eSentire White Logo

Security advisories | Feb 26, 2019

DROWN Vulnerability

Please be advised that there has been a vulnerability identified in SSLv2 called DROWN. This vulnerability affects all servers and firmware-based appliances supporting SSLv2 and according to sources approximately 33% of websites are vulnerable to this attack. In order to help our customers address this threat we have outlined the vector and mitigation methods applicable to the DROWN vulnerability below.

What We Know
What is DROWN:
  • DROWN stands for: Decrypting RSA with Obsolete and Weakened eNcryption
  • SSLv2 dates back to the 1990s and is frequently enabled by accident or automatically when setting up a new server
  • DROWN attackers must have access to recorded SSL/TLS sessions in order to exploit this vulnerability.
  • All client sessions (even those recorded in the past) are vulnerable if the target server still supports SSLv2 today, irrespective of whether the client ever supported it.
  • Attackers can gain access to any communication between users and servers
    • This can include: usernames, passwords, documents, emails, instant messages
    • Attackers can also impersonate secure websites and intercept or change the content seen by the user
Who is affected:
  • A device or server is vulnerable if one of the following is true:
    • It allows SSLv2 connections
    • Its private key is used on any other server that allows SSLv2 connections
eSentire protection:
  • eSentire can confirm that currently no externally facing systems are at risk of this vulnerability. Further assessments of internal systems are underway and should we discover vulnerable systems, they will be patched as per our standard risk assessment and remediation process
  • At this time there is no protection or detection available from eSentire services
How to protect yourself from this threat:
  • In order to protect against the DROWN attack, ensure that SSLv2 is completely disabled on all servers as well as make sure that the private key isn’t shared across any other servers
  • For users of OpenSSL, even if SSLv2 ciphersuites are disabled in the server configuration the following steps are needed to ensure protection:
    • Disable the SSLv2 protocol entirely in the server configuration
    • OpenSSL 1.0.2 users are strongly advised to upgrade to OpenSSL 1.0.2g
    • OpenSSL 1.0.1 users are recommended to upgrade to OpenSSL 1.0.1s.
    • If you are using another version of OpenSSL for security, you should upgrade to the newer patched versions 1.0.2g or 1.0.1s