Report message:*
 

Re: The most dangerous code in the world

Subject: Re: The most dangerous code in the world
by fiammybe on 2012/10/31 2:39:51

Hi Madfish,

the intro of the paper is very good to scare people into thinking there are vulnerabilities everywhere. I think that was the goal they had to push people to read the text

The article does note that it's not the SSL itself that is busted, but the way some higher-level libraries USE that SSL technology due to incomprehensible docs of the low-level tools that offer the SSL functionality.

Standard ImpressCMS doesn't use SSL, so a normal installation is not touched by this.

To use SSL, you need to do some extra setup, maybe we should look at the tools they propose on the page to see if there is a vulnerability.