Академический Документы
Профессиональный Документы
Культура Документы
There are certain common elements that your browser tends to send at
the beginning of every HTTP(S) connection. One of these values is
a cookie -- typically a fixed string that identifies you to a website. These
cookies are what let you log into Gmail without typing your password
every time.
If you use HTTPS (which is enforced in many sites by default), then your
cookies should be safe. After all, they'll always be sent over an encrypted
connection to the website.
Unfortunately, if your connection is encrypted using RC4 (as is the case
with Gmail), then each time you make a fresh connection to the Gmail
site, you're sending a new encrypted copy of the same cookie. If the
session is renegotiated (i.e., uses a different key) between those
connections, then the attacker can build up the list of ciphertexts he
needs.
To make this happen quickly, an attacker can send you a piece of
Javascript that your browser will run -- possibly on a non-HTTPS tab. This
Javascript can then send many HTTPS requests to Google, ensuring that
an eavesdropper will quickly build up thousands (or millions) of requests
to analyze.
Ghost vulnerability :- The GHOST vulnerability is a serious weakness in the Linux glibc
library. It allows attackers to remotely take complete control of the victim system without
having any prior knowledge of system credentials. CVE-2015-0235 has been assigned
to this issue.
Qualys published a blog highlighting a new vulnerability in the Linux GNU C Library (glibc).
The GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability(CVE-20150235) is a buffer overflow in the __nss_hostname_digits_dots() function used
by gethostbyname() function calls and it allows arbitrary code execution from
unauthenticated users. The vulnerability was first introduced in November 2000 and has
been fixed in source code since May 2013. However, most stable and long-term-support
distributions of Linux were left exposed until the major Linux distributors released a patch for
the vulnerability on January 27, 2015.