[23718] in bugtraq
Re: AW: IE https certificate attack
daemon@ATHENA.MIT.EDU (George Staikos)
Mon Jan 7 02:59:06 2002
Message-Id: <200201061711.g06HBt710350@nitro.0wned.org>
Content-Type: text/plain;
charset="iso-8859-1"
From: George Staikos <staikos@0wned.org>
To: bugtraq@securityfocus.com
Date: Sun, 6 Jan 2002 12:11:14 -0500
In-Reply-To: <5FA09C38463BEE4B855CCA87732E639C5BB003@s23072.dns1.enbw>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
On Thursday 03 January 2002 09:04, K.J.Mueller@EnBW.com wrote:
> could it be, that the text-browsers (lynx, links, w3m) don't even
> bother comparing the actual server name to the certificate's
> "issued for" entry?
> > Looks like Konqueror 2.2.1 (Mandrake Linux 8.1 + OpenSSL 0.9.6b) is also
> > vulnerable. I've got no warning when entering on this page. I've tested
> > it
The https implementation in Konqueror is incomplete. As of 2.2.2 it is
much more complete, although the code to test CN=hostname doesn't work
properly. This is fixed in KDE 2.2 branch CVS and KDE 3.x HEAD branch. KDE
3.0 should feature a more-or-less full HTTPS implementation finally.
Most of the incomplete code and bugs in KDE SSL are documented anyways.
--
George Staikos
