The DROWN Attack

  • Thursday, 3rd March, 2016
  • 16:17pm
What is the DROWN Attack?

DROWN stands for "Decrypting RSA with Obsolete and Weakened eNcryption."

DROWN is a serious security flaw that makes network services that utilizes SSLv2 to attack TLS transactions vulnerable.

AlpineWeb servers are not vulnerable to this flaw as SSLv2 was not enabled.

You can learn more about DROWN here:

http://www.theregister.co.uk/2016/03/02/drown_exploitability_analysis

https://en.wikipedia.org/wiki/DROWN_attack

https://blog.cloudflare.com/the-drown-attack


« Back