Tag Archive | "ssl renegotiation bug"


24 October 2011 | 25,580 views

THC SSL DoS/DDoS Tool Released For Download

THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this [...]

Continue Reading


11 August 2010 | 5,936 views

Microsoft Fixes SSL Spoofing Renegotiation Bug

Well this flaw was first publicized in November last year, it was successfully used against Twitter in the same month. IETF completed the SSL vulnerability fix in January this year and now in August – 10 months after the original release of the flaw – Microsoft has stepped up and fixed it. The fix is [...]

Continue Reading


19 January 2010 | 6,387 views

IETF Completes Vulnerability Fix For SSL Renegotiation Bug

You should remember the SSL Renegotiation bug from last year that was used to successfully attack twitter. Finally IETF have come out with a fix for the issue, it’s natural it has taken some time as it’s a flaw in the actual protocol itself not in any specific implementation (which is usually the case). The [...]

Continue Reading


16 November 2009 | 32,443 views

SSL Renegotiation Bug Succesfully Used To Attack Twitter

When this SSL Renegotiation bug hit the news, most people said it was a theoretical attack and was of no practical use in the real world. But then people tend to say that about most things don’t they until they get pwned up the face. It turns out the rather obscure SSL flaw can be [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·