Security Researchers Find Serious Vulnerability in SSL

Home / News

Security Researchers Find Serious Vulnerability in SSL

By CircleID Reporter
November 05, 2009, 3:51 pm PST Views: 6,285 Add Comment

Sophie Curtis of eWeek reports: “Researchers have discovered a hole in the secure sockets layer (SSL) protocol, enabling man-in-the-middle attackers to hack into secure applications despite traffic encryption. According to security researcher Chris Paget, hackers can exploit this flaw by breaking into shared hosting environments, mail servers and databases, and inserting text into encrypted traffic as it passes between two end users. This could lead to fragmentation of SSL transactions, giving hackers the opportunity to inject false commands such as password resets into communications which are otherwise encrypted.”

Related Links:
Security Researchers Uncover SSL Vulnerability eWeek, Nov.5.2009
Thoughts on the TLS bug Chris Paget, Nov.5.2009

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN [74% +3 extra months, from $2.99/month]

By CircleID Reporter — CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.
Visit Page

Filed Under

Comments

The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.