Aus Siwecos
Version vom 7. Mai 2020, 11:39 Uhr von Siwebot (Diskussion | Beiträge)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu: Navigation, Suche

Check for Bleichenbacher vulnerability

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Not vulnerable to Bleichenbacher.
Result negativ Vulnerable to Bleichenbacher.
Description The server is vulnerable to a Bleichenbacher] Attack. The communication can be decrypted and user inputs such as passwords can be read.
Background The so-called Bleichenbacher attack (also known as ROBOT) is a 19-year-old vulnerability that allows RSA decryption and signature operations to be performed using the private key of a TLS server. The attack is a bug in the program code.
Consequence The server is vulnerable to a vulnerability that allows an attacker to decrypt the communication.
Solution/Tips If Vulnerability has been reported, immediately install an update for your TLS implementation on your server.