what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files from Ben Laurie

Email addressbenl at google.com
First Active2006-02-26
Last Active2012-07-03
Cyberoam DPI Device Shared SSL CA
Posted Jul 3, 2012
Authored by Ben Laurie, Runa A. Sandvik

Cyberoam DPI devices can intercept each other's traffic due to all devices sharing the same CA certificate and private key.

tags | advisory
SHA-256 | 95588c718b17b8b219efc39901118f0ff688f1b6fdbda52a9ca28f4317ac73e4
Certificate Authority Transparency And Auditability
Posted Nov 30, 2011
Authored by Ben Laurie, Adam Langley

Whitepaper called Certificate Authority Transparency and Auditability. The goal of this paper is to make it impossible (or at least very difficult) for a Certificate Authority (CA) to issue a certificate for a domain without the knowledge of the owner of that domain. A secondary goal is to protect users as much as possible from mis-issued certificates.

tags | paper
SHA-256 | baa285ffbc1c0f086a22438517cd8c203c13124a4eb655414ea8a04b440b3651
openid-dns.txt
Posted Aug 8, 2008
Authored by Ben Laurie

Various OpenID Providers (OPs) have TLS server certificates that use weak keys as a result of the Debian predictable random number generator vulnerability.

tags | advisory
systems | linux, debian
advisories | CVE-2008-3280, CVE-2008-0166, CVE-2008-1447
SHA-256 | 4ddd04a36c9b48f9c80e6563aa1fa71fc5a92fd3361f08a3b4f6e658063a2112
OpenSSL-12-Oct-2007.txt
Posted Oct 13, 2007
Authored by Ben Laurie | Site openssl.org

OpenSSL Security Advisory - Andy Polyakov discovered a flaw in OpenSSL's DTLS implementation which could lead to the compromise of clients and servers with DTLS enabled. All versions of 0.9.8 prior to 0.9.8f are affected. Moritz Jodeit found an off-by-one error in SSL_get_shared_ciphers(), a function that should normally only be used for logging or debugging. All releases of 0.9.8 prior to 0.9.8f and all releases of 0.9.7 prior to 0.9.7m are affected.

tags | advisory
advisories | CVE-2007-4995, CVE-2007-5135
SHA-256 | 7bae0080bc32d9ac211c47bda750e58d9bd0e2dedb613a782848c4bfdeb0e420
CRYPT-CBC.txt
Posted Feb 26, 2006
Authored by Ben Laurie

Crypt::CBC versions 2.16 and below suffer from a ciphertext weakness when using certain block algorithms.

tags | advisory
SHA-256 | f911e6164e240e4f4fde21d27cd692bd4c1b77cdb690b5af3dc882147bb16a64
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close