openssl
Tag details
Welcome to the 'openssl' tag page at Technorati. This page features content from the farthest reaches of the Blogosphere that authors have "tagged" with 'openssl'.
Look up
"openssl"
at The Free Dictionary
Latest blogosphere posts tagged “openssl”
-
Vulnerability in TLS Protocol during Renegotiation [CVE-2009-3555]
Security —
Authority: 468
A security vulnerability in the TLS protocol (TLS 1.0 or later and SSLv3) may allow an unauthenticated, remote attacker to conduct man-in-the-middle(MITM) type of attacks where chosen plain text may be injectedas a prefix in an users TLS session.This vulnerability does not allow one to decrypt the intercepted network ...5 days ago -
Serious SSL Renegotiation Problem
The Musings of Chris Samuel —
Authority: 118
This just in from Ben Lawrie : For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end. But wait, there’s more.. To make matters even ...6 days ago -
null-prefix domino
daniel.haxx.se —
Authority: 113
At the end of July 2009, Scott Cantor contacted usin the curl project and pointed out a security flaw in libcurl (in code that was using OpenSSL to verify server certificates). Having read his explanation I recalled that I had witnessed the discussion on the NSS list about this problem just a few days earlier ...3 weeks ago