|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:affects
|
gptkb:SSLv2
TLS
|
|
gptkbp:announced
|
2016-03-01
|
|
gptkbp:category
|
crypt
network security vulnerability
|
|
gptkbp:discoveredBy
|
gptkb:Vern_Paxson
gptkb:Matthew_Green
gptkb:David_Adrian
gptkb:J._Alex_Halderman
gptkb:Nadia_Heninger
gptkb:Zakir_Durumeric
gptkb:Emilia_Käsper
gptkb:Jann_Horn
Eyal Ronen
Gabriel G. Portmann
Kevin Borgolte
Martin P. Schneider
Yuval Shavitt
|
|
gptkbp:exploits
|
gptkb:man-in-the-middle
decryption attack
|
|
gptkbp:fullName
|
Decrypting RSA with Obsolete and Weakened eNcryption
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
DROWN
|
|
gptkbp:impact
|
allows decryption of TLS sessions
compromises confidentiality
|
|
gptkbp:mitigatedBy
|
disable SSLv2
update OpenSSL
do not reuse private keys across protocols
|
|
gptkbp:relatedTo
|
gptkb:OpenSSL
gptkb:SSL
TLS
|
|
gptkbp:target
|
servers supporting SSLv2
servers with shared private keys
|
|
gptkbp:vulnerableTo
|
gptkb:CVE-2016-0800
|
|
gptkbp:bfsParent
|
gptkb:Transport_Layer_Security
gptkb:CVE-2016-0800
gptkb:SSLv2
|
|
gptkbp:bfsLayer
|
6
|