Linux Today: Linux News On Internet Time.









More on LinuxToday

Security Linux News for May 14, 2000

  • CERT.org: CERT Advisory CA-2000-05 Netscape Navigator Improperly Validates SSL Sessions (May 14, 2000, 04:52)
    "Netscape Navigator correctly checks the certificate conditions (*) at the beginning of a SSL session it establishes with a certain web server. The flaw is, while this SSL session is still alive, all HTTPS connections to *THAT SERVER'S IP ADDRESS* are assumed to be a part of this session (and therefore certificate conditions are not checked again)."