|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Diego M. Vadell (dvadell
uyr.com.ar)Date: Tue Dec 25 2001 - 13:12:25 CST
Hi,
Just FYI, I did get a warning as soon as I entered http://suspekt.org/ with Konqueror from KDE3beta1.
"The Ip address of the host supekt.org does not match the one the certificate was issued to."
Diego.
On Tue, 25 Dec 2001 16:14:39 +0100
"Przemyslaw Frasunek" <venglinfreebsd.lublin.pl> wrote:
> On Saturday 22 December 2001 15:37, securitye-matters.de wrote:
> > A proof of concept webpage was put up at http://suspekt.org. Clicking
> > onto the "To the secure page..." link will send your browser to
> > https://suspekt.org without IE warning you that the certificate was not
> > issued onto that server.
>
> Looks like Konqueror 2.2.1 (Mandrake Linux 8.1 + OpenSSL 0.9.6b) is also
> vulnerable. I've got no warning when entering on this page. I've tested it
> also with lynx 2.8.4rel.1 (compiled with OpenSSL 0.9.6a on FreeBSD) with the
> same result.
>
> --
> * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
> * Inet: przemyslawfrasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]