22 Sep
2006
22 Sep
'06
5:25 p.m.
http://www.openssl.org/news/secadv_20060905.txt From my preliminary reading, this may only affect people using EAP-TLS. PEAP and EAP-TTLS do not validate certificates on the server side, so they may not be vulnerable. Still, it's probably worth upgrading OpenSSL. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog