OpenSSL Ciphersuite Downgrade Security Weakness

Posted: 9/12/10 by komz in Etiquetas: ,

OpenSSL is prone to a security weakness that may allow attackers to downgrade the ciphersuite.

Successfully exploiting this issue in conjunction with other latent vulnerabilities may allow attackers to gain access to sensitive information or gain unauthorized access to an affected application that uses OpenSSL.

Releases prior to OpenSSL 1.0.0c are affected.


Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.


0 comentarios: