TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit

From: Martin Vuagnoux (bugtraqat_private)
Date: Wed Mar 26 2003 - 04:53:49 PST

Next message: Joel Eriksson: "Re: Automatic discovery of shellcode address"

Previous message: Martin Vuagnoux: "TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
Here you can find the tool used to make a "proof of concept" for the
Vaudenay's TLS Timing Attack for < OpenSSL/9.7a. (CAN-2003-78)
BID REF: 6884

                            http://omen.vuagnoux.com

This attack was tested on a IMAPrev4 server (WU) encapsuled by
stunnel-3.22 using OpenSSL/9.7 and Microsoft Outlook Express 6.x IMAP
client.

Enjoy :^)

Martin Vuagnoux - ilion's lab member - www.ilionsecurity.ch

Next message: Joel Eriksson: "Re: Automatic discovery of shellcode address"
Previous message: Martin Vuagnoux: "TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Mar 26 2003 - 13:27:52 PST