Re: IE https certificate attack
From: Geoff Joy (geoff@windowmeister.com)Date: 12/27/01
- Previous message: August September: "FW: IE https certificate attack"
- In reply to: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
- Next in thread: Przemyslaw Frasunek: "Re: IE https certificate attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Geoff Joy <geoff@windowmeister.com> To: <bugtraq@securityfocus.com> Date: Wed, 26 Dec 2001 18:00:09 -0800
Internet Explorer 6.0.2600.0000 with the latest Critical Updates
including Q306121; Q312461; Q313675 is VULNERABLE.
Tested in Windows 2000 Professional 5.0.2195 SP2:
Patch Found MS00-077 Q299796
Patch Found MS00-079 Q276471
Patch Found MS01-007 Q285851
Patch Found MS01-013 Q285156
NOTE MS01-022 Q296441
Patch Found MS01-025 Q296185
Patch Found MS01-031 Q299553
Patch Found MS01-037 Q302755
Patch Found MS01-041 Q298012
Patch Found MS01-043 Q303984
Patch Found MS01-046 Q252795
Manually checking the certificate reveals that the domain issued to
the certificate does not match the domain of the web site.
- Previous message: August September: "FW: IE https certificate attack"
- In reply to: e-matters GmbH - Securityteam: "Re: IE https certificate attack"
- Next in thread: Przemyslaw Frasunek: "Re: IE https certificate attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
