OpenSSL: Deny Service and Decrypt TLS Sessions

Posted on Posted in OpenSSL

Description: Multiple vulnerabilities were reported in OpenSSL. A remote user can decrypt TLS sessions in certain cases. A remote user can cause denial of service conditions on the target system.

A remote user can decrypt TLS sessions in certain cases by using a server that supports SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle [CVE-2016-0800]. This attack is known as a DROWN attack.

Systems with a private key used on another server for any protocol that allows SSLv2 connections are affected.

Systems running versions prior to 1.0.2a, 1.0.1m, 1.0.0r, and 0.9.8zf (released on March 19, 2015) can be exploited more readily.

CVE Reference: CVE-2016-0702, CVE-2016-0703, CVE-2016-0704, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-0800

Solution: The vendor has issued a fix (1.0.1s, 1.0.2g).
Test your website(s): https://drownattack.com/#check

Origin URLs:

  1. http://openssl.org/news/secadv/20160301.txt
  2. http://securitytracker.com/id/1035133

Leave a Reply

Your email address will not be published. Required fields are marked *