First published: Tue Mar 01 2016(Updated: )
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
OpenSSL OpenSSL | =1.0.1 | |
OpenSSL OpenSSL | =1.0.1-beta1 | |
OpenSSL OpenSSL | =1.0.1-beta2 | |
OpenSSL OpenSSL | =1.0.1-beta3 | |
OpenSSL OpenSSL | =1.0.1a | |
OpenSSL OpenSSL | =1.0.1b | |
OpenSSL OpenSSL | =1.0.1c | |
OpenSSL OpenSSL | =1.0.1d | |
OpenSSL OpenSSL | =1.0.1e | |
OpenSSL OpenSSL | =1.0.1f | |
OpenSSL OpenSSL | =1.0.1g | |
OpenSSL OpenSSL | =1.0.1h | |
OpenSSL OpenSSL | =1.0.1i | |
OpenSSL OpenSSL | =1.0.1j | |
OpenSSL OpenSSL | =1.0.1k | |
OpenSSL OpenSSL | =1.0.1l | |
OpenSSL OpenSSL | =1.0.1m | |
OpenSSL OpenSSL | =1.0.1n | |
OpenSSL OpenSSL | =1.0.1o | |
OpenSSL OpenSSL | =1.0.1p | |
OpenSSL OpenSSL | =1.0.1q | |
OpenSSL OpenSSL | =1.0.1r | |
OpenSSL OpenSSL | =1.0.2 | |
OpenSSL OpenSSL | =1.0.2-beta1 | |
OpenSSL OpenSSL | =1.0.2-beta2 | |
OpenSSL OpenSSL | =1.0.2-beta3 | |
OpenSSL OpenSSL | =1.0.2a | |
OpenSSL OpenSSL | =1.0.2b | |
OpenSSL OpenSSL | =1.0.2c | |
OpenSSL OpenSSL | =1.0.2d | |
OpenSSL OpenSSL | =1.0.2e | |
OpenSSL OpenSSL | =1.0.2f | |
Pulsesecure Client | ||
Pulsesecure Steel Belted Radius |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.