You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ssl drown
About this tag
The SSL DROWN attack vulnerability (CVE-2014-3566) is a security issue that affects Windows Server 2008 R2 and other systems supporting SSLv2. It allows attackers to decrypt RSA-encrypted traffic by exploiting obsolete and weakened encryption. On WindowsForum.com, users discuss how to address this vulnerability, often found during vulnerability scans with tools like Nessus. Solutions typically involve disabling SSLv2 and ensuring only secure protocols like TLS are enabled. The tag covers troubleshooting steps for mitigating SSL DROWN in enterprise Windows environments, including registry edits or group policy changes to harden server configurations against this and related vulnerabilities like POODLE.
Hi Everyone,
In our environment, we run Vulnerability to scan in the servers using the Nessus scanner tool, as a result it throws some Vulnerability issues as listed below:
SMB Signing not required
DNS Server Cache Snooping Remote Information Disclosure
SSL DROWN Attack Vulnerability...