DROWN - Cross-protocol attack on TLS using SSLv2

About

To help you manage your response to the DROWN OpenSSL attack, we have provided several options to understand, automate, and control its discovery in your infrastructure:

  • If you are using Red Hat Insights for predictive risk analysis, see this blog
  • If you are using Ansible for infrastructure automation, see this blog
  • If you are using CloudForms to manage cloud infrastructure, see this blog

To manually detect if a system is vulnerable, please use the script below:

The signature for this script is here.

Note: This tool is intended as a supplement to the Red Hat provided remediation steps provided in: https://access.redhat.com/security/vulnerabilities/drown

Signed for your protection

For your protection, this script has been signed with the Customer Platform Tools key (8366b0d9). Red Hat hosts the public keys for signed content at pgp.mit.edu. You can verify the authenticity of this script by executing the following commands:

$ gpg --keyserver pgp.mit.edu --recv 8366b0d9
$ gpg --verify DROWN-test.sh.asc DROWN-test.sh
          

If the script is authentic, you should see output similar to this:

gpg: Signature made Mon 23 Feb 2015 12:22:15 PM EST using RSA key ID 8366B0D9
gpg: Good signature from "Red Hat, Inc. (tools key) "
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8B12 20FC 564E 9583 2002  05FF 7514 F77D 8366 B0D9
          

Usage

$ chmod +x DROWN-test.sh
$ ./DROWN-test.sh

If the installed version of openssl is vulnerable, you will see output similar to:

WARNING: The installed version of openssl (openssl-1.0.1e-42.el7) is vulnerable to both general and special DROWN attack and should be upgraded!
See https://access.redhat.com/security/vulnerabilities/drown for more information.