Man-In-the-Middle Vulnerability For SSL and TLS - LinuxQuestions.org

LinuxQuestions.org

Go Job Hunting at the LQ Job Marketplace

Mark Forums Read

		LinuxQuestions.org > Forums > Linux > Linux - Security
Man-In-the-Middle Vulnerability For SSL and TLS

Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Reply

View First Unread

View First Unread

11-05-2009, 09:35 AM		#1
win32sux Moderator Registered: Jul 2003 Distribution: Ubuntu 8.10 Posts: 8,607 Thanked: 108	Man-In-the-Middle Vulnerability For SSL and TLS [Log in to get rid of this advertisement] Links to the relevant articles available on Slashdot. Last edited by win32sux; 11-05-2009 at 09:38 AM..

Thanked by:

11-05-2009, 10:49 PM		#2
jayjwa Member Registered: Jul 2003 Location: NY Distribution: None (src & compile) Posts: 222 Thanked: 1	http://www.packetstormsecurity.org/0...iating_TLS.pdf There's a new Openssl too, http://www.openssl.org/source/openssl-0.9.8l.tar.gz.

Thanked by:

11-06-2009, 07:37 PM		#3
win32sux Moderator Registered: Jul 2003 Distribution: Ubuntu 8.10 Posts: 8,607 Thanked: 108 Original Poster	US-CERT has just published an advisory about this vulnerability. BTW, a search for SSL on Google News shows that the media is having a field day with this bug. I think I'll sticky this thread for a couple days in order to help get the word out. Last edited by win32sux; 11-06-2009 at 07:38 PM..

11-06-2009, 07:43 PM		#4
unSpawn Moderator Registered: May 2001 Posts: 16,720 Blog Entries: 30 Thanked: 285	Good one. The implications of this one are huge.

Yesterday, 06:06 AM		#5
H_TeXMeX_H Guru Contributing Member Registered: Oct 2005 Location: $RANDOM Distribution: slackware64 Posts: 6,739 Blog Entries: 2 Thanked: 216	Also see: http://blog.g-sec.lu/2009/11/sslv3-t...erability.html

Reply

Bookmarks

Thread Tools
Show Printable Version Email this Page

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
LXer: SSL expert says more to man-in-the-middle than meets the eye	LXer	Syndicated Linux News	0	05-25-2009 04:00 PM
Need Benign Man In the Middle SSL Setup	knobby	Linux - Networking	1	08-01-2008 02:45 AM
ssh man-in-the-middle	naomi	Linux - Security	2	05-19-2005 03:04 PM
man in the middle attack	atul_mehrotra	Programming	12	09-22-2004 12:48 PM
Man in the middle attack	juanb	Linux - Security	17	03-29-2004 02:03 PM

All times are GMT -5. The time now is 03:51 AM.

Main Menu

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

LQ Podcast

LQ Radio

Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions

Open Source Consulting | Domain Registration