On Thu, Dec 02, 2004 at 09:36:57PM -0800, Andrew Kraslavsky wrote:
My revised question is, do you have any idea why the server bothers to put
the Server Hello and Certificate records into the response only to follow
them with a fatal error? Is this the expected behavior?
I don't know --
I can do to make my server
behave better in its response?
Thanks,
- Andrew
From: Andrew Kraslavsky [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Nessus security alert issued in error against OpenSSL v0.9.7d?
Date: Wed, 01 Dec 2004 18:40:20 -0800
George,
Thanks
]
To: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Nessus security alert issued in error against OpenSSL v0.9.7d?
Date: Tue, 30 Nov 2004 21:57:42 +0100
On Tue, Nov 30, 2004, Andrew Kraslavsky wrote:
Howdy,
To test the security of my proprietary HTTPS server, built with OpenSSL
library
and in such a way
as to be transparent to the application.
This is the specific area I am hoping to have clarified.
Thanks again,
- Andrew
From: George Theall [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Nessus security alert issued in error against OpenSSL v0.9.7d?
Date
Howdy,
To test the security of my proprietary HTTPS server, built with OpenSSL
library version 0.9.7d, I ran Nessus version 2.2 against it and it reported
the following alert (as issued by Nessus plug-in ID 11875, described at:
http://cgi.nessus.org/plugins/dump.php3?id=11875 ):
On Tue, Nov 30, 2004, Andrew Kraslavsky wrote:
Howdy,
To test the security of my proprietary HTTPS server, built with OpenSSL
library version 0.9.7d, I ran Nessus version 2.2 against it and it reported
the following alert (as issued by Nessus plug-in ID 11875, described at:
On Tue, Nov 30, 2004, Andrew Kraslavsky wrote:
To test the security of my proprietary HTTPS server, built with OpenSSL
library version 0.9.7d, I ran Nessus version 2.2 against it and it reported
the following alert (as issued by Nessus plug-in ID 11875, described at:
