Re: IE https certificate attack

From: Dimitris Giannitsaros (daremonat_private)
Date: Mon Dec 24 2001 - 12:20:12 PST

Next message: e-matters GmbH - Securityteam: "Re: IE https certificate attack"

Previous message: J Leon: "Re: Mail Essentials reveals identity of first BCC recipient"
In reply to: security@e-matters.de: "IE https certificate attack"
Next in thread: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
Reply: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I use IE 5.00.3315.1000 / Win2k Pro SP2 and no other patches. I am not
vulnerable: IE correctly displays the warning ("Security Alert") saying that
"The name on the security certificate does not match the name of the site"
and asking whether i want to continue. From this message i can also choose
"View Certificate" where i see that it is published for ssl-ematters.de and
not suspekt.org...

Dimitris

> Proof of Concept:
>
>    A proof of concept webpage was put up at http://suspekt.org. Clicking
>    onto the "To the secure page..." link will send your browser to
>    https://suspekt.org without IE warning you that the certificate was not
>    issued onto that server.
>
>    This is not a MIM but it has the same effect: IE will tell you a page
is
>    secure although the certificate is illegal and its possible for a third
>    party (anyone who owns the given certificate) to decrypt your traffic
in
>    realtime.

Next message: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
Previous message: J Leon: "Re: Mail Essentials reveals identity of first BCC recipient"
In reply to: security@e-matters.de: "IE https certificate attack"
Next in thread: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
Reply: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Dec 24 2001 - 17:25:29 PST