|
|
|
|
|
|
by yuhong
5406 days ago
|
|
|
"The nominally random number Netscape [1.x] used to form a secret key was based on just three values—time of day, process identification number, and parent-process identification number—all of them predictable. This allowed the attackers to reduce the number of keys that they needed to try, and to find the right one much sooner than Netscape had anticipated." Another reason to disable SSLv2 on servers, BTW. |
|
|