<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: Vulnerabilities
From: Olaf Titz <olaf,AT,bigred,DOT,inka,DOT,de>
Date: Wed, 4 Apr 2001 21:41:05 +0200
In-reply-to: <200104022124.RAA04477@database.webcity.ca>

> Are there any known vulnerabilities or possible methods of attack
> against the CIPE software?  Or is there an article/resource that someone
> can point me to where this is explained?

The cipe.info file has mention of some possible attacks against the
protocol design with possible protections (not all of which are
implemented) in the "Protocol description" section. I consider these
as low-risk.

There is one known case of a bug (luckily in a not widely deployed
version of CIPE) which had some exploit potential and is now fixed.
This is linked from the CIPE home page under "Bug alerts".


<< | Thread Index | >> ]    [ << | Date Index | >> ]