Bleichenbacher-Vulnerability-SMTPS/EN

Aus Siwecos
Wechseln zu: Navigation, Suche

Check for Bleichenbacher vulnerability

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Not vulnerable to Bleichenbacher.
Result negativ Vulnerable to Bleichenbacher.
Description The server is vulnerable to a Bleichenbacher Attack. The communication can be decrypted and user inputs such as passwords can be read.
Background The so-called Bleichenbacher attack (also known as ROBOT) is a 19-year-old security hole that allows RSA decryption and signature operations to be performed with the private key of a TLS server. The attack is an error in the program code.
Consequence The server is vulnerable to a vulnerability that allows an attacker to decrypt the communication.
Solution/Tips If Vulnerability has been reported, immediately install an update to your TLS Implementation on your server.