Bugtraq mailing list archives
Re: OpenSSL Vulnerabilities
From: Eric Rescorla <ekr () rtfm com>
Date: 01 Aug 2002 22:56:12 -0700
Tina Bird <tbird () precision-guesswork com> writes:
The vendors listed in the CERT advisory on the OpenSSL vulnerabilities are all producing server-side software: http://www.cert.org/advisories/CA-2002-23.html Does anyone know if Netscape, Opera, Internet Explorer or any of the other browsers are vulnerable to these issues?
Netscape and IE both have their own TLS implementations. Netscape uses NSS and IE uses CAPI/SChannel. Of course, these implementations might be vulnerable to similar bugs but there's no specific reason to think they are. -Ekr -- [Eric Rescorla ekr () rtfm com] http://www.rtfm.com/
Current thread:
- OpenSSL Vulnerabilities Tina Bird (Aug 01)
- Re: OpenSSL Vulnerabilities troy (Aug 02)
- Re: OpenSSL Vulnerabilities Eric Rescorla (Aug 02)
- Re: OpenSSL Vulnerabilities Patrick Brauch (Aug 15)
- Re: OpenSSL Vulnerabilities Sami Dalouche (Aug 15)
- Re: OpenSSL Vulnerabilities Patrick Brauch (Aug 15)
- RE: OpenSSL Vulnerabilities Josh Welch (Aug 02)