LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Man-In-the-Middle Vulnerability For SSL and TLS
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 11-05-2009, 09:35 AM   #1
win32sux
Moderator
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,847

Rep: Reputation: 348Reputation: 348Reputation: 348Reputation: 348
Exclamation Man-In-the-Middle Vulnerability For SSL and TLS

Links to the relevant articles available on Slashdot.
Last edited by win32sux; 11-05-2009 at 09:38 AM.
 
Old 11-05-2009, 10:49 PM   #2
jayjwa
Member
 
Registered: Jul 2003
Location: NY
Distribution: None (src & compile)
Posts: 248

Rep: Reputation: 36
http://www.packetstormsecurity.org/0...iating_TLS.pdf

There's a new Openssl too, http://www.openssl.org/source/openssl-0.9.8l.tar.gz.
 
Old 11-06-2009, 07:37 PM   #3
win32sux
Moderator
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,847

Original Poster
Rep: Reputation: 348Reputation: 348Reputation: 348Reputation: 348
US-CERT has just published an advisory about this vulnerability. BTW, a search for SSL on Google News shows that the media is having a field day with this bug. I think I'll sticky this thread for a couple days in order to help get the word out.
Last edited by win32sux; 11-06-2009 at 07:38 PM.
 
Old 11-06-2009, 07:43 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 20,982
Blog Entries: 44

Rep: Reputation: 1236Reputation: 1236Reputation: 1236Reputation: 1236Reputation: 1236Reputation: 1236Reputation: 1236Reputation: 1236Reputation: 1236
Good one. The implications of this one are huge.
 
Old 11-23-2009, 06:06 AM   #5
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 10,990
Blog Entries: 2

Rep: Reputation: 748Reputation: 748Reputation: 748Reputation: 748Reputation: 748Reputation: 748Reputation: 748
Also see:
http://blog.g-sec.lu/2009/11/sslv3-t...erability.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: SSL expert says more to man-in-the-middle than meets the eye LXer Syndicated Linux News 0 05-25-2009 04:00 PM
Need Benign Man In the Middle SSL Setup knobby Linux - Networking 1 08-01-2008 02:45 AM
man in the middle attack atul_mehrotra Programming 12 09-22-2004 12:48 PM
man in the middle attack atul_mehrotra Linux - Security 4 09-22-2004 10:02 AM
Man in the middle attack juanb Linux - Security 17 03-29-2004 02:03 PM


All times are GMT -5. The time now is 08:05 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration