Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

SSL:AUDIT:SSL-V2-TRAFFIC

Severity

Info

Recommended

No

Category

SSL

Keywords

SSLv2 Traffic Identified

Release Date

2014/10/20

Update Number

2431

Supported Platforms

idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

SSL: SSLv2 Traffic Identified


This signature detects SSLv2 traffic over the network. It is a legacy protocol and its usage is discouraged.

Extended Description

The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.

Affected Products

  • Openssl openssl 1.0.1
  • Openssl openssl 1.0.1a
  • Openssl openssl 1.0.1b
  • Openssl openssl 1.0.1c
  • Openssl openssl 1.0.1d
  • Openssl openssl 1.0.1e
  • Openssl openssl 1.0.1f
  • Openssl openssl 1.0.1g
  • Openssl openssl 1.0.1h
  • Openssl openssl 1.0.1i
  • Openssl openssl 1.0.1j
  • Openssl openssl 1.0.1k
  • Openssl openssl 1.0.1l
  • Openssl openssl 1.0.1m
  • Openssl openssl 1.0.1n
  • Openssl openssl 1.0.1o
  • Openssl openssl 1.0.1p
  • Openssl openssl 1.0.1q
  • Openssl openssl 1.0.1r
  • Openssl openssl 1.0.2
  • Openssl openssl 1.0.2a
  • Openssl openssl 1.0.2b
  • Openssl openssl 1.0.2c
  • Openssl openssl 1.0.2d
  • Openssl openssl 1.0.2e
  • Openssl openssl 1.0.2f
  • Pulsesecure client -
  • Pulsesecure steel_belted_radius -

References

  • CVE: CVE-2016-0800
  • URL: https://datatracker.ietf.org/doc/rfc6176/
  • URL: https://drownattack.com/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out