| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jessevalentin at yahoo.com (JV) Subject: SSL Vulnerability?? Here’s an interesting link having to do with a vulnerability found in the Netscape NSS library which will impact any “products making use of the library for SSL communication”. Might be possible to remotely compromise any sites affected by this issue. This has the potential to be very ugly since any site using SSL is usually trying to protect something valuable… banking, health information, etc.. Some products making use of this library suite are: Netscape - Enterprise Server (NES) - All known versions Netscape - Personalization Engine (NPE) - All known versions Netscape - Directory Server (NDS) - All known versions Netscape - Certificate Management Server (CMS) - All known versions Sun - Sun One/iPlanet - All known versions Any application or product that integrates the NSS library suite and which implements SSLv2 ciphers Check out this link for more info and vendor supplied patches, etc. http://xforce.iss.net/xforce/alerts/id/180 - Jesse --------------------------------- Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040826/56c362fb/attachment.html
Powered by blists - more mailing lists