Marlinspike points out that the X.509 standard is really a collection of inconsistent hackery based upon an obscure protocol (ASN.1) with shaky construction and parsing between vendors.
The crux of the first attack: leverage one of the ASN.1 strings inside the certificate (ASN.1 uses a prefixed length value followed by the characters) by first prefixing an ASCIIZ (null-terminated) string. In this case, a PayPal ASCIIZ string is slapped in front of Moxie's domain. Amazingly enough, most SSL packages would treat this string as the real PayPal domain!
Every mainstream browser was susceptible to the attack and Marlinspike went on to demonstrate additional variations that suppressed certificate revocation (OCSP); hijacked Firefox's automatic software update feature; and provided a vector for remote code execution using the browser's flawed cert handling.
Marlinspike's vulnerabilities were revealed in July of 2009. How long did it take the two major browsers to remediate the findings?
• It took The Mozilla Project roughly three days to issue a new version of Firefox that addressed the bugs.
• It took Microsoft about ten weeks to issue a version of Internet Explorer that addressed the vulnerabilities ("Microsoft's Patch Tuesday fixes record number of flaws... The flaw in Microsoft's CryptoAPI, was disclosed 10 weeks ago, but took on more urgency after a hacker published a counterfeit certificate for PayPal that made it trivial for someone mounting a man-in-the-middle attack to impersonate the online payment processor...").
So if you're looking for some benchmarking to compare the relative security of open source and proprietary software products, Marlinspike's clever SSL hackery is as good a case study as any.