Differences
This shows you the differences between two versions of the page.
— |
troubleshooting:how-to-fix-the-sslv2-drown-vulnerability [2016-08-18 23:45:13] (current) rory.blanchard created |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== How to Fix the SSLv2 DROWN Vulnerability ====== | ||
+ | |||
+ | A recently published vulnerability that has been called DROWN allows an attacker to take advantage of the weak SSL protocol SSLv2 in two ways. | ||
+ | |||
+ | * A server that has SSL v2 enabled can be used to attack any other servers that reuse the same RSA key; even those servers that don’t themselves support SSL v2. This attack is generic | ||
+ | |||
+ | * A server that has SSL v2 enabled and is also running a special vulnerable version of OpenSSL (CVE-2016-0703) can be used to attack all other hostnames appear in its certificate. | ||
+ | |||
+ | This means that no server should have SSLv2 enabled at this point. | ||
+ | |||
+ | If you are using the latest version of cPanel with the default options, SSLv2 is already disabled, but you may not be safe. | ||
+ | |||
+ | <note warning> | ||
+ | If you have any servers using SSLv2, and a shared certificate or hostname, you are vulnerable. | ||
+ | </ | ||
+ | |||
+ | In the following example, even though server 1 and 3 have SSLv2 disabled, all of the servers are vulnerable: | ||
+ | |||
+ | < | ||
+ | server 1 SSLv2 disabled server1.example.com | ||
+ | server 2 SSLv2 enabled server2.example.com | ||
+ | server 3 SSLv2 disabled server3.example.com | ||
+ | </ | ||
+ | |||
+ | To protect yourself, you can check for drown using the [[https:// | ||
+ | |||
+ | If your server shows up as vulnerable, check all servers that are using the same hostname or wildcard certificate, | ||
+ | \\ | ||
+ | \\ | ||
+ | |||