Description
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4938)
Oracle Database Server CVE-2008-2605 Vulnerability (CVE-2008-2605)
WordPress Plugin Import Export WordPress Users CSV Injection (1.3.1)
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.5.5)
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)