Eddy Nigg wrote, On 2009-01-02 22:18: > The attack was performed by using said tool above or by using a modified > version of the browser. By hooking this tool between the server and > browser, the tool allows to change the values coming to and from the > browser.
I hate to say it, but it's possible for the browser user to change those values without either (a) modifying the browser or (b) using some proxy tool. So let me ask: Did Mike Zusman confirm that he was using such a tool? Or is that merely an assumption? > With it, he was able to change some values send during the post > response to that of his liking. The validations wizard allows for a > selection of a few possible email addresses considered for > administrative purpose or as listed in the whois records of the domain > name. The flaw was, that insufficient verification of the response at > the server side was performed, allowing him to validate the domain by > using a different email address than the validations wizard actually > provided. The value of the selection was changed during transit after > performing the selection at the browser. But that server input verification flaw is fixed now, right? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
