HomeResources > Protocol - S-HTTP

RESOURCES

Protocols - S-HTTP

How to Analyze Network Protocols, Learn More >>

Being able to support more than 300 protocols in the latest version, Capsa Network Sniffer make it easy to analyze protocols in network and understand what is happening.

Recommend Network Analysis Software >>

RFC 2660 http://tools.ietf.org/html/rfc2660

Secure HTTP (S-HTTP) provides secure communication mechanisms between an HTTP client-server pair in order to enable spontaneous commercial transactions for a wide range of applications. S-HTTP provides a flexible protocol that supports multiple orthogonal operation modes, key management mechanisms, trust models, cryptographic algorithms and encapsulation formats through option negotiation between parties for each transaction. Syntactically, Secure HTTP messages are the same as HTTP, consisting of a request or status line followed by headers and a body. However, the range of headers is different and the bodies are typically cryptographically enhanced.

Vulnerabilities for this protocol (from CVE)
CVE ID Protocol Source Port Targetport
CVE-2001-1141tcpany443
Description: The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers.
CVE-1999-0428tcpany443
Description: OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVE-2002-0659tcpany443
Description: OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVE-2002-0657tcpany443
Description: OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVE-2002-0656tcpany443
Description: OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVE-2002-0655tcpany443
Description: OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVE-2000-0535tcpany443
Description: OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.

TCP/IP Protocols:

AHARP/RARPATMPBGP-4COPSDCAPDHCPDNS
DVMRPEGPEIGRPESPFANPFingerFTPHSRP
HTTPICMPICMPv6IGMPIGRPIMAP4IPIPDC
IPv6ISAKMPL2FL2TPLDAPMARSMobile IPNARP
NetBIOS/IPNHRPNTPOSPFPIMPOP3PPTPRadius
RIP2RIPng for IPv6RLOGINRSVPRTSPRUDPS-HTTPSCTP
SLPSMTPSNMPSOCKS V5TACACSTALITCPTELNET
TFTPUDPVan JacobsonVRRPWCCPX-WindowXOT

Free Network Analyzer

Free Network Analyzer
New Capsa v7.7 Released, Try it Free!

We’re here to help…

    If you have any problem, please tell us to help you.
  • Contact Us

    • Call:  800-381-6680
    Fax:  888-813-1029
    email:  

Stay in touch

Colasoft in Facebook   Colasoft in Twitter   Colasoft in Linkedin

Colasoft, Capsa, nChronos and Colasoft logos are registered trademarks of Colasoft. Sniffer is a registered trademark of Network General Corporation. All other names are trademarks or registered trademarks of their respective owners.