Full Disclosure mailing list archives
Re: Re: Mozilla Firefox Certificate Spoofing
From: evilninja <evilninja () gmx net>
Date: Sun, 01 Aug 2004 20:13:54 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Peter Besenbruch wrote:
This was fixed by the July 27 builds in both Firefox 0.9.2( or 1) and Mozilla 1.7. The Mozilla 1.4 branch was also updated.
i was not able to reproduce it in "Gecko/20040719 Firefox/0.9.1" either. all i get is the real https:// site and this in the JS log: Error: unterminated string literal Source File: Line: 1, Column: 17 Source Code: document.writeln('<body onload=document.close();break;> - -- BOFH excuse #175: OS swapped to disk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBDTLiC/PVm5+NVoYRAiniAJ4mfLUGO6xXY416FdpUXrHNJxmPYQCghIpT 26nz7GNlQ5bD8M17Q11gFJU= =1s8C -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Mozilla Firefox Certificate Spoofing evilninja (Aug 01)
- <Possible follow-ups>
- Re: Re: Mozilla Firefox Certificate Spoofing Alain Crespo (Aug 01)
- Re: Mozilla Firefox Certificate Spoofing Aviv Raff (Aug 02)