Hi, I'm a student and I've been doing some security testing of a VPN
from a rather large vendor as part of a school project. During my
mapping of the VPN, I discovered the version of OpenSSL that they are
distributing is 0.9.8h-fips-dev 19 mar 2008 As I understand it, that
makes this a
Samuel Lavitt wrote:
I am wondering how I could determine, with only access to the compiled
binary, if this version has any missing security fixes
The worst vulnerabilities (and your time might be valuable, so prioritization
might be important) have published exploits available.
Black hat
