Obsolete Microsoft Internet Information Services (IIS) versions 7 and earlier are vulnerable, and editions of Network Security Services (NSS), a common cryptographic library built into many server products prior to 2012's 3.13 version, are also open to attack.
"We've been able to execute the attack against OpenSSL versions that are vulnerable to CVE-2016-0703 in under a minute using a single PC. Even for servers that don't have these particular bugs, the general variant of the attack, which works against any SSLv2 server, can be conducted in under 8 hours at a total cost of $440."
You may be wondering how SSLv2, which has been known to be insecure for twenty years, can be such an important attack vector. The researchers said that "merely allowing SSLv2, even if no legitimate clients ever use it, is a threat to modern servers and clients."
"It allows an attacker to decrypt modern TLS connections between up-to-date clients and servers by sending probes to any server that supports SSLv2 using the same private key," they added.
Ivan Ristic, director of engineering at Qualys and head of Qualys SSL Labs, said in remarks:
"The attack is not trivial ... I recommend that you first ensure your systems are not vulnerable. Fortunately, remediation is straightforward: Disable SSL v2 on all servers you have. It's as simple as that.... but I really do mean all servers. If you've been reusing private RSA [Rivest-Shamir-Adleman] keys (even with different certificates), disabling SSL v2 on one server is not going to help if there's some other server (possibly using a different hostname, port, or even a protocol) that continues to support this old and crazy vulnerable protocol version."
Indeed, "secure" servers can also be cracked -- just because they're on the same network as servers that are vulnerable. By using the Bleichenbacher attack, private RSA keys can be decrypted. These, in turn, can be used to unlock "secure" servers that use the same private key.
Get to work patching.
Besides the OpenSSL patches, which are available as source code, other firms -- including Canonical, Red Hat, and SUSE Linux -- will all be delivering the patches shortly.