DROWN SSL Vulnerability CheckerPosted by admin on Mar 2, 2016 in Security Blog • No comments
Taken from DROWNattack.com:
DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the web, use email, shop online, and send instant messages without third-parties being able to read the communication.
DROWN allows attackers to break the encryption and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. Our measurements indicate 33% of all HTTPS servers are vulnerable to the attack.
Any communication between users and the server. This typically includes, but is not limited to, usernames and passwords, credit card numbers, emails, instant messages, and sensitive documents. Under some common scenarios, an attacker can also impersonate a secure website and intercept or change the content the user sees.
Websites, mail servers, and other TLS-dependent services are at risk for the DROWN attack.
Modern servers and clients use the TLS encryption protocol. However, due to misconfigurations, many servers also still support SSLv2, a 1990s-era predecessor to TLS. This support did not matter in practice, since no up-to-date clients actually use SSLv2. Therefore, even though SSLv2 is known to be badly insecure, until now, merely supporting SSLv2 was not considered a security problem, because clients never used it.
DROWN shows that merely supporting SSLv2 is a threat to modern servers and clients. It allows an attacker to decrypt modern TLS connections between up-to-date clients and servers by sending probes to a server that supports SSLv2 and uses the same private key.
CHECK YOUR SITE FOR DROWN TLS/SSL VULNERABILITY NOW BY RUNNING THE SSLYZE TOOL FOR FREE:
This tool also will check for the heartbleed SSL vulnerability that came out last year and notify you in the text if you are vulnerable.
Example of not vulnerable configuration for HEARTBLEED SSL:
* OpenSSL Heartbleed: OK - Not vulnerable to Heartbleed
Example of not vulnerable configuration for DROWN SSL:
* SSLV2 Cipher Suites:
Server rejected all cipher suites.
Example of vulnerable TLS/SSL Configuration for DROWN:
* SSLV2 Cipher Suites:
Server rejected all cipher suites. * Session Resumption: With Session IDs: PARTIALLY SUPPORTED (2 successful, 3 failed, 0 errors, 5 total attempts). Try --resum_rate. With TLS Session Tickets: NOT SUPPORTED - TLS ticket assigned but not accepted.