Welcome, Guest. Log in or register for free.
 |
 You are currently browsing our forums as a guest, and that means you are missing out on many valuable features. To participate in the discussions, download attachments and more -- you need to create your own personal profile. Creating a profile is fast, simple, and most importantly: FREE. So don't wait any longer, join our community today! What is The New Tech? TNT is a community for computer users. Hobbyists, professionals and newbies alike all contribute to the site. We offer a wide range of topics from computer hardware to software. If you like to stay up to date with your technology related news, then we are the perfect place for you. News, security warnings, tips and tricks, FAQ's and computer troubleshooting and help can all be found here on TNT. |
 |
OpenSSL Hit by Forgery Bug |
Thread Tools | Search this Thread |
Sep 25, 2006, 09:00pm
|
OpenSSL Hit by Forgery Bug
|
|
Elite Member
Posts: 4,290
Karma:
|
Daniel Cray writes to tell us ZDNet is reporting that OpenSSL versions up to 0.9.7j and 0.9.8b are vulnerable to a signature forgery technique. OpenSSL has already released an update fixing the problem. From the article: "The flaw only affects a particular type of signature--PKCS #1 v1.5 signatures--but these are used by some certificate authorities. [...] The signature forgery technique was first demonstrated last month at the Crypto 2006 conference by Daniel Bleichenbacher, a cryptographer with Bell Labs, according to security firm Netcraft. OpenSSL credited Google Security with successfully forging various certificates and providing the fix."
More... |
|
|
| Thread Tools | Search this Thread |
All times are GMT -4. The time now is 05:34pm.
Your link here
Related Links