lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20040507162124.GY629@ngolde.de>
From: nion at gmx.net (Nico Golde)
Subject: Security Hole in HTTP (RFC1945) - Browser-Spoofing

Hallo Marcel,

* Marcel Krause <marcel_k@....de> [2004-04-01 12:46]:
> > can anybody confirm this, or is it just an april's fool joke ?
> > http://www.heise.de/security/news/meldung/46175
> 
> for the ones reading this mailing list offline: the text says we
> all should not use HTTP because there are problems with browser
> authentication.

yes but this was an aprils fool joke.
you are late :)
regards nico
-- 
Nico Golde                | nico@...lde.de      | 310777820@ICQ | nion@....net
http://www.ngolde.de      | GnuPG Key: http://www.ngolde.de/gpg/nico_golde.gpg
Fingerprint               | FF46 E565 5CC1 E2E5 3F69  C739 1D87 E549 7364 7CFF 
vim -c   ":%s/^/WhfgTNabgureRIvzSUnpxreT-Tavba/|:%s/[R-T]/ /Ig|:normal ggVGg?"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040507/2e212768/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ