On Sat 22 Dec 2001 08:37, security@e-matters.de wrote: [Snip] > A flaw in Microsoft Internet Explorer allows an attacker to perform > a SSL Man-In-The-Middle attack without the majority of users > recognising it. In fact the only way to detect the attack is to manually > compare the server name with the name stored in the certificate. > [Snip] I have confirmed the following on my own system: * Konqueror 2.1 is VULNERABLE; * Mozilla 0.9.6 is not vulnerable; * Netscape 4.75 is not vulnerable. -- Donald King, a.k.a. Chronos Tachyon http://chronos.dyndns.org/ -- WWED? Guardian of Eristic Paraphernalia Gatekeeper of the Region of Thud 12:17pm up 59 days, 16:03, 1 user, load average: 0.13, 0.13, 0.09
