TLS timing attack on OpenSSL [can-2003-78] [bid 6884] exploit

["Martin Vuagnoux" <bugtraq () vuagnoux com>]

Hi,
Here you can find the tool used to make a "proof of concept" for the
Vaudenay's TLS Timing Attack for < OpenSSL/9.7a. (CAN-2003-78)
BID REF: 6884

                            http://omen.vuagnoux.com

This attack was tested on a IMAPrev4 server (WU) encapsuled by
stunnel-3.22 using OpenSSL/9.7 and Microsoft Outlook Express 6.x IMAP
client.

Enjoy :^)

Martin Vuagnoux - ilion's lab member - www.ilionsecurity.ch