Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Multiple vulnerabilities in Silent Circle

Steve Weis steveweis at
Fri Jun 28 13:34:00 PDT 2013

SilentCircle may also be vulernable to this DoS against the PolarSSL

Apparently, an attacker can send the PolarSSL lib into an infinite loop
with a malformed certificate. It affects versions 1.1.0 up to 1.2.8.
SilentCircle is using 1.1.1 here:

On Thu, Jun 27, 2013 at 9:11 AM, Nadim Kobeissi <nadim at> wrote:

> Thanks to Arturo Filastò for pointing this out:
> Many remotely executable overflows in the ZRTP library used by Silent
> Circle.
> NK
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at or changing your settings at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list