Displaying 2 results from an estimated 2 matches for "fotisl".
Did you mean:
fotis
2015 Apr 08
0
AST-2015-003: TLS Certificate Common name NULL byte exploit
...o register to www.domain.com,
Asterisk will accept certificates of the form
www.domain.com\x00www.someotherdomain.com - for more information
on this exploit, see
https://fotisl.com/blog/2009/10/the-null-certificate-prefix-bug/
Resolution Asterisk has been patched to verify that the common name
length of the certificate matches the common name that
Asterisk actually reads. Asterisk will not accept...
2015 Apr 08
0
AST-2015-003: TLS Certificate Common name NULL byte exploit
...o register to www.domain.com,
Asterisk will accept certificates of the form
www.domain.com\x00www.someotherdomain.com - for more information
on this exploit, see
https://fotisl.com/blog/2009/10/the-null-certificate-prefix-bug/
Resolution Asterisk has been patched to verify that the common name
length of the certificate matches the common name that
Asterisk actually reads. Asterisk will not accept...