.:[ packet storm ]:.
                           
know better
know better

 ///  File Name:Renegotiating_TLS.pdf
Description:
Paper called Renegotiating TLS. Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation. In general, these problems allow an MITM to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream, leading to a variety of abuse possibilities. In particular, practical attacks against HTTPS client certificate authentication have been demonstrated against recent versions of both Microsoft IIS and Apache httpd on a variety of platforms and in conjunction with a variety of client applications. Cases not involving client certificates have been demonstrated as well.
Author:Marsh Ray,Steve Dispensa
Homepage:http://extendedsubset.com/?p=8
File Size:169749
Last Modified:Nov 5 14:40:42 2009
MD5 Checksum:c25776848ed92081ad22764f79a2daca

 .:. Back
 

 ///  Last 10 Files
  1. :· MDVSA-2010-062.txt
  2. :· CA20100318-01.txt
  3. :· opennhrp-0.11.5.tar.bz2
  4. :· libnids-1.24.tar.gz
  5. :· skipfish-1.03b.tgz
  6. :· wazzumdating-shell.txt
  7. :· edisplay-postauth.txt
  8. :· edisplay-preauth.txt
  9. :· ibmlotus-httpsplitting.txt
  10. :· joomlajetooltip-lfi.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2010-062.txt
  2. :· CA20100318-01.txt
  3. :· USN-915-1.txt
  4. :· dsa-2018-1.txt
  5. :· dsa-2015-1.txt
  6. :· miranda-fail.txt
  7. :· USN-914-1.txt
  8. :· secunia-qfxsrf.txt
  9. :· secunia-qfbidisclose.txt
  10. :· secunia-qfmddisclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· wazzumdating-shell.txt
  2. :· edisplay-postauth.txt
  3. :· edisplay-preauth.txt
  4. :· ibmlotus-httpsplitting.txt
  5. :· joomlajetooltip-lfi.txt
  6. :· directadmin1344-xsrf.txt
  7. :· islamicvoice-insecure.txt
  8. :· islamicvoice-sql.txt
  9. :· xilisoft-overflow.py.txt
  10. :· phpwind-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· opennhrp-0.11.5.tar.bz2
  2. :· skipfish-1.03b.tgz
  3. :· sipwitch-0.7.4.tar.gz
  4. :· dff-0.5.0-src.tar.gz
  5. :· buck-security_0.4.zip
  6. :· iexploder-1.5.tgz
  7. :· whatweb-0.4.tar.gz
  8. :· sqlmap-0.8.tar.gz
  9. :· nuxkeylogger0.0.1.c
  10. :· samhain-2.6.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· libnids-1.24.tar.gz
  2. :· plumbercon10-cfp.txt
  3. :· skypeimbot-analysis.pdf
  4. :· IranianNames.txt
  5. :· darkmysqli-injection.pdf
  6. :· tcpdump.pdf
  7. :· physical-terminations.pdf
  8. :· common-ports.pdf
  9. :· Wireshark_Display_Filters.pdf
  10. :· VLANs.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice