[bdNOG] SSLv2 DROWN Attack

Jahangir Hossain jrjahangir at gmail.com
Wed Mar 2 17:28:49 BDT 2016

Dear members ,

Network traffic encrypted using an RSA-based SSL certificate may be
decrypted if enough SSLv2 handshake data can be collected. Exploitation of
this vulnerability - referred to as DROWN in public reporting - may allow a
remote attacker to obtain the private key of a server supporting SSLv2.

​For more information please visit ,



*Regards / Jahangir*
*​ | Open Comm​*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.bdnog.org/pipermail/nog/attachments/20160302/d0b1ebf6/attachment.html>

More information about the nog mailing list