lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Nov 2009 15:42:26 +0100 From: Thierry Zoller <Thierry@...ler.lu> To: bugtraq <bugtraq@...urityfocus.com>, full-disclosure <full-disclosure@...ts.grok.org.uk>, <info@...cl.etat.lu> Subject: TLS / SSLv3 vulnerability explained (DRAFT) Dear List, This paper explains the vulnerability for a broader audience and summarizes the information that is currently available. The document is prone to updates and is believed to be accurate by the time of writing. Post: http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html Direct Download http://clicky.me/tlsvuln Disclaimer Information is believed to be accurate by the time of writing. As this vulnerability has complex implications this document is prone to revisions in the future. Thierry ZOLLER - G-SEC http://www.g-sec.lu Principal Security Consultant
Powered by blists - more mailing lists