Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)

🗓️ 09 Mar 2016 04:08:29Reported by RedHatType 
redhat
 redhat🔗 access.redhat.com👁 2 Views

Padding oracle flaw in Secure Sockets Layer version two allows cross-protocol RSA decryption in TLS DROWN.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: A denial-of-service attack, heap use after free, network server exploit, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
8 Jul 202517:32
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Guardium
16 Jun 201821:40
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM InfoSphere Master Data Management
27 Apr 202210:23
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integrated Management Module (IMM) (CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799)
14 Apr 202314:32
ibm
IBM Security Bulletins		Security Bulletin: A vulnerability in OpenSSL affects IBM Tivoli Composite Application Manager for Transactions (CVE-2016-0800)
17 Jun 201815:19
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in OpenSSL affects IBM Sterling Connect:Express for Unix (CVE-2016-2842).
24 Jul 202022:49
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM i
18 Dec 201914:26
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Cast Iron
18 Nov 201913:57
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
17 Jun 201822:33
ibm
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM® SDK for Node.js™ in IBM Bluemix
9 Aug 201804:20
ibm
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux6ppcopenssl098e0:0.9.8e-20.el6_7.1openssl098e-0:0.9.8e-20.el6_7.1.ppc.rpm
Red Hat Enterprise Linux6ppc64openssl098e0:0.9.8e-20.el6_7.1openssl098e-0:0.9.8e-20.el6_7.1.ppc64.rpm
Red Hat Enterprise Linux6s390openssl098e0:0.9.8e-20.el6_7.1openssl098e-0:0.9.8e-20.el6_7.1.s390.rpm
Red Hat Enterprise Linux6s390xopenssl098e0:0.9.8e-20.el6_7.1openssl098e-0:0.9.8e-20.el6_7.1.s390x.rpm
Red Hat Enterprise Linux6x86_64openssl098e0:0.9.8e-20.el6_7.1openssl098e-0:0.9.8e-20.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux6anyopenssl098e0:0.9.8e-20.el6_7.1.i686openssl098e-0:0.9.8e-20.el6_7.1.i686.noarch.rpm
Red Hat Enterprise Linux7ppcopenssl098e0:0.9.8e-29.el7_2.3openssl098e-0:0.9.8e-29.el7_2.3.ppc.rpm
Red Hat Enterprise Linux7ppc64openssl098e0:0.9.8e-29.el7_2.3openssl098e-0:0.9.8e-29.el7_2.3.ppc64.rpm
Red Hat Enterprise Linux7s390openssl098e0:0.9.8e-29.el7_2.3openssl098e-0:0.9.8e-29.el7_2.3.s390.rpm
Red Hat Enterprise Linux7s390xopenssl098e0:0.9.8e-29.el7_2.3openssl098e-0:0.9.8e-29.el7_2.3.s390x.rpm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 May 2026 22:23Current
6.8Medium risk
Vulners AI Score6.8
CVSS 24.3
CVSS 35.9
EPSS0.90348
cross protocol attacksecure sockets layerpadding oracle flawversion tworsa decryptiontransport layer securitydrown attackrsa encryption
2