Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mardi 9 juin 2015

Logjam Attack (CERT-EU Security Advisory 2015-325)

Last days was published a new vulnerability related to TSL/SSL protocol called Logjam attack. This vulnerability allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography (which is an old working mode, still there to support legacy system enforcing former US cryptography exportation restrictions).

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 263

x

Événements SSI