Atozed Forums Atozed Software IntraWeb English IntraWeb General Discussion v
SSL/TLS: Renegotiation Vulnerability

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Linear Mode
SSL/TLS: Renegotiation Vulnerability
pgnair Offline
Member
***
Posts: 53
Threads: 17
Joined: Dec 2020
Reputation: 1
Location: India
#4
07-04-2023, 05:37 AM
(07-04-2023, 05:00 AM)Alexandre Machado Wrote: Hi,

I guess you've been using Indy server here is that correct?

From the issue:

> The referenced CVEs are affecting OpenSSL and Mozilla Network Security Services (NSS) but both are in a DISPUTED state

If you are using Indy (which uses OpenSSL) this will certainly affect your application. I think, once it is in disputed state, I believe you should just inform that you are using OpenSSL to provide SSL services.
>I guess you've been using Indy server here is that correct?
Yes am using Indy Server.

>If you are using Indy (which uses OpenSSL)
OpenSSL dlls are using

>I believe you should just inform that you are using OpenSSL
They might not accept such a comment. Is there any solution for this?
Find
Reply


Messages In This Thread
SSL/TLS: Renegotiation Vulnerability - by pgnair - 06-23-2023, 06:09 AM
RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 07-04-2023, 05:37 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)