Short Name |
SSL:AUDIT:SSL-V2-TRAFFIC |
---|---|
Severity |
Info |
Recommended |
No |
Category |
SSL |
Keywords |
SSLv2 Traffic Identified |
Release Date |
2014/10/20 |
Update Number |
2431 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects SSLv2 traffic over the network. It is a legacy protocol and its usage is discouraged.
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.