[bdNOG] SSLv2 DROWN Attack

• Previous message: [bdNOG] New survey report published: The regulatory conditions of internet interconnection
• Next message: [bdNOG] SSLv2 DROWN Attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear members ,

Network traffic encrypted using an RSA-based SSL certificate may be
decrypted if enough SSLv2 handshake data can be collected. Exploitation of
this vulnerability - referred to as DROWN in public reporting - may allow a
remote attacker to obtain the private key of a server supporting SSLv2.

​For more information please visit ,

https://www.us-cert.gov/ncas/current-activity/2016/03/01/SSLv2-DROWN-Attack

https://www.us-cert.gov/ncas/current-activity/2016/03/01/OpenSSL-Releases-Security-Advisory
​



*Regards / Jahangir*
*​ | Open Comm​*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.bdnog.org/pipermail/nog/attachments/20160302/d0b1ebf6/attachment.html>

• Previous message: [bdNOG] New survey report published: The regulatory conditions of internet interconnection
• Next message: [bdNOG] SSLv2 DROWN Attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]