what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Renegotiating TLS Man-In-The-Middle
Posted Nov 5, 2009
Authored by Steve Dispensa, Marsh Ray | Site extendedsubset.com

Paper called Renegotiating TLS. Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation. In general, these problems allow an MITM to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream, leading to a variety of abuse possibilities. In particular, practical attacks against HTTPS client certificate authentication have been demonstrated against recent versions of both Microsoft IIS and Apache httpd on a variety of platforms and in conjunction with a variety of client applications. Cases not involving client certificates have been demonstrated as well.

tags | advisory, web, arbitrary, protocol
MD5 | c25776848ed92081ad22764f79a2daca
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Everyone Is Burned Out. That's Becoming A Security Nightmare
Posted Dec 8, 2021

tags | headline
Apache Kafka Cloud Clusters Expose Sensitive Data For Companies
Posted Dec 7, 2021

tags | headline, data loss, flaw, apache
Court Allows Microsoft To Dismantle Infrastructure Of APT15
Posted Dec 7, 2021

tags | headline, government, malware, microsoft, usa, china, botnet, cyberwar
Founder Of Massive Robo Text Service Accused Of Running Secret Spying Operation
Posted Dec 7, 2021

tags | headline, government, phone, password, spyware, social, switzerland
Losses From BitMart Breach Reach $200 Million
Posted Dec 7, 2021

tags | headline, bank, cybercrime, data loss, flaw, cryptography
BitMart Crypto Exchange Loses $150 Million To Hackers
Posted Dec 6, 2021

tags | headline, hacker, bank, cybercrime, data loss, cryptography
SolarWinds Hackers Keep Compromising Targets
Posted Dec 6, 2021

tags | headline, hacker, government, russia, cyberwar, backdoor
FBI: Cuban Ransomware Hits 49 Critical Infrastructure Organizations
Posted Dec 6, 2021

tags | headline, government, malware, usa, cyberwar, cuba, fbi, cryptography
American Diplomat's iPhones Compromised By NSO Group
Posted Dec 6, 2021

tags | headline, government, malware, usa, phone, flaw, cyberwar, israel, spyware, apple
US Rejects Calls For Regulating Or Banning Killer Robots
Posted Dec 3, 2021

tags | headline, government, usa, botnet, cyberwar, science, military
View More News →
packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close