FreeBSD-SA-04:05.openssl question
Rostislav Krasny
rosti_bsd at yahoo.com
Wed Mar 17 20:03:54 PST 2004
--- Ng Pheng Siong <ngps at netmemetic.com> wrote:
> On Wed, Mar 17, 2004 at 06:20:09PM -0800, Rostislav Krasny wrote:
> > --- Dag-Erling Sm?rgrav <des at des.no> wrote:
> > > From the URL you mentioned: "Most applications have no ability to
> > > use Kerberos ciphersuites and will therefore be unaffected."
> >
> > Do you imply that applications with ability to use Kerberos
> > ciphersuites are impossible to be implemented for current versions
> > of FreeBSD?
>
> The text before the above quoted "Most applications have no
> ability..."
> read
>
> A remote attacker could perform a carefully crafted SSL/TLS
> handshake against a server configured to use Kerberos ciphersuites
> [...]
>
> Instead of asking about impossibility in the abstract, ask if you do
> run servers that support Kerberos cipthersuites and, if yes, how to
> configure your software to not use them.
My original question was about specified vulnerability of OpenSSL, not
about applicaion that use it.
__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com
More information about the freebsd-security
mailing list