Home Tag "tls"

SSLv2 Protocol “DROWN” security flaw – CVE-2016-0800

As announced by the OpenSSL team some days ago, a new fix for several high severe vulnerabilities have been released. The main vulnerability is called “DROWN” (once again with a fancy logo, of course). Detailed information can be found on www.drownattack.com CVSS V2 Base Score 5.8 Base Metrics AV:N/AC:M/Au:N/C:P/I:P/A:N Access Vector Network Access Complexity Medium Authentication […]

Critical OpenSSL update is live!

Critical OpenSSL update is live!

The new OpenSSL patch I’ve written about yesterday is now released. Shortly before the release they had to fix another issue within the OpenSSL patches which are now released. You can find new Version here: http://openssl.org/source/ – the packages for most linux distributions are probably in the work right now. (Check relevant links below) As the […]

March 19: OpenSSL update

The OpenSSL team announced that there will be security fixes in the OpenSSL releases 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf which will be published on the 19th march. The announcement states that the highest severity being fixed is “high”. The highest severity defect fixed by these releases is classified as “high” severity. – OpenSSL Project Team The OpenSSL […]

Short News: OpenSSL…”FREAK” attack

And once again an OpenSSL vulnerability has been disclosed. It was disclosed by Karthikeyan Bhargavan and the mitLS team. As every vulnerability needs a fancy name these days, this one is called FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be […]

Three SSL/TLS Tools you need to know!

Not only when working on IT-Security related things but also for daily sysadmin stuff, it’s essential to have the right tool to do the job. Below are my three favorite tools I use when configuring, debugging and researching SSL/TLS related things. Let’s face it… with all these recent issues, it’s necessary to deal with SSL […]