Re: IE https certificate attack
From: Dimitris Giannitsaros (daremon@ath.forthnet.gr)Date: 12/24/01
- Previous message: J Leon: "Re: Mail Essentials reveals identity of first BCC recipient"
- In reply to: security@e-matters.de: "IE https certificate attack"
- Next in thread: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
- Reply: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dimitris Giannitsaros" <daremon@ath.forthnet.gr> To: <security@e-matters.de>, <bugtraq@securityfocus.com> Date: Mon, 24 Dec 2001 22:20:12 +0200
I use IE 5.00.3315.1000 / Win2k Pro SP2 and no other patches. I am not
vulnerable: IE correctly displays the warning ("Security Alert") saying that
"The name on the security certificate does not match the name of the site"
and asking whether i want to continue. From this message i can also choose
"View Certificate" where i see that it is published for ssl-ematters.de and
not suspekt.org...
Dimitris
> Proof of Concept:
>
> A proof of concept webpage was put up at http://suspekt.org. Clicking
> onto the "To the secure page..." link will send your browser to
> https://suspekt.org without IE warning you that the certificate was not
> issued onto that server.
>
> This is not a MIM but it has the same effect: IE will tell you a page
is
> secure although the certificate is illegal and its possible for a third
> party (anyone who owns the given certificate) to decrypt your traffic
in
> realtime.
- Previous message: J Leon: "Re: Mail Essentials reveals identity of first BCC recipient"
- In reply to: security@e-matters.de: "IE https certificate attack"
- Next in thread: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
- Reply: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
