4 Replies Latest reply on Dec 7, 2009 10:40 AM by jhaynes

    TLS / SSL Man-In-The-Middle Renegotiation Vulnerability

    epo909

      Hi all,

       

      Regarding the vuln "TLS / SSL Man-In-The-Middle Renegotiation Vulnerability", Foundstone does not present a recommendation in the vuln details.

      However we have been applying multiple vendor patches that do fix the issue, and Foundstone Scans recognize that the vuln as been fixed.

       

      Therefore I would suggest the Vuln recommendation to be a little different. Since it may lead to confusion, instead of suggesting contacting each vendor (that uses SSL) for a patch.

       

      Regards,

      RD