Bleichenbacher-Vulnerability/EN

Aus Siwecos
Wechseln zu: Navigation, Suche

Check for Bleichenbacher vulnerability

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Not vulnerable to Bleichenbacher (ROBOT).
Result negativ Vulnerable to Bleichenbacher (ROBOT).
Description The server is vulnerable to a Bleichenbacher attack (ROBOT). Through such an attack, the communication can be decoded and user input, such as passwords, can be read as clear text during transfer.
Background The so-called Bleichenbacher attack (ROBOT) is a returning 19-year-old security flaw that allows RSA decryption and signature operations to be performed with the private key of a TLS server.
Consequence The server is vulnerable through a security flaw that allows an attacker to decrypt the communication.
Solution/Tips If vulnerability was reported, check your certificate or update your TLS implementation on your server immediately.