exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

Mandriva Linux Security Advisory 2010-069: Posted Apr 7, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-069 - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue. Additionally the NSPR package has been upgraded to 4.8.4 that brings numerous upstream fixes. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides the latest versions of NSS and NSPR libraries and for which NSS is not vulnerable to this attack.; tags | advisory, web, protocol; systems | linux, mandriva; advisories | CVE-2009-3555; SHA-256 | aa953ea3c23dba725529e659e1f760619dbc33dfa46ce94e032b05ccb95afe08; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

Recent News

Russia's Sandworm APT Linked To Attack On Texas Water Plant: Posted Apr 18, 2024; tags | headline, malware, usa, russia, cyberwar, scada; Favorite | View

EU Tells Meta It Can't Paywall Privacy: Posted Apr 18, 2024; tags | headline, government, privacy, facebook, social; Favorite | View

Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards: Posted Apr 17, 2024; tags | headline, phone, cybercrime, fraud, password; Favorite | View

Ivanti Patches 27 Vulns In Avalanche MDM Product: Posted Apr 17, 2024; tags | headline, flaw, patch; Favorite | View

Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts: Posted Apr 17, 2024; tags | headline, hacker, password; Favorite | View

Recent OT And Espionage Attacks Linked To Russia's Sandworm, Now Named APT44: Posted Apr 17, 2024; tags | headline, hacker, government, malware, cyberwar, spyware; Favorite | View

OpenAI's ChatGPT Can Exploit Real Vulnerabilities By Reading Advisories: Posted Apr 17, 2024; tags | headline, flaw, science; Favorite | View

Google Location Tracking Deal Could Be Derailed By Politics: Posted Apr 16, 2024; tags | headline, government, privacy, google, spyware; Favorite | View

Cryptojacker Arrested For Defrauding Cloud Providers Of $3.5 Million: Posted Apr 16, 2024; tags | headline, hacker, cybercrime, fraud, cryptography; Favorite | View

Delinea Scrambles To Patch Critical Flaw After Ignoring Researcher: Posted Apr 16, 2024; tags | headline, hacker, flaw, patch; Favorite | View

View More News →

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec