[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: IE https certificate attack

To: K.J.Mueller@xxxxxxxx
Subject: Re: AW: IE https certificate attack
From: Ben Laurie <ben@xxxxxxxxxxxxx>
Date: Sun, 06 Jan 2002 20:25:50 +0000
Cc: venglin@xxxxxxxxxxxxxxxxx, security@xxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <5FA09C38463BEE4B855CCA87732E639C5BB003@xxxxxxxxxxxxxxxx>
Sender: ben@xxxxxxxxxxxxxxxxx

K.J.Mueller@xxxxxxxx wrote:
> 
> Hi,
> 
> could it be, that the text-browsers (lynx, links, w3m) don't even
> bother comparing the actual server name to the certificate's
> "issued for" entry?
> 
> I just tested these and none complained:
> 
> - lynx 2.8.5dev.2 (with OpenSSL 0.9.6a)
> - links 0.96
> - w3m 0.1.11-pre
> (all on Mandrake Linux 8.1)
> 
> Neither did any of them complain when accessing a https web page
> with a self-made certificate.

They shouldn't complain about the server name (at least, not if its
right) with a self-made cert. However, they should complain about the
cert not using a trusted CA.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

References:
- AW: IE https certificate attack
  - From: K . J . Mueller

Prev by Date: Internet Explorer Javascript Modeless Popup Local Denial of Service Vulnerability
Next by Date: Re: Security Advisory for Bugzilla v2.15 (cvs20020103) and older
Previous by thread: Re: IE https certificate attack
Next by thread: CrossSiteScripting PostNuke.
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilotco.