[19744] in cryptography@c2.net mail archive
Re: Kama Sutra Spoofs Digital Certificates
daemon@ATHENA.MIT.EDU (Lance James)
Thu Jan 26 09:31:07 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 25 Jan 2006 11:18:19 -0800
From: Lance James <lancej@securescience.net>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: cryptography@metzdowd.com, lynn@garlic.com
In-Reply-To: <E1F1u9p-0006zg-00@medusa01.cs.auckland.ac.nz>
Peter Gutmann wrote:
>Anne & Lynn Wheeler <lynn@garlic.com> writes:
>
>
>
>>The Kama Sutra worm can fool WIndows into accepting a malicious ActiveX control
>>by spoofing a digital signature, a security company said Tuesday.
>>
>>
>
>If you track down the original Fortinet advisory you'll see that the Information-
>Week text is slightly misleading, all it does is set the "this control is all
>right" flags in the registry to make Windows think it's passed a signature check
>at some point in the past.
>
>
Sounds like a "pseudo-Cache" attack then - is that not valid as a
"spoof" though?
There was an embedded SSL Cache attack a few years back, and that was
considered a man-in-the-middle spoof attack.
Is there a specific definition to that?
>Peter.
>
>
>---------------------------------------------------------------------
>The Cryptography Mailing List
>Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
>
>
>
>
--
Best Regards,
Lance James
Secure Science Corporation
www.securescience.net
Author of 'Phishing Exposed'
http://www.securescience.net/amazon/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
