Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OpenSSL < 0.9.8zd / 1.0.0p / 1.0.1k Key Decryption Vulnerability

Medium

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

The remote host is running a version of OpenSSL which is vulnerable to an RSA-to-EXPORT_RSA downgrade attack which facilitates brute-force key decryption.

Solution

Upgrade to OpenSSL 0.9.8zd, 1.0.0p, 1.0.1k, or later.