ssl drown

About this tag
The SSL DROWN attack vulnerability (CVE-2014-3566) is a security issue that affects Windows Server 2008 R2 and other systems supporting SSLv2. It allows attackers to decrypt RSA-encrypted traffic by exploiting obsolete and weakened encryption. On WindowsForum.com, users discuss how to address this vulnerability, often found during vulnerability scans with tools like Nessus. Solutions typically involve disabling SSLv2 and ensuring only secure protocols like TLS are enabled. The tag covers troubleshooting steps for mitigating SSL DROWN in enterprise Windows environments, including registry edits or group policy changes to harden server configurations against this and related vulnerabilities like POODLE.
  1. L

    Vulnerability issues in windows server 2008r2

    Hi Everyone, In our environment, we run Vulnerability to scan in the servers using the Nessus scanner tool, as a result it throws some Vulnerability issues as listed below: SMB Signing not required DNS Server Cache Snooping Remote Information Disclosure SSL DROWN Attack Vulnerability...
Back
Top