Decrypting RSA with Obsolete and Weakened Encryption (DROWN)
Author: HollyGraceful Published: 21 October 2022 Last Updated: 03 November 2022
Decrypting RSA with Obsolete and Weakened Encryption (DROWN) is a vulnerability in servers that support Secure Sockets Layer (SSL) version 2.0. It is a form of cross-platform Bleichenbacher padding oracle attack and would allow an attacker that is able to perform an interception attack to decrypt intercepted TLS connections by making specially crafted connections to an SSLv2 server that uses the same private key.
This effectively means that an attack can be successful even if clients are not utilising SSLv2 and if the targeted server itself does not support SSLv2 but another server does and uses the same private key. This attack was demonstrated as practical in 2016.
This attack would allow an attacker to decrypt a connection between the client and server and therefore may disclose sensitive information such as passwords and session tokens.
It is recommended that:
- All version of SSL are disabled
Although this attack specifically impacts SSLv2, all version of SSL are deprecated and should be therefore disabled.