aMSN SSL Certificate Vulnerability

看板Bugtraq作者gab.時間16年前 (2009/06/27 02:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

aMSN SSL Certificate Vulnerability I. The Vulnerability aMSN does not check SSL certificate before sending MSN user credentials. An attacker is able to obtain MSN username and password with a spoofed certificate and no alert is generated to the user. This vulnerability was found in aMSN 0.97.2. Other versions may also be affected. II. Disclosure Timeline 06/19/2009 - Vendor contact. 06/26/2009 - No answer. Public Disclosure. III. Vendor http://www.amsn-project.net/ IV. Credit Gabriel Menezes Nunes <gab.mnunes [at] gmail (dot) com>

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 gab. 的文章

文章代碼(AID): #1AHGpb00 (Bugtraq)