Full Disclosure mailing list archives
Re: [Advisory] Phishing Vulnerability in Verisign Network
From: Tonu Samuel <tonu () jes ee>
Date: Sun, 15 Jul 2007 15:22:04 +0300
On Sat, 2007-07-14 at 08:03 -0700, Aditya K Sood wrote:
Advisory : Phishing Vulnerability in Verisign Network Dated : 5 July 2007 Severity : Critical
Sorry but Verisign plainly sucks. I found some problems in their system when tried to get vertificates for web server. After I reported issue to them I get continuous spam from them trying to sell their services to me. To reproduce those problems with their site you can issue certificate request with empy Common Name (CN) for example. It crashes Verisign scripts. Tõnu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [Advisory] Phishing Vulnerability in Verisign Network Aditya K Sood (Jul 12)
- Re: [Advisory] Phishing Vulnerability in Verisign Network Tonu Samuel (Jul 15)
- <Possible follow-ups>
- [Advisory] Phishing Vulnerability in Verisign Network Aditya K Sood (Jul 13)