Klarinet Archive - Posting 000647.txt from 2000/05

From: "Mark Charette" <charette@-----.org>
Subj: [kl] Security hole in Netscape
Date: Fri, 12 May 2000 18:41:17 -0400

Since many of you may be using Netscape Navigator/Communicator I thought it
would be wise to let you know of a serious security flaw in versions 4.72
and below when connecting to a secure (SSL) page (normally one used for
e-commerce). A malicious site could hijack your secure information without
your knowledge. The fix is to either upgrade to 4.73 or above, or download
the Personal Security Manager for Netscape at
http://www.iplanet.com/downloads/download/detail_128_316.html

This information comes from:

CERT Advisory CA-2000-05
Netscape Navigator Improperly Validates SSL Sessions

Original release date: May 12, 2000
Source: ACROS, CERT/CC

The full CERT advisory text is at:
http://www.cert.org/advisories/CA-2000-05.html

Mark Charette@-----.org
Webmaster, http://www.sneezy.org

---------------------------------------------------------------------
Unsubscribe from Klarinet, e-mail: klarinet-unsubscribe@-----.org
Subscribe to the Digest: klarinet-digest-subscribe@-----.org
Additional commands: klarinet-help@-----.org
Other problems: klarinet-owner@-----.org

    
     Copyright © Woodwind.Org, Inc. All Rights Reserved    Privacy Policy    Contact charette@woodwind.org