Wed Feb 3 12:04:10 NZDT 2016
"Socat is a more feature-rich variant of the once widely used Netcat
networking service for fixing bugs in network applications and for
finding and exploiting security vulnerabilities. One of its features
allows data to be transmitted through an encrypted channel to prevent
it from being intercepted by people monitoring the traffic. Amazingly,
when using the Diffie-Hellman method to establish a cryptographic key,
Socat used a non-prime parameter to negotiate the key, an omission
that violates one of the most basic cryptographic principles."
-- source: http://arstechnica.com/security/2016/02/crypto-flaw-was-so-glaring-it-may-be-intentional-eavesdropping-backdoor/
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
More information about the wlug
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.