what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

Ubuntu Security Notice 990-2: Posted Sep 21, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 990-2 - USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue. After updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegotiate. This update introduces the new SSLInsecureRenegotiation directive for Apache that may be used to re-enable insecure renegotiations with unpatched web browsers. Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it.; tags | advisory, web, arbitrary, protocol; systems | linux, ubuntu; advisories | CVE-2009-3555; SHA-256 | cccbd306122a0cbb598817a4a808664cd2a88b4fdb163db24e5ce00f2835f58f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Recent News

Google Patches Critical Chrome Vulnerability: Posted Apr 24, 2024; tags | headline, flaw, google, patch, chrome; Favorite | View

Hackers Are Using Developing Countries For Ransomware Practice: Posted Apr 24, 2024; tags | headline, hacker, malware, cybercrime, fraud, cryptography; Favorite | View

Authorities Investigate LabHost Users After Phishing Service Shutdown: Posted Apr 23, 2024; tags | headline, cybercrime, fraud, phish; Favorite | View

Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware: Posted Apr 23, 2024; tags | headline, government, microsoft, usa, russia, flaw, cyberwar, spyware, nsa; Favorite | View

UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America: Posted Apr 23, 2024; tags | headline, hacker, privacy, data loss; Favorite | View

Microsoft DRM Hack Could Allow Movie Downloads From Streaming: Posted Apr 23, 2024; tags | headline, microsoft, flaw, pirate; Favorite | View

Over A Million Neighbourhood Watch Members Exposed: Posted Apr 23, 2024; tags | headline, privacy, britain, data loss; Favorite | View

MITRE Hacked By State Sponsored Group Via Ivanti Zero Days: Posted Apr 23, 2024; tags | headline, hacker, government; Favorite | View

Russia's Sandworm APT Linked To Attack On Texas Water Plant: Posted Apr 18, 2024; tags | headline, malware, usa, russia, cyberwar, scada; Favorite | View

EU Tells Meta It Can't Paywall Privacy: Posted Apr 18, 2024; tags | headline, government, privacy, facebook, social; Favorite | View

View More News →

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec