[20462] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: OpenSSL-0.9.6a has security fixes

daemon@ATHENA.MIT.EDU (Markus Friedl)
Thu Apr 26 12:54:50 2001

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID:  <20010426091014.A2571@quin.genua.de>
Date:         Thu, 26 Apr 2001 09:10:14 +0200
Reply-To: Markus Friedl <Markus_Friedl@GENUA.DE>
From: Markus Friedl <Markus_Friedl@GENUA.DE>
X-To:         Ariel Waissbein <core.lists.bugtraq@CORE-SDI.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <3AE70975.F9B60B6F@core-sdi.com>

On Wed, Apr 25, 2001 at 03:33:13PM -0300, Ariel Waissbein wrote:
> There seems to be an typo in the following post. It is RSA and not DSA.

no, it's DSA not RSA, it's not a typo.

Bleichenbacher has discovered both attacks on RSA and on DSA:

    http://www.lucent.com/press/0201/010205.bla.html


> The source, OpenSSL's webpage, has the same typo. Refer to

no.

> >   - Security fix: prevent Bleichenbacher's DSA attack.
>
> it should be Bleichenbacher's RSA attack and not DSA

just look at the code.

cheers,
-markus


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20462] in bugtraq

Re: OpenSSL-0.9.6a has security fixes

daemon@ATHENA.MIT.EDU (Markus Friedl)Thu Apr 26 12:54:50 2001

daemon@ATHENA.MIT.EDU (Markus Friedl)
Thu Apr 26 12:54:50 2001