DROWN attack

GPTKB entity

Statements (28)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:affects gptkb:SSLv2
TLS
gptkbp:announced 2016
gptkbp:category crypt
man-in-the-middle attack
gptkbp:discoveredBy gptkb:Vern_Paxson
gptkb:Matthew_Green
gptkb:Ariel_Feldman
gptkb:David_Adrian
gptkb:J._Alex_Halderman
gptkb:Michael_Bailey
gptkb:Nadia_Heninger
gptkb:Zakir_Durumeric
gptkbp:enables decryption of TLS sessions
gptkbp:exploits SSLv2 protocol weaknesses
gptkbp:fullName Decrypting RSA with Obsolete and Weakened eNcryption
https://www.w3.org/2000/01/rdf-schema#label DROWN attack
gptkbp:impact email servers
VPN servers
millions of HTTPS servers
gptkbp:mitigatedBy disable SSLv2
update OpenSSL
gptkbp:requires server supporting SSLv2
gptkbp:vulnerableTo gptkb:CVE-2016-0800
gptkbp:website https://drownattack.com/
gptkbp:bfsParent gptkb:SSL/TLS
gptkbp:bfsLayer 4