The DROWN attack

One of the famous cross-protocol security bugs is Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) attack. This attack executes by using the application’s support for old, obsolete and insecure SSL v2 protocol. Using this protocol, the attacker leverages an attack on connections using current protocols that would otherwise be secure. This bug can successfully exploit the servers supporting new transport layer security (TLS) protocol suites. The DROWN attack can affect any server that offers services encrypted with transport layer security (TLS). It supports SSLv2, provided they share the same public key credentials between the two protocols. The DROWN attack allows attackers to break the encryption and read sensitive information from the communication channel. The confidential information includes passwords, credit card details, financial data and many more. According to sources, there is as much as 33% of servers on the internet are vulnerable to this attack. Mail servers and other websites that are dependent on TLS are vulnerable to this attack.

Impact

Using this vulnerability, an attacker can:-

  • perform Chosen - CypherText Attack.
  • get access to confidential information includes passwords, credit card details, financial data and many more.
  • execute Man-In-The-Middle (MITM) on the web application.

Mitigation / Precaution

Beagle recommends the following precautions:-

  • Keep old protocols such as SSLv2 and SSLv3 as fully DISABLED
  • Make sure the application’s private keys are not used anywhere with server software that allows SSLv2 connections.

Latest Articles