Tag: SSL

Preventing your Ubuntu servers from CVE-2016-2107

site-admin DevOps, Uncategorized Tagged Tags: , , , ,

I just discovered that this site is still vulnerable from CVE-2016-2107. According to CVE(Common Vulnerabilities and Exposers), this vulnerability allows remote attackers to obtain sensitive clear text information via a padding-oracle attack against an AES CBC session. This vulnerability exists because of an incorrect fix for CVE-2013-0169. To fix this problem, I performed the following… continue reading »