Submit a ticketCall us

whitepaperYour VM Perplexities Called, and They Need You to Read This.

Virtualization can give you enormous flexibility with future workloads and can be a key enabler for other areas, like cloud computing and disaster recovery. So, how can you get a handle on the performance challenges in your virtual environment and manage deployments without erasing the potential upside? Learn the four key areas you need to be focusing on to help deliver a healthy and well-performing data center.

Get your free white paper.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Serv-U - Knowledgebase Articles > OpenSSL: Drown attack

OpenSSL: Drown attack

Table of contents
Created by Dhalia Turiaga, last modified by MindTouch on Jun 23, 2016

Views: 901 Votes: 1 Revisions: 3

Overview

This article provides information about OpenSSL vulnerability discussed in the following links:

https://access.redhat.com/security/cve/cve-2016-0800

http://arstechnica.co.uk/security/20...yption-attack/

Environment

  • Serv-U version 12.x ++
  • Windows Vista/7/8, Server 2008/2012 - C:\ProgramData\RhinoSoft\Serv-U (Folder is Hidden in Windows by default)
  • Windows 2000/XP, Server 2000/2003 - C:\Program Files\RhinoSoft\Serv-U
  • Linux - /usr/local/Serv-U

Detail

Serv-U is not vulnerable to drown attack if SSLv2 is disabled in Serv-U (it is disabled by default). If the SSLv2 is not enabled, Serv-U is fine and not vulnerable to drown attack.

 

Last modified

Tags

Classifications

Public