Way cool hack demo!
I too am interested in seeing an exploit be used for a solid pown. is
it a code exicution a way to In crease ones ability to decrepit one or
two way communications? I heard of a way to spoof source and do a man
in the middle attack without being in the middle but I thought that
was a fixed issue with resinning requests.
BTW I an a total security noob. Nothing to offer but like to watch others ;)
On 7/10/11, R P Herrold <
herrold@owlriver.com> wrote:
> On Sun, 10 Jul 2011, Lisa Kachold wrote:
>
>> Thanks - I am especially interested in see the SSL updated. Currently the
>> "stable" SSL available from the repo for CentOs 5 is exploitable.
>
> There are are no publicly known SSL issues in the openssl
> maintained by CentOS
>
> Please state the CVE, or if a private zero day, Lisa, please
> state the vector so I may set up a unit running the allegedly
> vulnerable service or services [ie over http, smtp. pop,
> whatever] for you to demonstrate this assertion
>
> -- Russ herrold
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
Sent from my mobile device
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)