Home » News » Vulnerabilities » A Bug Found in OpenSSL

A Bug Found in OpenSSL

By Bryan on March 5, 2010 | Vulnerabilities, OpenSSL, severe vulnerability, open-source A Bug Found in OpenSSL

A “severe vulnerability” was found in the OpenSSL. Computer researcher's used software encryption package that allows them to rebuild a machine's confidential cryptographic key. The flaw in OpenSSL is important because the open-source package is used to protect sensitive data all over the world.

An independent security researcher Karsten Nohl commented: “Wherever you need to verify the origin of a piece of software or a piece of information, those building blocks come in handy."

There is a good news. According to scientists from University of Michigan, the bug is easily fixed by applying cryptographic sequence to an underlying error-checking algorithm. These random sequences will make the attack impossible.

An OpenSSL official commented that engineers are in a process of patching the flaw. It is also true that  scientists are experimenting with the possibility of exploiting the bug using lasers or natural radiation sources.

More Vulnerabilities news

Shocking: 9 out of 10 websites still vulnerable to old attacks

Did you know that less than 10% of websites are safe from attacks that have struck the internet in 2009? Back then there was a breakout of Man-in-the-middle  (MITH) attacks that included an injection of a malicious code in to the browser but even after 3 years these problems are very sensitive. SSL Pulse reportIt seems that companies live in a bubble as far as IT safety is concerned. A project called SSL Pulse that is monitoring 200. Read more.


News categories

Latest news

Related news