Full Disclosure mailing list archives
Re: Five Ways to Screw Up SSL
From: Valdis.Kletnieks () vt edu
Date: Mon, 22 May 2006 12:13:44 -0400
On Mon, 22 May 2006 12:02:23 EDT, Dude VanWinkle said:
DNS foo to the client, how easy is that? Would you have to get the upstream DNS server to cache your bogus entry?
You'd be *amazed* how many are still running BIND 4 or 8....
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Five Ways to Screw Up SSL Ginsu Rabbit (May 21)
- Re: Five Ways to Screw Up SSL Michal Zalewski (May 21)
- Re: Five Ways to Screw Up SSL Ginsu Rabbit (May 21)
- Re: Five Ways to Screw Up SSL Dude VanWinkle (May 21)
- Re[2]: Five Ways to Screw Up SSL Thierry Zoller (May 21)
- Re: Re[2]: Five Ways to Screw Up SSL Dude VanWinkle (May 22)
- Re: Five Ways to Screw Up SSL Michael Holstein (May 22)
- Re: Five Ways to Screw Up SSL Dude VanWinkle (May 22)
- Re: Five Ways to Screw Up SSL Valdis . Kletnieks (May 22)
- Re: Five Ways to Screw Up SSL Brian Dessent (May 22)
- Re: Five Ways to Screw Up SSL Dude VanWinkle (May 23)
- Re: Five Ways to Screw Up SSL Brian Eaton (May 23)
- Re: Five Ways to Screw Up SSL Dude VanWinkle (May 23)
- Re: Five Ways to Screw Up SSL Ginsu Rabbit (May 21)
- Re: Five Ways to Screw Up SSL Michal Zalewski (May 21)
- Re: Five Ways to Screw Up SSL Michael Holstein (May 22)