Computer Security

Security Advisory: TLS / SSLv3 vulnerability explained (DRAFT)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  SSL data injection

  Aruba Advisory ID: AID-020810 TLS Protocol Session Renegotiation Security Vulnerability

  TLS Renegotiation Vulnerability: Proof of Concept Code (Python)

  msgid:20091221130346.
GA23192@otis.
atalante.redteam-
pentesting.
de?to=bugtraq@securit
yfocus.
com&from=RedTeam%
20Pentesting%20Gm
bH&folder=\\
3APA3A\Bugtraq&
subject=TLS%20Ren
egotiation%20Vuln
erability:
%20Proof

  [ MDVSA-2009:337 ] proftpd

From:Thierry Zoller <Thierry_(at)_Zoller.lu>
Date:18.11.2009
Subject:TLS / SSLv3 vulnerability explained (DRAFT)


Dear List,

This paper explains the vulnerability for a broader audience and
summarizes the information that is currently available. The document
is prone to updates and is believed to be accurate by the time of
writing.

Post:
http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html

Direct Download
http://clicky.me/tlsvuln

Disclaimer
Information is believed to be accurate by the time of writing.
As this vulnerability has complex implications this document
is prone to revisions in the future.


Thierry ZOLLER - G-SEC
http://www.g-sec.lu
Principal Security Consultant

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server