SSL/TLS: Renegotiation Vulnerability

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

Linear Mode

SSL/TLS: Renegotiation Vulnerability

Alexandre Machado Offline

Administrator

Posts: 2,370
Threads: 218
Joined: Mar 2018
Reputation: 87
Location: Auckland, New Zealand

07-04-2023, 05:00 AM (This post was last modified: 07-04-2023, 05:11 AM by Alexandre Machado.)

Hi,

I guess you've been using Indy server here is that correct?

From the issue:

> The referenced CVEs are affecting OpenSSL and Mozilla Network Security Services (NSS) but both are in a DISPUTED state

If you are using Indy (which uses OpenSSL) this will certainly affect your application. I think, once it is in disputed state, I believe you should just inform that you are using OpenSSL to provide SSL services.

Find

« Next Oldest | Next Newest »

Messages In This Thread

SSL/TLS: Renegotiation Vulnerability - by pgnair - 06-23-2023, 06:09 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 06-26-2023, 07:56 AM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 07-04-2023, 05:00 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 07-04-2023, 05:37 AM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 07-04-2023, 05:46 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 09-26-2023, 03:37 AM

RE: SSL/TLS: Renegotiation Vulnerability - by mhammady - 09-26-2023, 04:08 PM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 09-27-2023, 06:55 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 09-29-2023, 02:43 AM

View a Printable Version

Users browsing this thread: 1 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me