lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4B70B66DA655F144855183C68062EE8955850F@trexchange.csnc.ch>
Date: Wed, 23 Dec 2009 08:20:36 +0100
From: "Ivan Buetler" <ivan.buetler@...c.ch>
To: "Barry Raveendran Greene" <bgreene@...ki.org>,
	"RedTeam Pentesting GmbH" <release@...team-pentesting.de>,
	<bugtraq@...urityfocus.com>
Subject: RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python)

I created a Camtasia Movie some time ago "exploiting" the vulnerability
by injecting "/user/profile/E1/" into the first ssl request to "/" 

http://www.hacking-lab.com/download/

This can help others to understand the vulnerability. 


Regards
Ivan



-----Original Message-----
From: Barry Raveendran Greene [mailto:bgreene@...ki.org] 
Sent: Monday, December 21, 2009 9:16 PM
To: 'RedTeam Pentesting GmbH'; bugtraq@...urityfocus.com
Subject: RE: TLS Renegotiation Vulnerability: Proof of Concept Code
(Python)

Also, can you change this:

"Transport Layer Security (TLS) Renegotiation Indication Extension, IETF
draft standard that addresses the vulnerability."

To:

"Transport Layer Security (TLS) Renegotiation Indication Extension, IETF
TLS
Working Group draft that addresses the vulnerability."

Where "IETF TLS Working Group" is hyperlinked to
http://www.ietf.org/dyn/wg/charter/tls-charter.html

That would help people who do not have a clue who the IETF or the TLS WG
or
that both are open standards forums.

Thanks,

Barry

> -----Original Message-----
> From: RedTeam Pentesting GmbH [mailto:release@...team-pentesting.de]
> Sent: Monday, December 21, 2009 5:04 AM
> To: bugtraq@...urityfocus.com
> Subject: TLS Renegotiation Vulnerability: Proof of Concept Code
> (Python)
> 
> Information about a vulnerability in the TLS protocol was published in
> the
> beginning of November 2009. Attackers can take advantage of that
> vulnerability
> to inject arbitrary prefixes into a network connection protected by
> TLS. This
> can result in severe vulnerabilities, depending on the application
> layer
> protocol used over TLS.
> 
> RedTeam Pentesting used the Python module "TLS Lite" to develop proof
> of concept
> code that exploits this vulnerability. It is published at
> 
> http://www.redteam-pentesting.de/publications/tls-renegotiation
> 
> to raise awareness for the vulnerability and its potential impact.
> Furthermore,
> it shall give interested persons the opportunity to analyse
> applications
> employing TLS for further vulnerabilities.
> 
> --
> RedTeam Pentesting GmbH                    Tel.: +49 241 963-1300
> Dennewartstr. 25-27                        Fax : +49 241 963-1304
> 52068 Aachen                    http://www.redteam-pentesting.de/
> Germany                         Registergericht: Aachen HRB 14004
> Geschäftsführer: Patrick Hof, Jens Liebchen, Claus R. F. Overbeck

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ