Re: [SLUG] Another security problem on both IE and Konqueror

From: Smitty (a.smitty@verizon.net)
Date: Mon Aug 12 2002 - 18:10:02 EDT


I think it is cause for concern that the Sun Remote Communication Protocol
was adopted as a standard onto many platforms and nobody seems to have
aggressively audited the code for buffer overflows heretofore.
Smitty

On Monday 12 August 2002 17:21, you wrote:
> Well,
>
> Did not expect to ever end up in the same boat with IE and here are we
> are with two things in the same week or two.
>
> Number two is that both IE 6 and Konqueror are susceptable to a man in
> the middle attack. A MiM attack is when someone drops into the middle
> of your connection to let's say you and your bank.
>
> The MiM computer is faking themselves to appear as your bank. They might
> just record everthing you type and let it continue to the bank. Thus
> not giving any clue as to something being wrong. Or they can partly or
> completely take over the communication and feed you what they want.
>
> SSL (Secure Socket Layer for secure web connections) for both IE and
> Konqueror has the same flaw.
>
> Fortunately the KDE team had it fixed in an hour and a half, and you can
> either download it seperately or with the KDE 3.0.3 upgrade due soon.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:12:58 EDT