SSL/TLS: Renegotiation Vulnerability

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

Thread Modes

SSL/TLS: Renegotiation Vulnerability

pgnair Offline

Member

Posts: 50
Threads: 16
Joined: Dec 2020
Reputation: 1
Location: India

09-26-2023, 03:37 AM

(07-04-2023, 05:46 AM)Alexandre Machado Wrote: This affects all OpenSSL versions as far as I know. I'll do some research but if this is not fixed in OpenSSL, it is a problem without solution, unless you move to Http.sys.

However, I'd like to point out that a gigantic part of Internet's HTTPS is powered by OpenSSL. I'm not convinced that these auditors consider half the world's HTTPS sites "unsafe"

Sorry to disturb you. Client forcing me to fix this medium vulnerability. Is there any fix from Openssl or any other way to fix it?

Find

« Next Oldest | Next Newest »

Messages In This Thread

SSL/TLS: Renegotiation Vulnerability - by pgnair - 06-23-2023, 06:09 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 06-26-2023, 07:56 AM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 07-04-2023, 05:00 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 07-04-2023, 05:37 AM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 07-04-2023, 05:46 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 09-26-2023, 03:37 AM

RE: SSL/TLS: Renegotiation Vulnerability - by mhammady - 09-26-2023, 04:08 PM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 09-27-2023, 06:55 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 09-29-2023, 02:43 AM

View a Printable Version

Users browsing this thread: 2 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me