Bugtraq mailing list archives
Re: IE SSL Vulnerability
From: Torbjörn Hovmark <torbjorn.hovmark () abtrusion com>
Date: Wed, 7 Aug 2002 11:58:04 +0200
I agree, this is really, really serious. If this is correct, I believe it is one of the most serious vulnerabilities reported in a long time. People trust SSL to protect their money, and this is a vulnerability where you could easily attack thousands of users or go after the banks with a simple man-in-the-middle attack. I have feared a certificate chain vulnerability for some time now. This one certainly has the potential to hurt a lot of the little guys if someone would decide to steal their money. I wonder what the legal implications would be. I suppose, as the bug is in the client software, the banks might be safe from a legal standpoint, even though they have designed the poor security infrastructure they are using. If client certificates were used for authentication, this bug would be far less severe. It is a bit sad that this was reported without letting Microsoft know about it first, although I am not sure what they could have done had they known. To get millions and millions of end users to path their browsers is quite a task, even for Microsoft. Does this bug apply only to IE 5, 5.5 and 6 and not to earlier browsers? Is it a bug in the browser or is it a bug in CryptoAPI? Is client certificate authentication in IIS vulnerable to the same attack? Best regards, Torbjörn Hovmark ______________________________________ Abtrusion Security AB http://www.abtrusion.com ----- Original Message ----- From: "Mike Benham" <moxie () thoughtcrime org> To: <bugtraq () securityfocus com> Sent: Tuesday, August 06, 2002 1:03 AM Subject: IE SSL Vulnerability
======================================================================== Internet Explorer SSL Vulnerability 08/05/02 Mike Benham <moxie () thoughtcrime org> http://www.thoughtcrime.org ======================================================================== Abstract Internet Explorer's implementation of SSL contains a vulnerability that allows for an active, undetected, man in the middle attack. No dialogs are shown, no warnings are given. [...]
Current thread:
- IE SSL Vulnerability Mike Benham (Aug 06)
- Re: IE SSL Vulnerability Alex Loots (Aug 07)
- Re: IE SSL Vulnerability Mike Benham (Aug 09)
- Re: IE SSL Vulnerability Paweł Krawczyk (Aug 10)
- Re: IE SSL Vulnerability Mike Benham (Aug 09)
- Re: IE SSL Vulnerability Balazs Scheidler (Aug 10)
- Re: IE SSL Vulnerability Balazs Scheidler (Aug 10)
- Re: IE SSL Vulnerability Torbjörn Hovmark (Aug 10)
- Re: IE SSL Vulnerability (Konqueror affected too) Thomas C. Greene (Aug 12)
- <Possible follow-ups>
- RE: IE SSL Vulnerability Pidgorny, Slav (Aug 09)
- Re: IE SSL Vulnerability Torbjörn (Aug 10)
- Re: IE SSL Vulnerability robert walker (Aug 16)
- Re: IE SSL Vulnerability Charles Miller (Aug 19)
- Re: IE SSL Vulnerability J. Lasser (Aug 20)
- Re: IE SSL Vulnerability Charles Miller (Aug 19)
- Re: IE SSL Vulnerability Alex Loots (Aug 07)