lynx-dev Lynx SSL vulnerable? to RSAREF V2 security bug according to CER

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lynx-dev Lynx SSL vulnerable? to RSAREF V2 security bug according to CER

From:	David Woolley
Subject:	lynx-dev Lynx SSL vulnerable? to RSAREF V2 security bug according to CERT
Date:	Fri, 4 Feb 2000 09:19:57 +0000 (GMT)

According to CERT (http://www.cert.org/) advisory CA-99-15 there is a bug
in RSAREF V2 (US users of SSL Lynx are legally obliged to use some
version of RSAREF) which does allow sshd users to gain root access and
may, according to the advisory, allow the same attack on Lynx-SSL.

Also of concern is the fact that Lynx-SSL is quoted as being the FreeBSD
ports tree.  I haven't followed this up, but they may be in violation of
the GPL here.

[Prev in Thread]

Current Thread

[Next in Thread]

lynx-dev Lynx SSL vulnerable? to RSAREF V2 security bug according to CERT, David Woolley <=
- Re: lynx-dev Lynx SSL vulnerable? to RSAREF V2 security bug according to CERT, Webmaster Jim, 2000/02/05

Prev by Date: Re: lynx-dev Posted message has no text error message
Next by Date: Re: lynx-dev Crash with this fragment
Previous by thread: lynx-dev Crash with this fragment
Next by thread: Re: lynx-dev Lynx SSL vulnerable? to RSAREF V2 security bug according to CERT
Index(es):
- Date
- Thread