Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Certificate spoofing issue with Mozilla, Konqueror, Safari 2
Nov 18 2007 07:43PM
Nils Toedtmann (securityfocus nils toedtmann net)
Mozilla based browsers (Firefox, Netscape, ...), Konqueror and Safari 2
do not bind a user-approved webserver certificate to the originating
domain name. This makes the user vulnerable to certificate spoofing by
I set up a demonstration at <http://test....
[ more ]
Copyright 2010, SecurityFocus