MorphZone

Odyssey & FREAK

polluks

# 1
Priest of the Order of the Butterfly

Posts: 779 from 2007/10/23

From: Gelsenkirchen,...

Hi!
Do you know if Odyssey's engine can also have FREAK attacks?
http://en.wikipedia.org/wiki/FREAK

Greetings,
Stefan
Pegasos II G4: MorphOS 3.9, Zalman M220W · ~~iMac G5 12,1 17", MorphOS 3.18~~
Power Mac G3: OSX 10.3 · PowerBook 5,8: OSX 10.5, MorphOS 3.18
»05.03.15 - 12:12

ASiegel

# 2
Posts: 1370 from 2003/2/15

From: Central Europe

Hello, you can test your preferred web browsers on the following website: freakattack.com
»05.03.15 - 15:34

Andreas_Wolf

# 3
Yokemate of Keyboards

Posts: 12077 from 2003/5/22

From: Germany

> Do you know if Odyssey's engine can also have FREAK attacks?

Current Odyssey uses OpenSSL 1.0.1g. Invulnerability requires at least version 1.0.1k (or 0.9.8zd or 1.0.0p).

http://www.google.com/search?q=freak+attack+openssl+1.0.1k
»05.03.15 - 17:14

polluks

# 4
Priest of the Order of the Butterfly

Posts: 779 from 2007/10/23

From: Gelsenkirchen,...

Quote:

ASiegel schrieb:
Hello, you can test your preferred web browsers on the following website: freakattack.com

Thanks André!
"Warning! Your client is vulnerable to CVE-2015-0204. Even though your client doesn't offer any RSA EXPORT suites, it can still be tricked into using one of them. We encourage you to upgrade your client."
see also
Pegasos II G4: MorphOS 3.9, Zalman M220W · ~~iMac G5 12,1 17", MorphOS 3.18~~
Power Mac G3: OSX 10.3 · PowerBook 5,8: OSX 10.5, MorphOS 3.18
»05.03.15 - 18:59

ASiegel

# 5
Posts: 1370 from 2003/2/15

From: Central Europe

@ polluks

Fortunately, running a vulnerable client is not enough. FREAK attacks can be prevented on the server level. The MorphZone forum is not affected by this particular issue, for instance.
»05.03.15 - 19:15