EvilZone

Hacking and Security => Hacking and Security => Topic started by: Axon on June 05, 2014, 10:49:00 PM

Title: OpenSSL CCS Injection Vulnerability
Post by: Axon on June 05, 2014, 10:49:00 PM

It seems OpenSSL contains more vulnerabilities than thought before.
http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html
https://access.redhat.com/site/articles/904433

Title: Re: OpenSSL CCS Injection Vulnerability
Post by: Matriplex on June 05, 2014, 11:43:25 PM

At first I read "CSS Injection" instead of "CCS" and just about shit my pants laughing.
Thanks for the article, it's a good read.

Title: Re: OpenSSL CCS Injection Vulnerability
Post by: Architect on June 06, 2014, 02:45:24 PM

"This bug has existed since the very first release of OpenSSL"

Okay, I wonder if they didn't know, or if they just neglected to tell everybody about it.
Either way, I gave up on OpenSSL. Ain't nobody got time fo dat.