TUCoPS :: Browsers :: b06-3354.htm

Opera ssl certificate "stealing" weakness
Secunia Research: Opera SSL Certificate "Stealing" Weakness
Secunia Research: Opera SSL Certificate "Stealing" Weakness


=====================================================================
                     Secunia Research 28/06/2006

            - Opera SSL Certificate "Stealing" Weakness -

=====================================================================Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of Vulnerabilities.......................................3
Solution.............................................................4
Time Table...........................................................5
Credits..............................................................6
References...........................................................7
About Secunia........................................................8
Verification.........................................................9

=====================================================================1) Affected Software

Opera 8.54

Prior versions may also be affected.

=====================================================================2) Severity

Rating: Not critical
Impact: Spoofing
Where:  From remote

=====================================================================3) Description of Vulnerabilities

Secunia Research has discovered a weakness in Opera, which can be
exploited to display the SSL certificate from a trusted site on an
untrusted site.

The weakness is caused due to Opera not resetting the SSL security
bar after displaying a download dialog from a SSL enabled web site.
This allows an untrusted web site to display yellow SSL security bar
from a trusted web site.

NOTE: A more convincing exploit can be done using pop-up windows,
which do not have a visible address bar.

=====================================================================4) Solution

Upgrade to version 9.0.

=====================================================================5) Time Table

31/03/2006 - Initial vendor notification.
28/06/2006 - Public disclosure.

=====================================================================6) Credits

Discovered by Jakob Balle, Secunia Research.

=====================================================================7) References

No references available.

=====================================================================8) About Secunia

Secunia collects, validates, assesses, and writes advisories regarding
all the latest software vulnerabilities disclosed to the public. These
advisories are gathered in a publicly available database at the
Secunia website:

http://secunia.com/ 

Secunia offers services to our customers enabling them to receive all
relevant vulnerability information to their specific system
configuration.

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/secunia_security_advisories/ 

=====================================================================9) Verification

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2006-49/advisory/ 

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/ 

=====================================================================

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH