exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Mandriva Linux Security Advisory 2010-069
Posted Apr 7, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-069 - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue. Additionally the NSPR package has been upgraded to 4.8.4 that brings numerous upstream fixes. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides the latest versions of NSS and NSPR libraries and for which NSS is not vulnerable to this attack.

tags | advisory, web, protocol
systems | linux, mandriva
advisories | CVE-2009-3555
MD5 | 019501974c03af98ab046aab099da195
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
We Asked Def Con Attendees Why People Are Still Getting Hacked
Posted Aug 16, 2019

tags | headline, hacker, conference
Judge Orders Georgia To Switch To Paper Ballots For 2020 Elections
Posted Aug 16, 2019

tags | headline, government, usa, fraud
Huawei Africa Spying Claims Denied
Posted Aug 16, 2019

tags | headline, government, china, africa, spyware, facebook
Trump Admin Wants To Extend NSA Phone Surveillance Program
Posted Aug 16, 2019

tags | headline, government, privacy, usa, phone, spyware, nsa
Amazon's Rekognition Software Can Now Spot Fear
Posted Aug 15, 2019

tags | headline, amazon, science
Biostar Security Software Leaked A Million Fingerprints
Posted Aug 15, 2019

tags | headline, data loss, password
Trend Micro Fixes Privilege Escalation Flaw In Password Manager
Posted Aug 15, 2019

tags | headline, flaw, password, patch
700,000 Choice Hotels Records Leaked In Data Breach, Ransom Demanded
Posted Aug 15, 2019

tags | headline, privacy, database, data loss
Facebook Latest To Admit Their Contractors Snoop On Your Conversations
Posted Aug 14, 2019

tags | headline, privacy, facebook, social
Adobe Security Patch Update Covers Quite A Bit
Posted Aug 14, 2019

tags | headline, flaw, adobe, patch
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close