hello, On Tue, 2008-08-05 at 20:28 +0200, Sake Blok wrote: > Wireshark has a good > reputation as a network analysis tool. Which of course means it can be > used for less honest purposes as well, but putting code in to deliberately > break security based on a weakness in the protocol crosses the line > for me.
I would add just a little detail: the issue exploited in the CVE 2008 0166 attack is not related to the SSL protocol, but to some specific (broken) implementations. Moreover the decryption of encrypted sessions is a feature that wireshark supports since a few time for SSL, IPsec, ecc. and at least for SSL sessions it works in a very similar fashion to the CVE attack (in both situations you have to provide wireshark with some additional knowledge). Anyway I would be very interested in some feedback on the initial questions (long computation and/or user interaction in dissector code)... cheers, Paolo -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Realizza i tuoi sogni con Carta Eureka. Fido fino a 3.000 euro, rate a partire da 20 euro e canone gratis il 1° anno. Scoprila! Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7877&d=6-8
_______________________________________________ Wireshark-dev mailing list [email protected] https://wireshark.org/mailman/listinfo/wireshark-dev
