<DigiNotar> is a Dutch Certificate Authority who issued a rogue SSL certificate to somebody in Iran on July 10th, 2011 for the domain name .google.com. This allows the certificate holders the ability to possibly carry out a man in the middle attack on most of Google's services, including GMail, Google+, and Google Docs.
DigiNotar is a wholly owned subsidiary of VASCO Data Security International. On August 30, 2011 <VASCO released a public statement> acknowledging that their DigiNotar Certificate Authority infrastructure was hacked on July 19, 2011, and was used to issue fraudulent CA's for a number of domains, including Google.com. <Some digging by F-Secure> found defacements left over from at least two separate intrusions that could be years old.
The Google Chrome browser <has an extra fine grained set of CA's with the authority to sign for Google> which is rumored to have protected Google Chrome users.
Firefox suggested revoking DigiNotar and <provides instructions for revoking the CA> in your local browser.
Fraudulent Digital Certificates Could Allow Spoofing (Aug 29, 2011)
<Microsoft Security Advisory (2607712)>
UPDATE (Aug 31, 2011):
<Mozilla pushes Firefox 6.0.1 update explicitly to revoke the DigiNotar CA>
Tuesday, August 30, 2011
DigiNotar Issued Fraudulent Google Certificate
Posted by SoCo at 3:54 PM 0 comments
Labels: Firefox, google, hack, internet explorer, network, security, web
Wednesday, August 17, 2011
[Link] Inserting fake certificates to sniff SSL and hijack DNS
seventhoctober.net (Aug 17, 2011)
<SSL MITM with an inserted CA and a DNS hijack>
[Link] How to find 0-day in browsers
abazhanyuk.com (August 7, 2011)
<How to find 0-day in browsers>
Posted by SoCo at 10:07 PM 0 comments
Labels: exploit, howto, internet explorer, link, security, web, windows
Subscribe to:
Posts (Atom)
