LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Man-In-the-Middle Vulnerability For SSL and TLS
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 11-05-2009, 08:35 AM   #1
win32sux
Moderator
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 367Reputation: 367Reputation: 367Reputation: 367
Exclamation Man-In-the-Middle Vulnerability For SSL and TLS

Links to the relevant articles available on Slashdot.
Last edited by win32sux; 11-05-2009 at 08:38 AM.
 
Old 11-05-2009, 09:49 PM   #2
jayjwa
Member
 
Registered: Jul 2003
Location: NY
Distribution: None (src & compile)
Posts: 248

Rep: Reputation: 36
http://www.packetstormsecurity.org/0...iating_TLS.pdf

There's a new Openssl too, http://www.openssl.org/source/openssl-0.9.8l.tar.gz.
 
Old 11-06-2009, 06:37 PM   #3
win32sux
Moderator
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 367Reputation: 367Reputation: 367Reputation: 367
US-CERT has just published an advisory about this vulnerability. BTW, a search for SSL on Google News shows that the media is having a field day with this bug. I think I'll sticky this thread for a couple days in order to help get the word out.
Last edited by win32sux; 11-06-2009 at 06:38 PM.
 
Old 11-06-2009, 06:43 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 21,576
Blog Entries: 47

Rep: Reputation: 1402Reputation: 1402Reputation: 1402Reputation: 1402Reputation: 1402Reputation: 1402Reputation: 1402Reputation: 1402Reputation: 1402Reputation: 1402
Good one. The implications of this one are huge.
 
Old 11-23-2009, 05:06 AM   #5
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Posts: 11,388
Blog Entries: 2

Rep: Reputation: 825Reputation: 825Reputation: 825Reputation: 825Reputation: 825Reputation: 825Reputation: 825
Also see:
http://blog.g-sec.lu/2009/11/sslv3-t...erability.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: SSL expert says more to man-in-the-middle than meets the eye LXer Syndicated Linux News 0 05-25-2009 03:00 PM
Need Benign Man In the Middle SSL Setup knobby Linux - Networking 1 08-01-2008 01:45 AM
man in the middle attack atul_mehrotra Programming 12 09-22-2004 11:48 AM
man in the middle attack atul_mehrotra Linux - Security 4 09-22-2004 09:02 AM
Man in the middle attack juanb Linux - Security 17 03-29-2004 01:03 PM


All times are GMT -5. The time now is 01:57 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration