakened eNcryption) and was assigned the CVE ID CVE-2016-0800. CVE-2015-3197 and CVE-2016-0703 were assigned to OpenSSL implementations that are vulnerable to DROWN attacks.

By exploiting DROWN, an attacker may be able to decrypt potentially sensitive data sent to or from the server. This data could include usernames, passwords, and sensitive financial information. The issue affects systems that support SSLv2, which is an encryption protocol known to be vulnerable to attacks. To exploit this vulnerability, an attacker must observe several hundred connections between the targeted client and server, and then make repeated connections to the SSLv2 server with a previously-obtained modified cipher text. Observing how the server responds could disclose the secret key. The offline computation required to obtain the secret key is modest and can be performed in several hours.

DROWN is a new form of the cross-protocol Bleichenbacher padding oracle attack. As of this publication, one-third of HTTPS websites, including one-quarter of the top million websites, are reportedly vulnerable to DROWN attacks.

Recommended Actions:

Our firewall security partner recommend that customers audit their computing infrastructure and disable SSLv2 on any systems that are configured to support it. OpenSSL may accept an SSLv2 connection even if all of the SSLv2 ciphers have been disabled. In environments that do not use SSLv2 (for example, PCI-compliant systems), action may still be required if the private key is shared with any system that supports SSLv2 encryption. In this scenario, clients should issue a new key and ensure that it is not used with any service that supports SSLv2.

OpenSSL users should upgrade to the latest version. Versions 1.0.1s and 1.0.2g are not vulnerable to DROWN attacks. Microsoft IIS versions 7.0 and above should have SSLv2 disabled by default.

Our firewall security partner is conducting further investigations to the feasibility of countermeasures to detect DROWN exploit activity. We will update you further as this develops.

Related Posts

17/01/2024
Ivanti vulnerabilities (CVE-2023-46805, CVE-2024-21887) in widespread exploitation – Action Recommended

Summary: January 10, 2024, Ivanti published an advisory regarding two vulnerabilities (CVE-2023-46805 and CVE-2024-21887) that impact all supported versions of the Connect Secure (formerly known as Pulse Connect Secure) and Policy Secure gateways. CVE-2023-46805 is… More »

News
18/12/2023
Critical Apache Struts 2 vulnerability (CVE-2023-50164) in active exploitation – Action Recommended

Summary: Apache disclosed a critical vulnerability (CVE-2023-50164) in the Apache Struts 2 open-source framework. Successful exploitation can allow an attacker to manipulate file upload parameters to enable path traversal and upload a malicious file. The… More »

News
13/12/2023
2023 Christmas Checklist

To prepare for your Christmas break, please take a minute to read the below checklist, to help make sure there are no unwanted interruptions over the festive period, or in fact any uninvited surprises waiting… More »

News

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners