Bugtraq mailing list archives
Re: IE SSL Vulnerability
From: "Torbjörn" Hovmark <torbjorn.hovmark () abtrusion com>
Date: 8 Aug 2002 20:29:59 -0000
In-Reply-To: <Pine.BSO.4.33.0208031620550.8632-100000 () moxie thoughtcrime org> Mike, I have checked out your sample exploit, and I can confirm that my IE 5 is vulnerable. Regarding the post by Alex Loots, the certificate is a regular server certificate, not an intermediate CA with name constraints (if I have understood his message correctly) and the error certainly is in the client software and not anywhere else. Is the error in the browser itself or is it in CryptoAPI? What about earlier versions of IE - are they vulnerable too. Are other Microsoft products that do certificate chain validation, such as IIS, vulnerable? I agree that this is very, very serious, as it can easily be exploited against a large number of people at the same time, with very little risk of detection. There is not much that can be done to remedy the problem on the server side. A partial remedy would be to demand client certificates, but in most cases that requires completely changing the security infrastructure. SSL is used to protect most Internet banks. If SSL (or rather the IE implementation of SSL) can be broken this easily, it is very worrying indeed. Best regards / Torbjörn Hovmark ______________________________________ Abtrusion Security AB http://www.abtrusion.com
Current thread:
- IE SSL Vulnerability Mike Benham (Aug 06)
- Re: IE SSL Vulnerability Alex Loots (Aug 07)
- Re: IE SSL Vulnerability Mike Benham (Aug 09)
- Re: IE SSL Vulnerability Paweł Krawczyk (Aug 10)
- Re: IE SSL Vulnerability Mike Benham (Aug 09)
- Re: IE SSL Vulnerability Balazs Scheidler (Aug 10)
- Re: IE SSL Vulnerability Balazs Scheidler (Aug 10)
- Re: IE SSL Vulnerability Torbjörn Hovmark (Aug 10)
- Re: IE SSL Vulnerability (Konqueror affected too) Thomas C. Greene (Aug 12)
- <Possible follow-ups>
- RE: IE SSL Vulnerability Pidgorny, Slav (Aug 09)
- Re: IE SSL Vulnerability Torbjörn (Aug 10)
- Re: IE SSL Vulnerability robert walker (Aug 16)
- Re: IE SSL Vulnerability Charles Miller (Aug 19)
- Re: IE SSL Vulnerability J. Lasser (Aug 20)
- Re: IE SSL Vulnerability Charles Miller (Aug 19)
- Re: IE SSL Vulnerability Alex Loots (Aug 07)