[Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?

From: Chris van der Pennen (chris_at_sw.gotdns.org)
Date: 06/02/04

Next message: Mandrake Linux Security Team: "[Full-Disclosure] MDKSA-2004:053 - Updated xpcd package fix vulnerabilities"

Previous message: Mandrake Linux Security Team: "[Full-Disclosure] MDKSA-2004:054 - Updated mod_ssl package fix remote vulnerability"
Next in thread: Sebastian Krahmer: "Re: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Reply: Sebastian Krahmer: "Re: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Reply: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Wed, 2 Jun 2004 07:39:31 +0930 (Cen. Australia Standard Time)

I've been getting SSL certificates from various websites recently that are
apparently from a "VerySign Class 1 Authority" - note the 'y' in VerySign.
The certificate expired 6 December 2002.

The data in Issued To and Issued By are identical.

This smells very much like an SSL hijack attempt - can anyone shed some
light on the situation?

Chris

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Mandrake Linux Security Team: "[Full-Disclosure] MDKSA-2004:053 - Updated xpcd package fix vulnerabilities"

Previous message: Mandrake Linux Security Team: "[Full-Disclosure] MDKSA-2004:054 - Updated mod_ssl package fix remote vulnerability"
Next in thread: Sebastian Krahmer: "Re: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Reply: Sebastian Krahmer: "Re: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Reply: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] VerySign Class 1 Authority - bogus SSL certificate?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [Full-disclosure] I got hacked
... They hacked three of my websites. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] I got hacked
... They hacked three of my websites. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] I got hacked
... They hacked three of my websites. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] I got hacked
... They hacked three of my websites. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)