[openssl-dev] Testing CVE-2016-6309

Lysoněk Milan xlyson02 at stud.fit.vutbr.cz
Wed Apr 5 18:24:02 UTC 2017

Previous message: [openssl-dev] internationalized passwords for pkcs#8, pkcs#12 files
Next message: [openssl-dev] Testing CVE-2016-6309
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
I'd like to make test for CVE-2016-6309  
https://www.openssl.org/news/secadv/20160926.txt in tlsfuzzer. I tried  
combining and sending different lengths (from small lengths to large)  
of application data and padding, but I could not trigger this issue on  
mentioned OpenSSL 1.1.0a.

Is there any way, how can I test it and if yes, then how?


Thanks,
Milan.

Previous message: [openssl-dev] internationalized passwords for pkcs#8, pkcs#12 files
Next message: [openssl-dev] Testing CVE-2016-6309
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssl-dev mailing list