(1)
Vulnerability Note VU#423396
X.509 certificate verification may be vulnerable to resource exhaustion:
http://www.kb.cert.org/vuls/id/423396
(2)
NISCC Vulnerability Advisory
729618/NISCC/PARASITIC-KEYS
Denial-of-Service Condition Affecting X.509 Certificates Verification:
http://www.niscc.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en
(3)
After x unsuccessful logins, it is possible in till deactivate the account. B
But is it possible to send an email to some Administrator that the account was deactivated.
(4)
DS is using NSS library (Mozilla) which is listed as
not vulnerable in the 729618/NISCC/PARASITIC-KEYS document
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment