Bleichenbacher-Vulnerability/EN: Unterschied zwischen den Versionen
Zeile 14: | Zeile 14: | ||
− | [[Category:Siwecos-Scanner | + | [[Category:Siwecos-Scanner]] |
{{:{{PAGENAME}}/Category}} | {{:{{PAGENAME}}/Category}} |
Version vom 22. März 2019, 15:10 Uhr
Check for Bleichenbacher vulnerability
Check | Vulnerable to Bleichenbacher (ROBOT). |
Description | The server is vulnerable to a Bleichenbacher attack. Communication can be decrypted and user entries such as passwords can be read. |
Background | The so-called Bleichenbacher attack (also known under the name ROBOT) is a 19 year old security flaw that allows RSA decryption and signature operations to be performed with the private key of a TLS server. The attack is an error in the program code. |
Consequence | The server is vulnerable through a security flaw that allows an attacker to decrypt the communication. |
Solution/Tips | If vulnerability has been reported, immediately install an update for your TLS Implementation on your server. |