lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <410BDE10.6010008@lava.net>
From: prb at lava.net (Peter Besenbruch)
Subject: Re: Mozilla Firefox Certificate Spoofing

Stephen Samuel wrote:

 > Has this been posted to bugilla????
 >
 >
 > E.Kellinis wrote:
 >
 >> #########################################
 >> Application:    Mozilla Firefox
 >> Vendors:        http://www.mozilla.com
 >> Version:         0.9.1 / 0.9.2
 >> Platforms:       Windows
 >> Bug:               Certificate Spoofing (Phishing)
 >> Risk:              High
 >> Exploitation:   Remote with browser
 >> Date:             25 July 2004
 >> Author:          Emmanouel Kellinis
 >> e-mail:           me@...her(dot)org(dot)uk
 >> web:              http://www.cipher.org.uk
 >> List :              BugTraq(SecurityFocus)/ Full-Disclosure
 >> #########################################


This was fixed by the July 27 builds in both Firefox 0.9.2( or 1) and 
Mozilla 1.7. The Mozilla 1.4 branch was also updated.

Bugzilla report:
http://bugzilla.mozilla.org/show_bug.cgi?id=253121

________________________________________________________________

Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ