DROWN Vulnerability: Three Servers Secured After Routine Scan
On March 2nd, a routine scan uncovered three servers vulnerable to the DROWN attack. These servers were part of a decommissioned partner-facing application, with no associated DNS names but accessible IP addresses. The discovery came a day after the OpenSSL DROWN vulnerability was publicly disclosed.
The DROWN vulnerability, revealed on March 1st, allows attackers to decrypt SSL/TLS sessions. Upon discovering the susceptible servers, the certificate served on these machines was promptly reissued with a new private key. Queries about the servers' configuration were received the following day, on March 3rd.
To mitigate risk, access to the respective services was immediately turned off. Partners connected to these servers typically used outdated systems supporting the deprecated SSLv2 protocol, including legacy browsers and devices.
Following the DROWN vulnerability disclosure, swift action was taken to secure the affected servers. The certificate was reissued, access was restricted, and partners were informed. While no immediate impact was reported, the potential for session decryption highlights the importance of keeping systems up-to-date and secure.
Read also:
- Global Content Dissemination Through Cross-Linguistic Voiceovers
- JLR Fights Back After Cyberattack, Secures $7B in Funding, Appoints New CEO
- A2C Teams Up with Privacy4Cars to Strengthen FTC Compliance for Auto Dealers
- Mandated automobile safety technologies in the EU may be deemed "irrational," "erratic," and potentially dangerous, experts caution.
