Friday, December 25, 2009

TLS Renegotiation Vulnerability-Proof of Concept Code

Information about a vulnerability in the TLS protocol was published in the beginning of November 2009. Attackers can take advantage of that vulnerability to inject arbitrary prefixes into a network connection protected by TLS. This can result in severe vulnerabilities, depending on the application layer protocol used over TLS.

RedTeam Pentesting used the External linkPython module External linkTLS Lite to develop proof of concept code that exploits this vulnerability. It is published here to raise awareness for the vulnerability and its potential impact. Furthermore, it shall give interested persons the opportunity to analyse applications employing TLS for further vulnerabilities.

For information details, here.

For POC Exploit, please click here.


Anonymous said...

I am planning to add funds to my online FOREX account and I am wondering what would be the appropriate amount of money to start off with in the account to where I can generate enough revenue to earn an income off my profits. I know you need at least $1000 just to play in the market but that amount is not enough to make money on. What would I need to have in my account to where I can start compounding the little profits that I make here and there?
[url=]best forex software[/url] [url=]unlock iphone[/url]

Infosec Directory said...

soon, we are all in plain txt mode.. no need to encrypt

Anonymous said...

ads dating exotic personal service [url=]asian ladyboy personals[/url] updating to oe a dating quizes

Josue Aragon said...

Hello friend amazing and very interesting blog I really enjoyed reading and I would like to have any update about it and i want to know if you have any blog about cougars women