crypto/tls in github.com/golang/go is vulnerable to man-in-the-middle (MitM) attacks. These attacks are possible when SessionTicketsDisabled
is enabled.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/golang/go | eq | HEAD | |
github.com/golang/go | le | go1.3.1 |
www.openwall.com/lists/oss-security/2014/09/26/28
www.securityfocus.com/bid/70156
exchange.xforce.ibmcloud.com/vulnerabilities/96693
github.com/golang/go/commit/247820ff6bfba6e1b7891f4bfc25511d68761d5d
groups.google.com/forum/#!msg/golang-nuts/eeOHNw_shwU/OHALUmroA5kJ
groups.google.com/forum/#%21msg/golang-nuts/eeOHNw_shwU/OHALUmroA5kJ