oss-sec mailing list archives
Re: STARTTLS vulnerabilities
From: Hanno Böck <hanno () hboeck de>
Date: Wed, 11 Aug 2021 08:16:34 +0200
Hi, On Tue, 10 Aug 2021 15:41:56 +0200 Guido Berhoerster <guido+openwall.com () berhoerster name> wrote:
have you or are you planning to look into XMPP client/server implementations as well? The use of STARTTLS for both c2s and s2s connections is still prevalent both in terms of implementation support and actual practice and could potentially suffer form the same issues (command injection or downgrade attacks).
We have not looked much into other protocols, and given how much time we've already spent on the topic I think it is unlikely that we will do this. Of course it's a very obvious idea for further research to look if one finds similar vulnerabilities to the ones we found in other protocols. So I'd really like to encourage other people to look for this. FWIW there are a lot of protocols with a STARTTLS mechanism, here's the list of supported protocols by OpenSSL: smtp pop3 imap ftp xmpp xmpp-server telnet irc mysql postgres lmtp nntp sieve ldap -- Hanno Böck https://hboeck.de/
Current thread:
- STARTTLS vulnerabilities Hanno Böck (Aug 10)
- Re: STARTTLS vulnerabilities Guido Berhoerster (Aug 10)
- Re: STARTTLS vulnerabilities Hanno Böck (Aug 10)
- Re: STARTTLS vulnerabilities Eric Blake (Aug 11)
- Re: STARTTLS vulnerabilities Hanno Böck (Aug 11)
- Re: STARTTLS vulnerabilities Eric Blake (Aug 16)
- Re: STARTTLS vulnerabilities Eric Blake (Aug 18)
- Re: STARTTLS vulnerabilities Hanno Böck (Aug 10)
- Re: STARTTLS vulnerabilities Guido Berhoerster (Aug 10)
- Re: STARTTLS vulnerabilities Hanno Böck (Aug 11)
- Re: STARTTLS vulnerabilities Matthew Wild (Aug 11)