[openssl-users] DROWN (CVE-2016-0800)

Jeffrey Walton noloader at gmail.com
Wed Mar 2 20:50:43 UTC 2016


On Wed, Mar 2, 2016 at 3:38 PM, Salz, Rich <rsalz at akamai.com> wrote:
>> am [I] still vulnerable to this if my customer's server is not up to date?
>
> Yes, maybe.
>
> If you use SSL3/TLS without PFS ciphers, then someone who has captured the traffic can send SSLv2 messages to the server and decrypt your traffic.

Its probably worth mentioning since "interception is a valid use case"
has permeated both the W3C (browsers) and the IETF (Internet at
large)... Interception and proxy middleware could be contributing
significant risk. Its not readily apparent since the client is
believed to be well configured and the end server appears to be well
configured. Also see "Transitive Trust: SSL/TLS Interception Proxies",
https://www.secureworks.com/research/transitive-trust.

Jeff


More information about the openssl-users mailing list