NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information

 


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Critical new bug in GnuTLS crypto library leaves Linux, apps open to drive-by attacks


Critical new bug in GnuTLS crypto library leaves Linux, apps open to
drive-by attacks

(Ars Technica): http://arstechnica.com/security/2014/06/critical-new-bug-in-crypto-library-leaves-linux-apps-open-to-drive-by-attacks/

  "A recently discovered bug in the GnuTLS cryptographic code library
   puts users of Linux and hundreds of other open source packages at risk
   of surreptitious malware attacks until they incorporate a fix
   developers quietly pushed out late last week.  Maliciously configured
   servers can exploit the bug by sending malformed data to devices as
   they establish encrypted HTTPS connections. Devices that rely on an
   unpatched version of GnuTLS can then be remotely hijacked by malicious
   code of the attacker's choosing, security researchers who examined the
   fix warned."

 - - -

--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren 
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Founder:
 - Network Neutrality Squad: http://www.nnsquad.org 
 - PRIVACY Forum: http://www.vortex.com/privacy-info
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://google.com/+LaurenWeinstein 
Twitter: http://twitter.com/laurenweinstein
Tel: +1 (818) 225-2800 / Skype: vortex.com
_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad