4 Replies Latest reply on Dec 7, 2009 10:40 AM by jhaynes

    TLS / SSL Man-In-The-Middle Renegotiation Vulnerability


      Hi all,


      Regarding the vuln "TLS / SSL Man-In-The-Middle Renegotiation Vulnerability", Foundstone does not present a recommendation in the vuln details.

      However we have been applying multiple vendor patches that do fix the issue, and Foundstone Scans recognize that the vuln as been fixed.


      Therefore I would suggest the Vuln recommendation to be a little different. Since it may lead to confusion, instead of suggesting contacting each vendor (that uses SSL) for a patch.