This weblog is no longer being maintained. All information here has been ported to EclecticEchoes.com. This site (heupel.com/eclectic) remains only for archival purposes.
A new CERT® advisory was issue yesterday CA-2003-26.
This advisory is for multiple vulnerabilities in for SSL / TLS protocol implementations. Primarily occuring in ASN.1 parsing code. Possible impact ranges from DOS to allowing attacker to execute arbitrary code.
Systems Affected:
Be sure to visit the advisory for specific vendor solutions.