Full Disclosure mailing list archives
Re: Security Hole in HTTP (RFC1945) - Browser-Spoofing
From: Marcel Krause <marcel_k () web de>
Date: Wed, 31 Mar 2004 01:54:24 +0200
Hi!
can anybody confirm this, or is it just an april's fool joke ? http://www.heise.de/security/news/meldung/46175
for the ones reading this mailing list offline: the text says we all should not use HTTP because there are problems with browser authentication. I am reading c't, another magazine heise produces, and they *always* have an april joke. The article mentioned above does not tell how the hole can be exploited, but it says sth. about a "Browser-in-the-Middle-Program (BMP)". Well, the sheer fact that they invent a new meaning for the bitmap file extension makes me consider this article as a great joke. cya, Marcel -- an unannounced attachment... it's a DOCument... does he really think i'll either start the deamonic tool from redmond or reboot my machine to boot my linux and use open office? ph33r my 1337 w1nd0z3 up71m3! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Security Hole in HTTP (RFC1945) - Browser-Spoofing Marcel Krause (Mar 31)
- <Possible follow-ups>
- Re: Security Hole in HTTP (RFC1945) - Browser-Spoofing Szilveszter Adam (Mar 31)