Full Disclosure mailing list archives
Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC
From: Gregory Disney <gdisney () hytrust com>
Date: Wed, 16 Apr 2014 23:08:18 +0000
Ruby openssl has a vulnerability when a public key is a issued prior writing to private key and is reopened during a script it spoofs a CA private key. PoC script https://gist.github.com/10446549 _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC Gregory Disney (Apr 16)