Reference: CERT-EU Security Advisory 2016-118 Title: DROWN Attack Version history: 01/03/2016 Initial publication. Short Summary -------------- A vulnerability in SSLv2 can lead to a compromise the cryptographic scheme of safe transactions over Internet. The attack that exploits the vulnerability is called "DROWN". The attacker can easily interfere between client and server and monitor the transaction or even alter it. In other words, the vulnerability allows successful Man-In-the-Middle attacks. Affected platforms: Web Servers Version: SSLv2 Date: 2016 - March - 01 Security risk: High Vulnerability: MItM Systems affected ----------------- Any system that uses SSLv2 is vulnerable to DROWN attack. The system that is affected can be a web server and in some cases that isn't using SSLv2. The server's private key can be retrieved from another server that uses the same key and SSLv2 and then used against the first one. Impact ------- The attacker is able to break TLS connections and eavesdrop a communication channel over Internet and even more be able to impersonate the web server. Solutions ---------- A server should not use SSLv2 and must support only TLS - preferably v1.1 and above. Additional References ----------------------- [1] DROWN attack: https://drownattack.com/ [2] DROWN: Breaking TLS using SSLv2: https://drownattack.com/drown-attack-paper.pdf CERT-EU (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383