Bleichenbacher-Vulnerable-POP3S/EN
Version vom 7. Mai 2020, 11:39 Uhr von Siwebot (Diskussion | Beiträge)
Check for Bleichenbacher vulnerability
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
Result positive | Not vulnerable to Bleichenbacher. |
Result negativ | Vulnerable to Bleichenbacher. |
Description | The server is vulnerable to a Bleichenbacher] Attack. The communication can be decrypted and user inputs such as passwords can be read. |
Background | The so-called Bleichenbacher attack (also known as ROBOT) is a 19-year-old vulnerability that allows RSA decryption and signature operations to be performed using the private key of a TLS server. The attack is a bug in the program code. |
Consequence | The server is vulnerable to a vulnerability that allows an attacker to decrypt the communication. |
Solution/Tips | If Vulnerability has been reported, immediately install an update for your TLS implementation on your server. |