How to block DROWN attack – Fix SSL vulnerability in Linux, Apache, Nginx, Exim and other servers

On March 1, 2016, a new SSL vulnerability called DROWN (Decrypting RSA with Obsolete and Weakened Encryption) was disclosed by security researchers. This vulnerability (aka¬†CVE-2016-0800) allows attackers to decrypt even strong TLSv1.2 connections, if the server supports the obsolete SSLv2 protocol. As reports filter in, it is known that even large websites such as Yahoo, … Continue reading How to block DROWN attack – Fix SSL vulnerability in Linux, Apache, Nginx, Exim and other servers