[Ach] FREAK Attack

Aaron Zauner azet at azet.org
Tue Mar 3 23:53:05 CET 2015


It seems one of the OpenSSL CVEs from the 8th of jan. got a nice
catchy name for itself now as well: https://freakattack.com/

For people that do not follow OpenSSL advisorys closely, TL;DR:
If you're using an unpatched OpenSSL version or have a cipherstring
that allows for RSA_EXPORT you really should be updating by now.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20150303/b99f697c/attachment.sig>

More information about the Ach mailing list