You can find instructions for a "temporary" fix here:
http://users.tns.net/~skingery/weblog/2005/02/permanent-fix-for-shmoo-group-exploit.html
Rodney [EMAIL PROTECTED] wrote:
This scares me. What are the chances of this being fixed anytime soon? --Peter A new phishing/scam threat using International Domain Names (IDN) can be used to steal your identity and money. See following for details: http://www.infoworld.com/article/05/02/08/HNdomainnamethreat_1.html Go to following for a demo of this phishing attack and description: http://www.shmoo.com/idn Click on the links for www.paypal.com, you will get a bogus site with the word "meeow" which could be made to look like the real site to steal your information. Both the regular html and SSL (https) links can be forged. Currently, this exploit affects only non-Microsoft IE browsers. Since IE has not yet implemented IDN in it's browser it is not vulnerable. _______________________________________________ [email protected] mailing list http://lists.hosef.org/cgi-bin/mailman/listinfo/luau
