[29490] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit

daemon@ATHENA.MIT.EDU (Martin Vuagnoux)
Wed Mar 26 16:28:07 2003

Message-ID: <002201c2f396$bf5507e0$0201a8c0@PACMAN>
From: "Martin Vuagnoux" <bugtraq@vuagnoux.com>
To: <bugtraq@securityfocus.com>, <vuln-dev@securityfocus.com>,
        <vuldb@securityfocus.com>
Date: Wed, 26 Mar 2003 13:53:49 +0100
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Hi,
Here you can find the tool used to make a "proof of concept" for the
Vaudenay's TLS Timing Attack for < OpenSSL/9.7a. (CAN-2003-78)
BID REF: 6884

                            http://omen.vuagnoux.com

This attack was tested on a IMAPrev4 server (WU) encapsuled by
stunnel-3.22 using OpenSSL/9.7 and Microsoft Outlook Express 6.x IMAP
client.

Enjoy :^)

Martin Vuagnoux - ilion's lab member - www.ilionsecurity.ch


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[29490] in bugtraq

TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit

daemon@ATHENA.MIT.EDU (Martin Vuagnoux)Wed Mar 26 16:28:07 2003

daemon@ATHENA.MIT.EDU (Martin Vuagnoux)
Wed Mar 26 16:28:07 2003