Identify servers running various SSL VPNs based on protocol-specific behaviors
GNU General Public License v3.0
81
stars
17
forks
source link
Fix OpenSSL error with servers that do unsafe renegotiation #19
Closed
DimitriPapadopoulos closed 2 years ago
Allow servers that do not support the Renegotiation Indication Extension (RFC 5746) and are vulnerable to man-in-the-middle attacks (CVE-2009-3555).
Since we merely run tests, risks remain limited.
Fixes #5.