ID de Prueba:	1.3.6.1.4.1.25623.1.0.117758
Categoría:	SSL and TLS
Título:	SSL/TLS: Renegotiation MITM Vulnerability (CVE-2009-3555)
Resumen:	The remote SSL/TLS service is prone to a man-in-the-middle; (MITM) vulnerability.
Descripción:	Summary: The remote SSL/TLS service is prone to a man-in-the-middle (MITM) vulnerability. Vulnerability Insight: The flaw exists because the remote SSL/TLS service does not properly associate renegotiation handshakes with an existing connection, which allows MITM attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a 'plaintext injection' attack, aka the 'Project Mogul' issue. Vulnerability Impact: A remote, unauthenticated attacker may be able to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream. This could allow and attacker to issue HTTP requests, or take action impersonating the user, among other consequences. Affected Software/OS: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products. Solution: Users should contact their vendors for specific patch information. General solution options are: - remove/disable renegotiation capabilities altogether from/in the affected SSL/TLS service - enable Safe/Secure renegotiation (RFC5746) for the affected SSL/TLS service CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3555 1021653 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1 1021752 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1 1023148 http://securitytracker.com/id?1023148 1023163 http://www.securitytracker.com/id?1023163 1023204 http://www.securitytracker.com/id?1023204 1023205 http://www.securitytracker.com/id?1023205 1023206 http://www.securitytracker.com/id?1023206 1023207 http://www.securitytracker.com/id?1023207 1023208 http://www.securitytracker.com/id?1023208 1023209 http://www.securitytracker.com/id?1023209 1023210 http://www.securitytracker.com/id?1023210 1023211 http://www.securitytracker.com/id?1023211 1023212 http://www.securitytracker.com/id?1023212 1023213 http://www.securitytracker.com/id?1023213 1023214 http://www.securitytracker.com/id?1023214 1023215 http://www.securitytracker.com/id?1023215 1023216 http://www.securitytracker.com/id?1023216 1023217 http://www.securitytracker.com/id?1023217 1023218 http://www.securitytracker.com/id?1023218 1023219 http://www.securitytracker.com/id?1023219 1023224 http://www.securitytracker.com/id?1023224 1023243 http://www.securitytracker.com/id?1023243 1023270 http://www.securitytracker.com/id?1023270 1023271 http://www.securitytracker.com/id?1023271 1023272 http://www.securitytracker.com/id?1023272 1023273 http://www.securitytracker.com/id?1023273 1023274 http://www.securitytracker.com/id?1023274 1023275 http://www.securitytracker.com/id?1023275 1023411 http://www.securitytracker.com/id?1023411 1023426 http://www.securitytracker.com/id?1023426 1023427 http://www.securitytracker.com/id?1023427 1023428 http://www.securitytracker.com/id?1023428 1024789 http://www.securitytracker.com/id?1024789 20091109 Transport Layer Security Renegotiation Vulnerability http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml 20091111 Re: SSL/TLS MiTM PoC http://seclists.org/fulldisclosure/2009/Nov/139 20091118 TLS / SSLv3 vulnerability explained (DRAFT) http://www.securityfocus.com/archive/1/507952/100/0/threaded 20091124 rPSA-2009-0155-1 httpd mod_ssl http://www.securityfocus.com/archive/1/508075/100/0/threaded 20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability) http://www.securityfocus.com/archive/1/508130/100/0/threaded 20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console http://www.securityfocus.com/archive/1/515055/100/0/threaded 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html 273029 http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1 273350 http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1 274990 http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1 36935 http://www.securityfocus.com/bid/36935 37291 http://secunia.com/advisories/37291 37292 http://secunia.com/advisories/37292 37320 http://secunia.com/advisories/37320 37383 http://secunia.com/advisories/37383 37399 http://secunia.com/advisories/37399 37453 http://secunia.com/advisories/37453 37501 http://secunia.com/advisories/37501 37504 http://secunia.com/advisories/37504 37604 http://secunia.com/advisories/37604 37640 http://secunia.com/advisories/37640 37656 http://secunia.com/advisories/37656 37675 http://secunia.com/advisories/37675 37859 http://secunia.com/advisories/37859 38003 http://secunia.com/advisories/38003 38020 http://secunia.com/advisories/38020 38056 http://secunia.com/advisories/38056 38241 http://secunia.com/advisories/38241 38484 http://secunia.com/advisories/38484 38687 http://secunia.com/advisories/38687 38781 http://secunia.com/advisories/38781 39127 http://secunia.com/advisories/39127 39136 http://secunia.com/advisories/39136 39242 http://secunia.com/advisories/39242 39243 http://secunia.com/advisories/39243 39278 http://secunia.com/advisories/39278 39292 http://secunia.com/advisories/39292 39317 http://secunia.com/advisories/39317 39461 http://secunia.com/advisories/39461 39500 http://secunia.com/advisories/39500 39628 http://secunia.com/advisories/39628 39632 http://secunia.com/advisories/39632 39713 http://secunia.com/advisories/39713 39819 http://secunia.com/advisories/39819 40070 http://secunia.com/advisories/40070 40545 http://secunia.com/advisories/40545 40747 http://secunia.com/advisories/40747 40866 http://secunia.com/advisories/40866 41480 http://secunia.com/advisories/41480 41490 http://secunia.com/advisories/41490 41818 http://secunia.com/advisories/41818 41967 http://secunia.com/advisories/41967 41972 http://secunia.com/advisories/41972 42377 http://secunia.com/advisories/42377 42379 http://secunia.com/advisories/42379 42467 http://secunia.com/advisories/42467 42724 http://secunia.com/advisories/42724 42733 http://secunia.com/advisories/42733 42808 http://secunia.com/advisories/42808 42811 http://secunia.com/advisories/42811 42816 http://secunia.com/advisories/42816 43308 http://secunia.com/advisories/43308 44183 http://secunia.com/advisories/44183 44954 http://secunia.com/advisories/44954 48577 http://secunia.com/advisories/48577 60521 http://osvdb.org/60521 60972 http://osvdb.org/60972 62210 http://osvdb.org/62210 65202 http://osvdb.org/65202 ADV-2009-3164 http://www.vupen.com/english/advisories/2009/3164 ADV-2009-3165 http://www.vupen.com/english/advisories/2009/3165 ADV-2009-3205 http://www.vupen.com/english/advisories/2009/3205 ADV-2009-3220 http://www.vupen.com/english/advisories/2009/3220 ADV-2009-3310 http://www.vupen.com/english/advisories/2009/3310 ADV-2009-3313 http://www.vupen.com/english/advisories/2009/3313 ADV-2009-3353 http://www.vupen.com/english/advisories/2009/3353 ADV-2009-3354 http://www.vupen.com/english/advisories/2009/3354 ADV-2009-3484 http://www.vupen.com/english/advisories/2009/3484 ADV-2009-3521 http://www.vupen.com/english/advisories/2009/3521 ADV-2009-3587 http://www.vupen.com/english/advisories/2009/3587 ADV-2010-0086 http://www.vupen.com/english/advisories/2010/0086 ADV-2010-0173 http://www.vupen.com/english/advisories/2010/0173 ADV-2010-0748 http://www.vupen.com/english/advisories/2010/0748 ADV-2010-0848 http://www.vupen.com/english/advisories/2010/0848 ADV-2010-0916 http://www.vupen.com/english/advisories/2010/0916 ADV-2010-0933 http://www.vupen.com/english/advisories/2010/0933 ADV-2010-0982 http://www.vupen.com/english/advisories/2010/0982 ADV-2010-0994 http://www.vupen.com/english/advisories/2010/0994 ADV-2010-1054 http://www.vupen.com/english/advisories/2010/1054 ADV-2010-1107 http://www.vupen.com/english/advisories/2010/1107 ADV-2010-1191 http://www.vupen.com/english/advisories/2010/1191 ADV-2010-1350 http://www.vupen.com/english/advisories/2010/1350 ADV-2010-1639 http://www.vupen.com/english/advisories/2010/1639 ADV-2010-1673 http://www.vupen.com/english/advisories/2010/1673 ADV-2010-1793 http://www.vupen.com/english/advisories/2010/1793 ADV-2010-2010 http://www.vupen.com/english/advisories/2010/2010 ADV-2010-2745 http://www.vupen.com/english/advisories/2010/2745 ADV-2010-3069 http://www.vupen.com/english/advisories/2010/3069 ADV-2010-3086 http://www.vupen.com/english/advisories/2010/3086 ADV-2010-3126 http://www.vupen.com/english/advisories/2010/3126 ADV-2011-0032 http://www.vupen.com/english/advisories/2011/0032 ADV-2011-0033 http://www.vupen.com/english/advisories/2011/0033 ADV-2011-0086 http://www.vupen.com/english/advisories/2011/0086 APPLE-SA-2010-01-19-1 http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html APPLE-SA-2010-05-18-1 http://lists.apple.com/archives/security-announce/2010//May/msg00001.html APPLE-SA-2010-05-18-2 http://lists.apple.com/archives/security-announce/2010//May/msg00002.html DSA-1934 http://www.debian.org/security/2009/dsa-1934 DSA-2141 http://www.debian.org/security/2011/dsa-2141 DSA-3253 http://www.debian.org/security/2015/dsa-3253 FEDORA-2009-12229 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html FEDORA-2009-12305 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html FEDORA-2009-12604 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html FEDORA-2009-12606 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html FEDORA-2009-12750 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html FEDORA-2009-12775 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html FEDORA-2009-12782 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html FEDORA-2009-12968 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html FEDORA-2010-16240 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html FEDORA-2010-16294 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html FEDORA-2010-16312 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html FEDORA-2010-5357 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html FEDORA-2010-5942 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html FEDORA-2010-6131 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html GLSA-200912-01 http://security.gentoo.org/glsa/glsa-200912-01.xml GLSA-201203-22 http://security.gentoo.org/glsa/glsa-201203-22.xml GLSA-201406-32 http://security.gentoo.org/glsa/glsa-201406-32.xml HPSBGN02562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041 HPSBHF02706 http://marc.info/?l=bugtraq&m=132077688910227&w=2 HPSBHF03293 http://marc.info/?l=bugtraq&m=142660345230545&w=2 HPSBMA02534 http://marc.info/?l=bugtraq&m=127419602507642&w=2 HPSBMA02547 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 HPSBMA02568 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 HPSBMU02759 http://www.securityfocus.com/archive/1/522176 HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPSBUX02482 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686 HPSBUX02498 http://marc.info/?l=bugtraq&m=126150535619567&w=2 HPSBUX02517 http://marc.info/?l=bugtraq&m=127128920008563&w=2 HPSBUX02524 http://marc.info/?l=bugtraq&m=127557596201693&w=2 IC67848 http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848 IC68054 http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054 IC68055 http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055 MDVSA-2010:076 http://www.mandriva.com/security/advisories?name=MDVSA-2010:076 MDVSA-2010:084 http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 MDVSA-2010:089 http://www.mandriva.com/security/advisories?name=MDVSA-2010:089 MS10-049 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049 PM00675 http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only PM12247 http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247 RHSA-2010:0119 http://www.redhat.com/support/errata/RHSA-2010-0119.html RHSA-2010:0130 http://www.redhat.com/support/errata/RHSA-2010-0130.html RHSA-2010:0155 http://www.redhat.com/support/errata/RHSA-2010-0155.html RHSA-2010:0165 http://www.redhat.com/support/errata/RHSA-2010-0165.html RHSA-2010:0167 http://www.redhat.com/support/errata/RHSA-2010-0167.html RHSA-2010:0337 http://www.redhat.com/support/errata/RHSA-2010-0337.html RHSA-2010:0338 http://www.redhat.com/support/errata/RHSA-2010-0338.html RHSA-2010:0339 http://www.redhat.com/support/errata/RHSA-2010-0339.html RHSA-2010:0768 http://www.redhat.com/support/errata/RHSA-2010-0768.html RHSA-2010:0770 http://www.redhat.com/support/errata/RHSA-2010-0770.html RHSA-2010:0786 http://www.redhat.com/support/errata/RHSA-2010-0786.html RHSA-2010:0807 http://www.redhat.com/support/errata/RHSA-2010-0807.html RHSA-2010:0865 http://www.redhat.com/support/errata/RHSA-2010-0865.html RHSA-2010:0986 http://www.redhat.com/support/errata/RHSA-2010-0986.html RHSA-2010:0987 http://www.redhat.com/support/errata/RHSA-2010-0987.html RHSA-2011:0880 http://www.redhat.com/support/errata/RHSA-2011-0880.html SSA:2009-320-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446 SSRT090180 SSRT090208 SSRT090249 SSRT090264 SSRT100058 SSRT100089 SSRT100179 SSRT100219 SSRT100613 SSRT100817 SSRT100825 SSRT101846 SUSE-SA:2009:057 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html SUSE-SA:2010:061 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html SUSE-SR:2010:008 http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html SUSE-SR:2010:011 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html SUSE-SR:2010:012 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html SUSE-SR:2010:013 http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html SUSE-SR:2010:019 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html SUSE-SR:2010:024 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html SUSE-SU-2011:0847 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html TA10-222A http://www.us-cert.gov/cas/techalerts/TA10-222A.html TA10-287A http://www.us-cert.gov/cas/techalerts/TA10-287A.html USN-1010-1 http://www.ubuntu.com/usn/USN-1010-1 USN-923-1 http://ubuntu.com/usn/usn-923-1 USN-927-1 http://www.ubuntu.com/usn/USN-927-1 USN-927-4 http://www.ubuntu.com/usn/USN-927-4 USN-927-5 http://www.ubuntu.com/usn/USN-927-5 VU#120541 http://www.kb.cert.org/vuls/id/120541 [4.5] 010: SECURITY FIX: November 26, 2009 http://openbsd.org/errata45.html#010_openssl [4.6] 004: SECURITY FIX: November 26, 2009 http://openbsd.org/errata46.html#004_openssl [announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2 [cryptography] 20091105 OpenSSL 0.9.8l released http://marc.info/?l=cryptography&m=125752275331877&w=2 [gnutls-devel] 20091105 Re: TLS renegotiation MITM http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html [oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/05/3 [oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/05/5 [oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/06/3 [oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks http://www.openwall.com/lists/oss-security/2009/11/07/3 [oss-security] 20091120 CVEs for nginx http://www.openwall.com/lists/oss-security/2009/11/20/1 [oss-security] 20091123 Re: CVEs for nginx http://www.openwall.com/lists/oss-security/2009/11/23/10 [tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation http://www.ietf.org/mail-archive/web/tls/current/msg03928.html [tls] 20091104 TLS renegotiation issue http://www.ietf.org/mail-archive/web/tls/current/msg03948.html [tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html http://blogs.iss.net/archive/sslmitmiscsrf.html http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during http://clicky.me/tlsvuln http://extendedsubset.com/?p=8 http://extendedsubset.com/Renegotiating_TLS.pdf http://kbase.redhat.com/faq/docs/DOC-20491 http://support.apple.com/kb/HT4004 http://support.apple.com/kb/HT4170 http://support.apple.com/kb/HT4171 http://support.avaya.com/css/P8/documents/100070150 http://support.avaya.com/css/P8/documents/100081611 http://support.avaya.com/css/P8/documents/100114315 http://support.avaya.com/css/P8/documents/100114327 http://support.citrix.com/article/CTX123359 http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released http://sysoev.ru/nginx/patch.cve-2009-3555.txt http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html http://wiki.rpath.com/Advisories:rPSA-2009-0155 http://www-01.ibm.com/support/docview.wss?uid=swg21426108 http://www-01.ibm.com/support/docview.wss?uid=swg21432298 http://www-01.ibm.com/support/docview.wss?uid=swg24006386 http://www-01.ibm.com/support/docview.wss?uid=swg24025312 http://www.arubanetworks.com/support/alerts/aid-020810.txt http://www.betanews.com/article/1257452450 http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html http://www.ingate.com/Relnote.php?ver=481 http://www.links.org/?p=780 http://www.links.org/?p=786 http://www.links.org/?p=789 http://www.mozilla.org/security/announce/2010/mfsa2010-22.html http://www.openoffice.org/security/cves/CVE-2009-3555.html http://www.openssl.org/news/secadv_20091111.txt http://www.opera.com/docs/changelogs/unix/1060/ http://www.opera.com/support/search/view/944/ http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html http://www.tombom.co.uk/blog/?p=85 http://www.vmware.com/security/advisories/VMSA-2010-0019.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html https://bugzilla.mozilla.org/show_bug.cgi?id=526689 https://bugzilla.mozilla.org/show_bug.cgi?id=545755 https://bugzilla.redhat.com/show_bug.cgi?id=533125 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 https://kb.bluecoat.com/index?page=content&id=SA50 https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt openSUSE-SU-2011:0845 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html oval:org.mitre.oval:def:10088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088 oval:org.mitre.oval:def:11578 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578 oval:org.mitre.oval:def:11617 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617 oval:org.mitre.oval:def:7315 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315 oval:org.mitre.oval:def:7478 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478 oval:org.mitre.oval:def:7973 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973 oval:org.mitre.oval:def:8366 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366 oval:org.mitre.oval:def:8535 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535 tls-renegotiation-weak-security(54158) https://exchange.xforce.ibmcloud.com/vulnerabilities/54158
Copyright	Copyright (C) 2021 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.