Ubuntu Suomen keskustelualueet

Muut alueet => Yleistä keskustelua => Aiheen aloitti: matsukan - 01.03.16 - klo:17.55

Otsikko: CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
Kirjoitti: matsukan - 01.03.16 - klo:17.55: >:(

https://ssrg.nicta.com.au/projects/TS/cachebleed/

Lainaus
OpenSSL has classified this vulnerability as "low severity", which we agree with. In order to mount the attack, the attacker has to be able to run the attack code on the same machine that runs the victim code. CacheBleed is a complex attack and there are much easier-to-exploit vulnerabilities in personal computers that it is unlikely that anyone would use CacheBleed in such an environment.

SMF 2.0.19 | SMF © 2014, Simple Machines