[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Privacy leak in VeriSign's SiteFinder service #2
- To: Bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>
- Subject: Re: Privacy leak in VeriSign's SiteFinder service #2
- From: "Jay D. Dyson" <jdyson@xxxxxxxxxxxxx>
- Date: Wed, 24 Sep 2003 13:58:31 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 24 Sep 2003, der Mouse wrote:
> > Bad, verisign. Very bad.
>
> Well, yes, but we knew _that_ from the day the wildcard went in.
The concerns expressed thus far are just the canonical tip of the
iceberg, considering the services running on sitefinder-idn.verisign.com.
PORT STATE SERVICE
23/tcp filtered telnet
25/tcp open smtp
79/tcp filtered finger
80/tcp open http
161/tcp filtered snmp
162/tcp filtered snmptrap
514/tcp filtered shell
Imagine how much fun one could have if, say, port 23 was suddenly
unfiltered; or if port 22 were opened; or if Verisign got really tricky
and opened up port 443 with a specially-crafted "wildcard" SSL certificate
implementation (maybe a stretch...but Verisign *is* a CA, no?).
The system as it presently functions is already ripe for abuse.
There is no question of that. But imagine the quantity and quality of
abuse that will occur when (not if) the system residing on 64.94.110.11
gets 0wn3d by someone who answers to no-one.
I think now would be a good time to null route all traffic to and
from 64.94.110.0/24 until Verisign grows a conscience and terminates this
abomination.
- -Jay
( ( _______
)) )) .-"There's always time for a good cup of coffee"-. >====<--.
C|~~|C|~~| (>----- Jay D. Dyson -- jdyson@xxxxxxxxxxxxx -----<) | = |-'
`--' `--' `- Life is hard. Even harder if you're stupid. -' `------'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.
iD8DBQE/cgV7Nlg1oZSC9mkRAitrAJsGajN4leAI350REufRCA7AgvI2jwCeIo9y
wpYr5kYx7nRhngA0+YVU2pU=
=/Qvq
-----END PGP SIGNATURE-----