Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Bug Security Google HP IBM Microsoft Mozilla Opera Oracle Software Sony News Apple Linux Technology

FalseCONNECT Vulnerability Affects Software From Apple, Microsoft, Oracle, More ( 32

An anonymous reader writes from a report via Softpedia: "Researcher Jerry Decime revealed details about a security vulnerability that allows an attacker to gain a Man-in-the-Middle position and intercept HTTPS traffic thanks to flaws in the implementation of proxy authentication procedures in various products," reports Softpedia. The flaw can be used to collect user credentials by tricking victims into re-authenticating, sending data to a third-party. Multiple software vendors deploy applications that can handle proxy connections. Until now, Apple, Microsoft, Oracle, and Opera have acknowledged their products are affected. Lenovo said this bug does not impact its software. Other software vendors that are still evaluating the FalseCONNECT bug and may be affected include multiple Linux distros, Cisco, Google, HP, IBM, Juniper, Mozilla, Nokia, OpenBSD, SAP, Sony, and others.
This discussion has been archived. No new comments can be posted.

FalseCONNECT Vulnerability Affects Software From Apple, Microsoft, Oracle, More

Comments Filter:
  • In other words, NOTHING online is secure, nor ever was.

    We're all wearing the Emperors' New Clothes; some of us just haven't been embarrassed about it yet.

Nondeterminism means never having to say you are wrong.