Topics Map > University of Chicago > IT Services > Accounts, Identity, & Security > Security
DROWN Vulnerability CVE-2016-0800
This article explains a critical vulnerability affecting SSL and TLS that was disclosed March 1, 2016.
A critical vulnerability affecting SSL and TLS has been disclosed today (3/1/16). This vulnerability affects any server that supports SSLv2 connections or any server that shares a certificate or key pair WITH a server that supports SSLv2.
The core of this vulnerability revolves around the use of vulnerabilities in the already-weak encryption algorithms used in SSLv2. By exploiting the server's support of SSLv2, an attacker can decrypt properly secured TLS traffic. This decryption relies on the attacker being able to capture enough SSLv2 traffic to decrypt and recover the key being used securely by the TLS traffic.
This vulnerability has been assigned CVE-2016-0800.
In all circumstances, disable SSLv2 support immediately. In most cases, a patch is or will shortly be available that can help mitigate this vulnerability.
You may check if a server is vulnerable using the Drown Attack Checker.
A patch for OpenSSL is available:
If you are using OpenSSL 1.0.2, please update to 1.0.2g.
If you are using OpenSSL 1.0.1, please update to 1.0.1s.
IIS version 7.0 has SSLv2 disabled by default and should not be vulnerable, but please verify configurations to be certain. Versions older than 7.0 should be upgraded.
Other servers or products relying on NSS (Network Security Services) 3.13 or higher should also have SSLv2 disabled by default, but please verify configurations to be certain. Software reliant on NSS versions older than 3.13 should be upgraded.
More details about vulnerable platforms can be found below, including specific instructions for other products such as Postfix, Apache, and Nginx at drownattack.com.
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800 (as of this publication this CVE is listed as "reserved")