Certificate Spoofing Bug in mozilla.org Browsers

RESOLVED DUPLICATE of bug 253121

Status

()

Core
Security
RESOLVED DUPLICATE of bug 253121
14 years ago
14 years ago

People

(Reporter: Daniel E. Markle, Assigned: dveditz)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040727
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040727

A recent report has hit Bugtraq about a Mozilla certificate spoofing
vulnerability.  More information can be found here:

http://www.securityfocus.com/archive/1/369953/2004-07-25/2004-07-31/2

I have tested this on Mozilla 1.7 and Firefox 0.9 on various platforms using
various different versions and can consistently reproduce the error when valid
exploit code is used.



Reproducible: Always
Steps to Reproduce:
1. Copy the example code into a new file, fix the errors caused by the
copy/paste and/or put in by the author
2. Put in a real https site in place of example.com
3. Browse to the example code

Actual Results:  
The content inserted by the code is shown as the validated web page even though
it is not the real content from that web page.  The lock is shown closed and
browsing to the certificate shows the certificate from the spoofed page.

Expected Results:  
The lock should open adn show the site as insecure, not using the spoofed site
certificate.

This bug has been publicly posted to bugtraq, so it is now "in the wild."
This was fixed last night on trunk, 1.7 branch, and aviary branch, and this
morning on the 1.4 branch.

*** This bug has been marked as a duplicate of 253121 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.