Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

 

 

 

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > OpenSSL: Drown attack

OpenSSL: Drown attack

Table of contents
Created by Dhalia Turiaga, last modified by MindTouch on Jun 23, 2016

Views: 790 Votes: 1 Revisions: 3

Overview

This article provides information about OpenSSL vulnerability discussed in the following links:

https://access.redhat.com/security/cve/cve-2016-0800

http://arstechnica.co.uk/security/20...yption-attack/

Environment

  • Serv-U version 12.x ++
  • Windows Vista/7/8, Server 2008/2012 - C:\ProgramData\RhinoSoft\Serv-U (Folder is Hidden in Windows by default)
  • Windows 2000/XP, Server 2000/2003 - C:\Program Files\RhinoSoft\Serv-U
  • Linux - /usr/local/Serv-U

Detail

Serv-U is not vulnerable to drown attack if SSLv2 is disabled in Serv-U (it is disabled by default). If the SSLv2 is not enabled, Serv-U is fine and not vulnerable to drown attack.

 

Last modified
02:36, 23 Jun 2016

Tags

Classifications

Public