Bugtraq mailing list archives

Re: IE https certificate attack

From: Stephen Cope <mail-e-23aa7ea58416034f88 () kimihia org nz>
Date: Wed, 26 Dec 2001 10:13:19 +1300

Przemyslaw Frasunek wrote:
: Looks like Konqueror 2.2.1 (Mandrake Linux 8.1 + OpenSSL 0.9.6b) is also 
: vulnerable. I've got no warning when entering on this page. I've tested it 

Using Konqueror 2.2.1.0-6 (no kdebase-crypto and kdelibs3-crypt) on Debian 
woody I was warned:
    The IP address of the host suspekt.org does not match the one the
    certificate was issued to.

After clicking "Continue" I was asked:
    Would you like to accept this certificate forever without being
    prompted?

"Current Session Only" was the default button for the dialog.

Mozilla 0.9.6 complained that the host and certificate didn't match:
    You have attempted to establish a connection with "suspekt.org".
    However, the security certificate presented belongs to
    "ssl.e-matters.de".  It is possible, though unlikely, that someone
    may be trying to intercept your communication with this web site.

Galeon 1.0 (which embeds Gecko) had the same response, and then stopped
solid as a rock.

Skipstone 0.7.6 (which embeds Gecko) stopped solid like a rock.

w3m 0.2.1-inu-1.5 did not complain.

-- 
Stephen Cope - http://sdc.org.nz/

Attachment: _bin
Description:

Current thread:

IE https certificate attack security (Dec 23)
- Re: IE https certificate attack Dimitris Giannitsaros (Dec 24)
  - Re: IE https certificate attack e-matters GmbH - Securityteam (Dec 24)
    - Re: IE https certificate attack Geoff Joy (Dec 26)
- Re: IE https certificate attack Przemyslaw Frasunek (Dec 25)
  - Re: IE https certificate attack Diego M. Vadell (Dec 25)
  - Re: IE https certificate attack Stephen Cope (Dec 25)
- Re: IE https certificate attack Kevin van Haaren (Dec 25)
- Re: IE https certificate attack Donald King (Dec 26)
- RE: IE https certificate attack The Death (Dec 26)
- <Possible follow-ups>
- FW: IE https certificate attack August September (Dec 26)