The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

User Controls

New User

Login

Edit/View My Profile

ActiveMac

Articles

Forums

Links

News

News Search

Reviews

News Centers

Windows/Microsoft

DVD

ActiveHardware

Xbox

MaINTosh

News Search

ANet Chats

The Lobby

Special Events Room

Developer's Lounge

XBox Chat

FAQ's

Windows 98/98 SE

Windows 2000

Windows Me

Windows "Whistler" XP

Windows CE

Internet Explorer 6

Internet Explorer 5

Xbox

DirectX

DVD's

TopTechTips

Registry Tips

Windows 95/98

Windows 2000

Internet Explorer 4

Internet Explorer 5

Windows NT Tips

Program Tips

Easter Eggs

Hardware

DVD

Latest Reviews

Applications

Microsoft Windows XP Professional

Norton SystemWorks 2002

Hardware

Intel Personal Audio Player 3000

Microsoft Wireless IntelliMouse Explorer

Site News/Info

About This Site

Affiliates

ANet Forums

Contact Us

Default Home Page

Link To Us

Links

Member Pages

Site Search

Awards

Credits
©1997/2004, Active Network. All Rights Reserved.
Layout & Design by Designer Dream. Content written by the Active Network team. Please click here for full terms of use and restrictions or read our Privacy Statement.

  *  

  Microsoft Security Bulletin MS01-027 : Flaws in Web Server Certificate Validation Could Enable Spoofing
Time: 21:08 EST/02:08 GMT | News Source: Microsoft TechNet Security | Posted By: Will1

A patch is available to eliminate two newly discovered vulnerabilities affecting Internet Explorer 5.01 and 5.5, both of which could enable an attacker to spoof trusted web sites. The first vulnerability involves how digital certificates from web servers are validated. When CRL checking for such certificates is enabled, it could be possible for any or all of the following checks to no longer be performed:

  • Verification that the certificate has not expired
  • Verification that the server name matches the name on the certificate
  • Verification that the issuer of the certificate is trusted

The second vulnerability could enable a web page to display the URL from a different web site in the IE address bar. This spoofing could occur within a valid SSL session with the impersonated site. Both vulnerabilities could be used to convince a user that the attacker’s web site was actually a different one – one that the user presumably trusts and would provide sensitive information to. However, as discussed in the Mitigating Factors section below, there would be significant hurdles to exploiting either vulnerability.

Download locations for this patch: http://www.microsoft.com/windows/ie/download/critical/q295106/default.asp
Write Comment
Return to News

  Displaying 526 through 527 of 527
Prev | First 		  The time now is 7:32:28 AM ET.
Any comment problems? E-mail us
#526 By 4240821 (178.217.45.3) at 6/4/2025 10:33:29 AM
https://nsfw.su/v/6k2bdvejhpe2.php
https://nsfw.su/v/y6a3eeydy6kd.php
https://nsfw.su/v/z8p8ekpihkr7.php
https://nsfw.su/v/ztnf6ns8oz5q.php
https://nsfw.su/v/p9bvnv27c708.php
https://nsfw.su/v/yegr39dpgjqv.php
https://nsfw.su/v/ax4va8hite9n.php
https://nsfw.su/v/ug8fm2r3rqar.php
https://nsfw.su/v/no9re58xj8q2.php
https://nsfw.su/v/7t2a8tjihyul.php

#527 By 4240821 (178.217.45.3) at 6/4/2025 10:42:15 PM
https://nsfw.su/v/em80r6fzo8s4.php
https://nsfw.su/v/xok7i2ogz2xu.php
https://nsfw.su/v/zqu98gebtc9g.php
https://nsfw.su/v/tl7srs69ics0.php
https://nsfw.su/v/kcux6bf52tn0.php
https://nsfw.su/v/dpgvfndmd8h6.php
https://nsfw.su/v/i4o8iodys9m0.php
https://nsfw.su/v/qygjzkrttkw4.php
https://nsfw.su/v/xeh3b3n9qejo.php
https://nsfw.su/v/o7vzxewqpgbn.php

Write Comment
Return to News
  Displaying 526 through 527 of 527
Prev | First 		  The time now is 7:32:28 AM ET.
Any comment problems? E-mail us
User name and password:

 

   *  
  *   *