|
|
|
|
|
|
by cjbprime
3604 days ago
|
|
|
> Personally I consider this to be a mild to moderate vulnerability since under no circumstances should you ever trust a non-encrypted non-authenticated channel to be safe. So you're saying you.. don't use TCP? That seems unlikely. Someone using this vulnerability can prevent you from opening the encrypted authenticated channel you're trying to be safe with (by injecting RST). I don't see how you can call it mild. |
|
|