On 10 April 2014 06:33, Kimmo Paasiala <[email protected]> wrote: > > Going back to this original report of the vulnerability. Has it been > established with certainty that the attacker would first need MITM capability > to exploit the vulnerability? I'm asking this because MITM capability is not > something that just any attacker can do. Also if this is true then it can be > argued that the severity of this vulnerabilty has be greatly exaggerated.
No, the attack does not rely on MITM. The vulnerability is available to anyone who can establish a connection. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
