Aus Siwecos
Wechseln zu: Navigation, Suche

Check for Bleichenbacher vulnerability

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Not vulnerable to Bleichenbacher (ROBOT).
Result negativ Vulnerable to Bleichenbacher (ROBOT).
Description The server is vulnerable to a Bleichenbacher attack. Communication can be decrypted and user entries such as passwords can be read.
Background The so-called Bleichenbacher attack (also known under the name ROBOT) is a 19 year old security flaw that allows RSA decryption and signature operations to be performed with the private key of a TLS server. The attack is an error in the program code.
Consequence The server is vulnerable through a security flaw that allows an attacker to decrypt the communication.
Solution/Tips If vulnerability has been reported, immediately install an update for your TLS Implementation on your server.