Date: Wed, 17 Mar 2004 20:03:53 -0800 (PST) From: Rostislav Krasny <rosti_bsd@yahoo.com> To: Ng Pheng Siong <ngps@netmemetic.com> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD-SA-04:05.openssl question Message-ID: <20040318040353.28031.qmail@web14802.mail.yahoo.com> In-Reply-To: <20040318025434.GB875@vista.netmemetic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Ng Pheng Siong <ngps@netmemetic.com> wrote: > On Wed, Mar 17, 2004 at 06:20:09PM -0800, Rostislav Krasny wrote: > > --- Dag-Erling Sm?rgrav <des@des.no> wrote: > > > From the URL you mentioned: "Most applications have no ability to > > > use Kerberos ciphersuites and will therefore be unaffected." > > > > Do you imply that applications with ability to use Kerberos > > ciphersuites are impossible to be implemented for current versions > > of FreeBSD? > > The text before the above quoted "Most applications have no > ability..." > read > > A remote attacker could perform a carefully crafted SSL/TLS > handshake against a server configured to use Kerberos ciphersuites > [...] > > Instead of asking about impossibility in the abstract, ask if you do > run servers that support Kerberos cipthersuites and, if yes, how to > configure your software to not use them. My original question was about specified vulnerability of OpenSSL, not about applicaion that use it. __________________________________ Do you Yahoo!? Yahoo! Mail - More reliable, more storage, less spam http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040318040353.28031.qmail>