Hosting Provided By

TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit

From: Martin Vuagnoux <bugtraq(at)vuagnoux.com>
Date: Wed Mar 26 2003 - 07:53:49 EST

Hi,
Here you can find the tool used to make a "proof of concept" for the Vaudenay's TLS Timing Attack for < OpenSSL/9.7a. (CAN-2003-78) BID REF: 6884

                            
http://omen.vuagnoux.com

This attack was tested on a IMAPrev4 server (WU) encapsuled by stunnel-3.22 using OpenSSL/9.7 and Microsoft Outlook Express 6.x IMAP client.

Enjoy :^)

Martin Vuagnoux - ilion's lab member - www.ilionsecurity.ch Received on Wed Mar 26 11:21:32 2003

This message: [ Message body ]
Next message: Joel Eriksson: "Re: Automatic discovery of shellcode address"
Previous message: Scott Harrington: "RE: Backup Agents"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:38 EDT