MySQL SSL Stripping
I like encryption downgrade attacks and sslstrip. I hear a lot about attacks that are based on tricking clients to accepting a false certificate but I really like attacks that are based on weaknesses in the program logic itself. Enter CVE-2015-3152 (yes it lists the CVE as Read More …