Drown Attack - Summary
The DROWN attack (CVE-2016-0800) was made public last week.
Drown is a Cross-protocol attack on TLS using SSLv2. it allows attackers to break the encryption and access potentially sensitive communications like passwords or credit card details.
At the time of writing this, researchers have estimated that around a third of all HTTPS servers are vulnerable to this attack.
For an indepth discussion on the DROWN attack please visit the site. https://drownattack.com/
Drown is a Cross-protocol attack on TLS using SSLv2. it allows attackers to break the encryption and access potentially sensitive communications like passwords or credit card details.
At the time of writing this, researchers have estimated that around a third of all HTTPS servers are vulnerable to this attack.
For an indepth discussion on the DROWN attack please visit the site. https://drownattack.com/
Comments
Post a Comment