From: Mike Lorrey (mlorrey@yahoo.com)
Date: Thu Aug 15 2002 - 16:11:14 MDT
-- Emlyn O'regan <oregan.emlyn@healthsolve.com.au> wrote:
> This has come up today, and is of some concern to me professionally.
> I was
> wondering whether anyone else here knows anything about it? Harvey?
> I'm not
> sure if it's real, or a big hoax.
>
> Apparently, using SSL via IE (versions 4 through 6, I think, but
> especially
> 4 through 5.5), you are vulnerable to a relatively simple
> man-in-the-middle
> attack. Here's the bugtraq thread:
>
>
http://online.securityfocus.com/archive/1/286895/2002-08-08/2002-08-14/1
I believe that something like this was used against my yahoo account
recently, resulting in it being used to send large quantities of spam
mail (don't worry, I don't deny responsibility for ExI posts...)
__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:16:08 MST