Bug#294271: IDN support allows domain name spoofing
Here is a test which shows the evidence of the problem : http://secunia.com/multiple_browsers_idn_spoofing_test/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#294271: IDN support allows domain name spoofing
Package: konqueror Severity: normal Tags: security konqueror and other browsers which support IDN are vulnerable to domain spoofing via homograph characters in domain names. Please see http://lists.netsys.com/pipermail/full-disclosure/2005-February/031459.html for details, and note that this is CAN-2005-0237. Note: I have not marked this bug as releae critical, because it's not clear to me if spoofing attacks qualify. -- see shy jo signature.asc Description: Digital signature
