Reports of a successful exploit of the SSL Renegotiation Vulnerability?
Its a brand new week... and what a way to start off a brand new week with a report of someone sucessfully exploiting the SSL Renegotiation Vulnerability against a rather "popular" Internet property.
Read all about it here.
G.N. White
ISC Handler on Duty
Keywords: vulnerability exploit
1 comment(s)
×
Diary Archives
Comments
But the nature of the vulnerability reported today sounds akin to an XSS or XSRF vulnerability; 'popular' (haha) sites including twitter seem to be riddled with them though.
Maybe there will be similar flaws uncovered in popular off-the-shelf apps like CMSes too, so it's worth being prepared for; patch your servers for the renegotiation vulnerability as soon as it's viable.
Steven Chamberlain
Nov 16th 2009
1 decade ago