Bleichenbacher oracle in SSLv2 (CVE-2016-0704)

Disclosed: 2016-06-01 03:39:32 By dadrian To ibb

Unknown

Vulnerability Details

I'm retroactively submitting CVE-2016-0704, a.k.a. "Leaky Export", which is a Bleichenbacher-style bug that leads to another variant of the Special DROWN attack. I'm submitting on behalf of myself and J. Alex Halderman, as we independently found this bug. This was validated by OpenSSL as Sev:Moderate at https://www.openssl.org/news/secadv/20160301.txt. See https://drownattack.com for more information.

Actions

View on HackerOne

Report Stats

Report ID: 138181
State: Closed
Substate: resolved
Upvotes: 1

Bleichenbacher oracle in SSLv2 (CVE-2016-0704)

Vulnerability Details

Actions

Report Stats

Share this report