Bleichenbacher-Vulnerability-SMTP/EN
Version vom 26. Oktober 2019, 13:09 Uhr von Siwebot (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=== {{:{{PAGENAME}}/Headline}} === If the result is positive, there is no need for further action. If the result is negative, please read the following inst…“)
Check for Bleichenbacher vulnerability
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
Result positive | Not vulnerable to Bleichenbacher. |
Result negativ | Vulnerable to Bleichenbacher. |
Description | The server is vulnerable to a Bleichenbacher Attack. The communication can be decrypted and user inputs such as passwords can be read. |
Background | The so-called Bleichenbacher attack (also known as ROBOT) is a 19-year-old security hole that allows RSA decryption and signature operations to be performed with the private key of a TLS server. The attack is an error in the program code. |
Consequence | The server is vulnerable to a vulnerability that allows an attacker to decrypt the communication. |
Solution/Tips | If Vulnerability has been reported, immediately install an update to your TLS Implementation on your server. |