Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability arises from the possibility for attackers to use specially crafted Base64-encoded exchanges to forge SCRAM TL...

cyrus-sasl security, bug fix, and enhancement update

2.1.27-5 - Reduce excessive GSSAPI plugin logging - Resolves: rhbz1274734 2.1.27-4 - Add support for setting maxssf=0 in GSS-SPNEGO - Resolves: rhbz1822133 2.1.27-3 - Backport GSSAPI Channel Bindings support - Resolves: rhbz1817054 2.1.27-2 - Backport fix for CVE-2019-19906 - Resolves: rhbz180403...

Internet Bug Bounty: TLS Triple Handshake Attack

More details are at https://secure-resumption.com 2 Scenario ====== Consider a client C that normally authenticates to a server S using a client certificate. If C uses the same certificate to authenticate to a malicious server M, then we show that M can use C's certificate to authenticate its own...