ECSystems.nl Information for VU#583776

Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack

Status

Affected

Vendor Statement

"Our version comes with a preferred cipher list which has mitigated SSLv2 issues since march 2015, our latest version 1.9.13.1 was released on 2 march 2016 with Openssl 1.0.2g which has the additional fix(es) for VU#583776."

Vendor Information

ECSystems.nl supports NGINX for Windows

Vendor References

http://nginx-win.ecsds.eu/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.