Hi Erik,
Thanks for backing me up on a number of things. Only one response below.
> > In light of that, there's
> > nothing particularly wrong with using CBC, if it is implemented well.
> > At least, using it is not *more* wrong than using OFB, CFB, or CTR
>
> That is wrong. CBC mode allows
Hi,
On Tue, Dec 27, 2016 at 09:01:49AM -0800, Tim wrote:
> [...]
> >
> > But there still are people who use CBC...
> > [...]
>
> All traditional modes that lack integrity protection are vulnerable to
> chosen-ciphertext attacks in these kinds of scenarios.
> [...]
> All traditional modes need a
> > res = apr_crypto_passphrase(, , passphrase,
> > strlen(passphrase), (unsigned char *) (), sizeof(apr_uuid_t),
> > *cipher, APR_MODE_CBC, 1, 4096, f, r->pool);
>
> CBC. Again.
>
> The earliest mention of CFB which I know is dated 1989.
> The earliest mention of CTR which I know is dated
On 2016-12-23 13:28:33 +0100, RedTeam Pentesting GmbH wrote:
> res = apr_crypto_passphrase(, , passphrase,
> strlen(passphrase), (unsigned char *) (), sizeof(apr_uuid_t),
> *cipher, APR_MODE_CBC, 1, 4096, f, r->pool);
CBC. Again.
The earliest mention of CFB which I know is dated 1989.
The
Advisory: Padding Oracle in Apache mod_session_crypto
During a penetration test, RedTeam Pentesting discovered a Padding
Oracle vulnerability in mod_session_crypto of the Apache web server.
This vulnerability can be exploited to decrypt the session data and even
encrypt attacker-specified data.
