Invalid-Curve-Ephemeral-Vulnerability/EN: Unterschied zwischen den Versionen

Aus Siwecos
Wechseln zu: Navigation, Suche
Zeile 4: Zeile 4:
 
|'''Check'''|| {{:{{PAGENAME}}/Negative}}
 
|'''Check'''|| {{:{{PAGENAME}}/Negative}}
 
|-
 
|-
|'''Beschreibung'''||  {{:{{PAGENAME}}/Description}}
+
|'''Description'''||  {{:{{PAGENAME}}/Description}}
 
|-
 
|-
|'''Hintergrund'''||  {{:{{PAGENAME}}/Background}}
+
|'''Background'''||  {{:{{PAGENAME}}/Background}}
 
|-
 
|-
|'''Auswirkung'''||  {{:{{PAGENAME}}/Consequence}}
+
|'''Consequence'''||  {{:{{PAGENAME}}/Consequence}}
 
|-
 
|-
|'''Lösung / Tipps'''||  {{:{{PAGENAME}}/Solution_Tips}}
+
|'''Solution/Tips'''||  {{:{{PAGENAME}}/Solution_Tips}}
 
|}
 
|}
  
Zeile 16: Zeile 16:
 
[[Category:Siwecos-Scanner/EN]]
 
[[Category:Siwecos-Scanner/EN]]
 
{{:{{PAGENAME}}/Category}}
 
{{:{{PAGENAME}}/Category}}
[[Category:Glossar]]
 

Version vom 15. März 2019, 13:00 Uhr

Check for the Ephemeral Invalid Curve vulnerability.

Check Vulnerable by Ephemeral Invalid Curve attacks.
Description The server is vulnerable to an Ephemeral Invalid Curve Angriff. This allows an attacker to attack connections.
Background Elliptic Curve Cryptography (ECC) is one of the cornerstones of modern cryptography due to its security and performance features. It is used in key exchange protocols and to calculate signatures. However, fatal security holes can occur if it is used incorrectly.
Consequence The server is vulnerable through an implementation vulnerability that allows an attacker to decrypt the communication.
Solution/Tips If vulnerability was reported, update your TLS implementation on your server immediately.