[23619] in bugtraq
Re: IE https certificate attack
daemon@ATHENA.MIT.EDU (Stephen Cope)
Tue Dec 25 22:32:53 2001
Date: Wed, 26 Dec 2001 10:13:19 +1300
From: Stephen Cope <mail-e-23aa7ea58416034f88@kimihia.org.nz>
To: bugtraq@securityfocus.com
Message-ID: <20011225211319.GA7072@mess.kimihia.org.nz>
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-ripemd160;
protocol="application/pgp-signature"; boundary="bp/iNruPH9dso1Pn"
Content-Disposition: inline
In-Reply-To: <200112251514.fBPFEdg15186@mailhost.freebsd.lublin.pl>
--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Przemyslaw Frasunek wrote:
: Looks like Konqueror 2.2.1 (Mandrake Linux 8.1 + OpenSSL 0.9.6b) is also=
=20
: vulnerable. I've got no warning when entering on this page. I've tested i=
t=20
Using Konqueror 2.2.1.0-6 (no kdebase-crypto and kdelibs3-crypt) on Debian=
=20
woody I was warned:
The IP address of the host suspekt.org does not match the one the
certificate was issued to.
After clicking "Continue" I was asked:
Would you like to accept this certificate forever without being
prompted?
"Current Session Only" was the default button for the dialog.
Mozilla 0.9.6 complained that the host and certificate didn't match:
You have attempted to establish a connection with "suspekt.org".
However, the security certificate presented belongs to
"ssl.e-matters.de". It is possible, though unlikely, that someone
may be trying to intercept your communication with this web site.
Galeon 1.0 (which embeds Gecko) had the same response, and then stopped
solid as a rock.
Skipstone 0.7.6 (which embeds Gecko) stopped solid like a rock.
w3m 0.2.1-inu-1.5 did not complain.
--=20
Stephen Cope - http://sdc.org.nz/
--bp/iNruPH9dso1Pn
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: See http://sdc.org.nz/email for more detail
iQGeBAEUAwAGBQI8KOvuAAoJEICXRtAfYAv1zosGAKRuyDx4RX+mFe83cEIdbklG
Un7Rwv7m5XDKPtwu/Tqg3IvZ/V2N5biFIkfHaisD59waV2n0vscU/A16g4wJI9i0
1FvehYMdPviN/YSLV13l+H+XC//lBFJfhRho4FFvCVOE2MCxP3rCM0G6tLKlur86
qjkCoKJQMSe8ObOCOTt6onsHixQcx8PQImoT+Dc+PfDM7jtfmYdvSZW9DMP2wOQm
JgxdAKFuGDauBsjpEp5DHEeItbVUioCXP1rCLzRcTAX/ZeGvVtcROjrgbwpOUow8
JMcZyDgcdXj+eVO3KHg5mfsFu5dlT+rC5ipeIKd6ney2AprrJgGmkCmGG3rtS68j
ATfq8p3rivBuVrFjFzB4TGsxWjH0u2WBPAUZV5jRGjgNp5O/GlbGHViVVba1GAy0
rqQYq6hkNtu70SebpPHmBbMTPC+p3i/PU/BtJJC95D+tw36z0bbT/o90/ZS+63wO
xKyHNN2cluGSb00sRvKY0EZWYzlxn6KL8Jl7MtiIIcjr
=rh08
-----END PGP SIGNATURE-----
--bp/iNruPH9dso1Pn--
