DTLS padding oracle still an issue?

Christian Fahr christian.fahr at stud.tu-darmstadt.de
Thu May 14 16:05:10 PDT 2015

Previous message: problem with openconnect
Next message: DTLS padding oracle still an issue?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

regarding this
http://nmav.gnutls.org/2013/11/inside-ssl-vpn-protocol.html blogpost by
Nikos Mavrogiannopoulos in 2013 and Ciscos implementation of pre-DTLS
1.0 in the AnyConnect SSL VPN protocol.
Is this padding attack still an issue or has this been fixed in the
meantime? If so, how likely is this to be exploitable?

Greetings
Christian

Previous message: problem with openconnect
Next message: DTLS padding oracle still an issue?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openconnect-devel mailing list