According to a recent report by security researches on the Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) vulnerability, over 3.5 million HTTPS servers are estimated to be seriously affected.
Aiming to gain personal communications between users and the server, including passwords, credit card numbers, usernames, e-mails, messages, important documents, etc., the attackers of HTTPS servers “can also impersonate a secure website and intercept or change the content the user sees.” Among the approximate number of 3.5 million or 33% of all HTTPS servers at risk, are websites, mail services, popular sites, etc.
The report has raised awareness that third parties may reveal encrypted communications and that anyone must take action to prevent becoming a victim of this attack.
According to the report, a server is vulnerable to DROWN if:
or:
Can you prevent the attack?
Yes, you can if you start taking action as soon as possible. Among the existing protections is the SSLv2 protocol disablement in all SSL/TLS servers, including HTTP, IMAP, POP, and SMTP servers, as NopSec CTO Michelangelo Sidagni suggested.
“Servers that have not disabled the SSLv2 protocol and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2 ciphers are nominally disabled, because malicious clients can force the use of SSLv2 with EXPORT ciphers,” Sidagni said for LinuxInsider adding that there is nothing practical Web browsers can do to prevent becoming victims of DROWN vulnerability.
An extension of the 1998 Bleichenbacher attack, this current threat should be taken seriously so that companies become fully aware of what can hurt their business and damage their image.
"Considering almost all servers on the Internet could be impacted by this attack, I would say this threat is considerably widespread or severe," TokenEx CEO Alex Pezold told LinuxInsider.
You can easily check whether your server is vulnerable to DROWN by entering your IP address here.
If you have other questions, you can check the full report here and get to know more about how to contact the DROWN research team, get more info on other technical details, whether you need to update your browser or not, what factors contribute to DROWN and much more.
Image Sources: www.getadvanced.net, www.function1.com
Email us at: Rudi@SilvaeTechnologies.eu, Nelly.Darova@SilvaeTechnologies.eu
Or give us a call: Rudi: +359 878 602 954, Nelly: +359 878 602 941
44B Borisova Str.
7012, Ruse, Bulgaria
1000 Brussels, Belgium