gptkbp:instanceOf
|
gptkb:security
|
gptkbp:access
|
no
|
gptkbp:affects
|
gptkb:OpenSSL
gptkb:SSLv2
TLS
|
gptkbp:alsoKnownAs
|
gptkb:DROWN
|
gptkbp:citation
|
https://drownattack.com/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800
|
gptkbp:complexity
|
low
|
gptkbp:describes
|
A vulnerability in SSLv2 that allows attackers to decrypt TLS sessions using SSLv2 servers.
|
gptkbp:discoveredBy
|
gptkb:Karthikeyan_Bhargavan
gptkb:Kenny_Paterson
gptkb:Nadhem_AlFardan
gptkb:David_Adrian
gptkb:J._Alex_Halderman
gptkb:Antoine_Delignat-Lavaud
gptkb:Emilia_Käsper
gptkb:Ivan_Ristic
gptkb:Jean_Paul_Degabriele
gptkb:Thomas_Pornin
gptkb:Yannick_Seurin
|
gptkbp:exploits
|
yes
|
gptkbp:hasCVSSScore
|
7.5
|
gptkbp:hasCWE
|
gptkb:CWE-310
|
https://www.w3.org/2000/01/rdf-schema#label
|
CVE-2016-0800
|
gptkbp:impact
|
information disclosure
confidentiality compromise
|
gptkbp:patchedBy
|
gptkb:OpenSSL_1.0.1s
gptkb:OpenSSL_1.0.2g
|
gptkbp:publishedIn
|
2016-03-01
|
gptkbp:vectorFor
|
gptkb:network_protocol
|
gptkbp:bfsParent
|
gptkb:DROWN_attack
|
gptkbp:bfsLayer
|
5
|