VU#120541/CVE-2009-3555 and IMAPS/POPS with nginx

Quanah Gibson-Mount quanah at zimbra.com
Sat Nov 21 02:14:29 MSK 2009


I've patched nginx, and tested https, POPS, and IMAPS.  https fails 
correctly:

---
R
RENEGOTIATING

3915:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake 
failure:s3_pkt.c:529:

However, POPS and IMAPS do not:

---
* OK IMAP4 ready
R
RENEGOTIATING

<hangs forever>

---
+OK POP3 ready
R
RENEGOTIATING

<hangs forever>

It seems the patch only correctly handles HTTPS, and not these other 
protocols.

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration





More information about the nginx mailing list