Bleichenbacher-Vulnerability/EN: Unterschied zwischen den Versionen
| Zeile 4: | Zeile 4: | ||
|'''Check'''|| {{:{{PAGENAME}}/Negative}} | |'''Check'''|| {{:{{PAGENAME}}/Negative}} | ||
|- | |- | ||
| − | |''' | + | |'''Description'''|| {{:{{PAGENAME}}/Description}} |
|- | |- | ||
| − | |''' | + | |'''Background'''|| {{:{{PAGENAME}}/Background}} |
|- | |- | ||
| − | |''' | + | |'''Consequence'''|| {{:{{PAGENAME}}/Consequence}} |
|- | |- | ||
| − | |''' | + | |'''Solution/Tips'''|| {{:{{PAGENAME}}/Solution_Tips}} |
|} | |} | ||
| Zeile 16: | Zeile 16: | ||
[[Category:Siwecos-Scanner/EN]] | [[Category:Siwecos-Scanner/EN]] | ||
{{:{{PAGENAME}}/Category}} | {{:{{PAGENAME}}/Category}} | ||
| − | |||
Version vom 15. März 2019, 13:58 Uhr
Check for Bleichenbacher vulnerability
| Check | Vulnerable to Bleichenbacher (ROBOT). |
| Description | The server is vulnerable to a Bleichenbacher attack. Communication can be decrypted and user entries such as passwords can be read. |
| Background | The so-called Bleichenbacher attack (also known under the name ROBOT) is a 19 year old security flaw that allows RSA decryption and signature operations to be performed with the private key of a TLS server. The attack is an error in the program code. |
| Consequence | The server is vulnerable through a security flaw that allows an attacker to decrypt the communication. |
| Solution/Tips | If vulnerability has been reported, immediately install an update for your TLS Implementation on your server. |
