Firefox error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am getting the following error on one of my fidelity pages:


scs.fidelity.com : server does not support RFC 5746, see CVE-2009-3555


I googled "CVE-2009-3555" which reveled the following:

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used
in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the
Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS
2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and
earlier, multiple Cisco products, and other products, does not properly
associate renegotiation handshakes with an existing connection, which
allows man-in-the-middle attackers to insert data into HTTPS sessions,
and possibly other types of sessions protected by TLS or SSL, by sending
an unauthenticated request that is processed retroactively by a server
in a post-renegotiation context, related to a "plaintext injection"
attack, aka the "Project Mogul" issue.

In my case this means I have a function that will not load from the
fidelity website.  And from reading this, maybe a "man in the middle"
vulnerability. 

Does anyone know if this has been fixed?  This would appear to be SSL or
OS related from the description, so Firefox and Mono or Moonlight
wouldn't seem to be the correct locations for a bug report, and since it
is a "known" hazard, the bug must have already been reported.  So my
question is what should I do to rectify the situation?
Les H

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux