Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Inquiry on Reproducing CVE-2024-8096: OCSP Stapling Bypass with GnuTLS
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: aquilamacedo--- via curl-library <curl-library_at_lists.haxx.se>
Date: Sun, 22 Sep 2024 00:00:30 +0000
Hello everyone,
I recently came across the report on HackerOne regarding CVE-2024-8096
(https://hackerone.com/reports/2669852), which discusses the OCSP
stapling
bypass with GnuTLS. I've been attempting to set up a server similar to
the one
described in the report in order to reproduce the issue, however, I've
not been
successful so far.
Could anyone provide insights on how the server was configured to return
the
"unauthorized (6)" error? I would like to replicate this error for
testing
purposes.
Cheers,
Date: Sun, 22 Sep 2024 00:00:30 +0000
Hello everyone,
I recently came across the report on HackerOne regarding CVE-2024-8096
(https://hackerone.com/reports/2669852), which discusses the OCSP
stapling
bypass with GnuTLS. I've been attempting to set up a server similar to
the one
described in the report in order to reproduce the issue, however, I've
not been
successful so far.
Could anyone provide insights on how the server was configured to return
the
"unauthorized (6)" error? I would like to replicate this error for
testing
purposes.
Cheers,
-- Aquila Macedo <aquilamacedo> -- -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2024-09-22