| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 31 Oct 2008 16:02:56 +0200 From: Kestutis Gudinavicius <Kestutis.Gudinavicius@...tical.lt> To: Fionnbharr <thouth@...il.com>, Adrian P <unknown.pentester@...il.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>, "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com> Subject: Ats.: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Old shit, fortinet fortigate antivirus firewall has same type of vuln. ________________________________________ Siuntėjas: full-disclosure-bounces@...ts.grok.org.uk [full-disclosure-bounces@...ts.grok.org.uk] Fionnbharr [thouth@...il.com] vardu Išsiųsta: 2008 m. spalio 31 d. 10:31 Kam: Adrian P Kopija: full-disclosure@...ts.grok.org.uk; bugtraq@...urityfocus.com Tema: Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day This isn't new. It isn't even a technique. http://www.bluecoat.com/support/securityadvisories/icap_patience A very recent example of this kind of vulnerability. My god you gnucitizen people are retarded. At least you didn't give it a ridiculous name like 'clickjacking'. Can you GNUtards please keep your 'research' into subjects people already know to yourself or at least not post it the lists, then at least I won't have to see it. Also "Malaysia: Cracking into Embedded Devices and Beyond!", who the fuck uses the word 'cracking' instead of 'hacking' in 2008? Sure for cracking passwords, but wow. 2008/10/31 Adrian P <unknown.pentester@...il.com>: > Hello folks, > > Yesterday, I presented for the first time [1] a new method to perform > universal website hijacking by exploiting content filtering features > commonly supported by corporate firewalls. I briefly discussed [2] the > finding on GNUCITIZEN in the past without giving away the details, but > rather mentioning what the attacker can do and some characteristics of > the attack. > > Anyway, I'm now releasing full details on how the technique works, and > a real 0day example against SonicWALL firewalls. > > The paper can be found on the GNUCITIZEN labs site. Please let me know > if you can successfully use the same technique against firewalls by > other vendors: > > http://sites.google.com/a/gnucitizen.org/lab/research-papers > > Finally, I'd like to thank Zero Day Initiative [3] for their great > work and the Hack in the Box crew for organizing such a fine event! > > Regards, > ap. > > REFERENCES > > [1] "HITBSecConf2008 - Malaysia: Cracking into Embedded Devices and Beyond!" > http://conference.hackinthebox.org/hitbsecconf2008kl/?page_id=186 > > [2] "New technique to perform universal website hijacking" > http://www.gnucitizen.org/blog/new-technique-to-perform-universal-website-hijacking/ > > [3] "SonicWALL Content-Filtering Universal Script Injection Vulnerability" > http://www.zerodayinitiative.com/advisories/ZDI-08-070/ > > -- > Adrian "pagvac" Pastor | GNUCITIZEN > gnucitizen.org > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists