Дополнительная информация

Внедрение данных в SSL

Aruba Advisory ID: AID-020810 TLS Protocol Session Renegotiation Security Vulnerability

TLS Renegotiation Vulnerability: Proof of Concept Code (Python)

msgid:20091221130346. GA23192@otis. atalante.redteam- pentesting. de?to=bugtraq@securit yfocus. com&from=RedTeam% 20Pentesting%20Gm bH&folder=\\ 3APA3A\Bugtraq& subject=TLS%20Ren egotiation%20Vuln erability: %20Proof

[ MDVSA-2009:337 ] proftpd

From:	Thierry Zoller <Thierry_(at)_Zoller.lu>
Date:	18 ноября 2009 г.
Subject:	TLS / SSLv3 vulnerability explained (DRAFT)

Dear List,

This paper explains the vulnerability for a broader audience and
summarizes the information that is currently available. The document
is prone to updates and is believed to be accurate by the time of
writing.

Post:
http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html

Direct Download
http://clicky.me/tlsvuln

Disclaimer
Information is believed to be accurate by the time of writing.
As this vulnerability has complex implications this document
is prone to revisions in the future.


Thierry ZOLLER - G-SEC
http://www.g-sec.lu
Principal Security Consultant