No matter which product you have, Nessus®, SecurityCenter™, SecurityCenter CV™, or Passive Vulnerability Scanner™, Tenable can determine if you are at risk of “drowning.”
The DROWN CVE-2016-0800 vulnerability is a cross protocol vulnerability that enables an attacker to decrypt TLS connections between up-to-date clients and servers by sending packets to any server that supports SSLv2 using the same private key.
The DROWN vulnerability’s impact is made worse by two additional OpenSSL implementation vulnerabilities:
- CVE-2015-3197, which allows a DROWN attacker to connect to the server with disabled SSLv2 ciphersuites, provided that support for SSLv2 itself is enabled
- CVE-2016-0703, which greatly reduces the time of carrying out the DROWN attack
According to drownattack.com, at the time of vulnerability publication on March 1, 33% of all HTTPs sites were affected by this vulnerability. More information on DROWN severity is available in the OpenSSL advisory issued on March 1.
The Tenable Response
Impacted operating system vendors are making updates available, and Tenable has released a new Nessus scan policy template specifically for DROWN.
We have released a customized SecurityCenter™ dashboard to monitor, track and remediate critical assets affected by CVE-2016-0800. This dashboard is automatically available via the feed to provide insight on the impact to your environment and the progress of your efforts to remediate this vulnerability.
Passive Vulnerability Scanner
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.
The following plugins address DROWN: