AW: IE https certificate attack

• Previous message: 3APA3A: "Buffer overflow in awhttpd (Re: Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS))"
• Next in thread: George Staikos: "Re: AW: IE https certificate attack"
• Reply: George Staikos: "Re: AW: IE https certificate attack"
• Reply: Florian Weimer: "Re: AW: IE https certificate attack"
• Reply: Helmut Springer: "Re: IE https certificate attack"
• Reply: Ben Laurie: "Re: AW: IE https certificate attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

could it be, that the text-browsers (lynx, links, w3m) don't even
bother comparing the actual server name to the certificate's 
"issued for" entry?

I just tested these and none complained:

- lynx 2.8.5dev.2 (with OpenSSL 0.9.6a)
- links 0.96
- w3m 0.1.11-pre
(all on Mandrake Linux 8.1)

Neither did any of them complain when accessing a https web page
with a self-made certificate.


Regards, K.

> Looks like Konqueror 2.2.1 (Mandrake Linux 8.1 + OpenSSL 0.9.6b) is also 
> vulnerable. I've got no warning when entering on this page. I've tested it

> also with lynx 2.8.4rel.1 (compiled with OpenSSL 0.9.6a on FreeBSD) with
the 
> same result. 
> 
> -- 
> * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** 
> NIC-HDL: PMF9-RIPE *
> * Inet: przemyslawat_private ** PGP: 
> D48684904685DF43EA93AFA13BE170BF *

• Next message: D.: "Re: [AP] awhttpd v2.2 local DoS"
• Previous message: 3APA3A: "Buffer overflow in awhttpd (Re: Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS))"
• Next in thread: George Staikos: "Re: AW: IE https certificate attack"
• Reply: George Staikos: "Re: AW: IE https certificate attack"
• Reply: Florian Weimer: "Re: AW: IE https certificate attack"
• Reply: Helmut Springer: "Re: IE https certificate attack"
• Reply: Ben Laurie: "Re: AW: IE https certificate attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Jan 05 2002 - 18:36:09 PST