[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: IE https certificate attack

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: AW: IE https certificate attack
From: George Staikos <staikos@xxxxxxxxx>
Date: Sun, 6 Jan 2002 12:11:14 -0500
In-reply-to: <5FA09C38463BEE4B855CCA87732E639C5BB003@xxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <5FA09C38463BEE4B855CCA87732E639C5BB003@xxxxxxxxxxxxxxxx>

On Thursday 03 January 2002 09:04, K.J.Mueller@xxxxxxxx wrote:

> could it be, that the text-browsers (lynx, links, w3m) don't even
> bother comparing the actual server name to the certificate's
> "issued for" entry?

> > Looks like Konqueror 2.2.1 (Mandrake Linux 8.1 + OpenSSL 0.9.6b) is also
> > vulnerable. I've got no warning when entering on this page. I've tested
> > it

  The https implementation in Konqueror is incomplete.  As of 2.2.2 it is 
much more complete, although the code to test CN=hostname doesn't work 
properly.  This is fixed in KDE 2.2 branch CVS and KDE 3.x HEAD branch.  KDE 
3.0 should feature a more-or-less full HTTPS implementation finally.

    Most of the incomplete code and bugs in KDE SSL are documented anyways.

-- 

George Staikos

References:
- AW: IE https certificate attack
  - From: K . J . Mueller

Prev by Date: Denial of Service flaw in Apache
Next by Date: RE: Re : Fw: VERISIGN "PAYFLOW LINK" PAYMENT SERVICE SECURITY FAI LURE (#5947-000093-7546\939465)
Previous by thread: AW: IE https certificate attack
Next by thread: Re: AW: IE https certificate attack
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilotco.