lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1269.172.25.4.3.1091108598.squirrel@elektra>
Date: Thu, 29 Jul 2004 20:43:18 +0700 (ICT)
From: Rubén Molina <ruben@...a.edu.co>
To: bugtraq@...urityfocus.com
Subject: DansGuardian Hex Encoding URL Banned Extension Filter Bypass 
     Vulnerability


DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability
==========================================================================

Original Release Date: 2004-07-29
Author: Ruben Molina (a.k.a fradiavolo)
Email: ruben@...a.edu.co

!!! VIVA COLOMBIA !!!

1. Systems affected:

All DansGuardian up to and including DansGuardian 2.8.

2. Overview:

DansGuardian (http://dansguardian.org) is a web Open Source content filter
available
for various Unix based operating systems, including Linux. It filters the
actual
content of pages based on many methods including phrase matching, PICS
filtering and
URL filtering.

DansGuardian may allow malicious users to bypass the extension filter
rules when
processing URLs which contain an hex encoded filename (e.g:
http://server/file.%65%78%65 or http://server/file%2eexe).


3. Impact:

Under some installations, this may violate security policy, or allow users to
inadvertantly access malicious web content.


4. Solution:

Upgrade to DansGuardian 2.8.0.1

5. Patch:

--- FOptionContainer.cpp.diff ---
806d805
<     url.hexDecode();
---------------------------------

6. Timeline and credits:

28/07/2004 Notification to the main developer (author at dansguardian dot
org)
28/07/2004 DansGuardian 2.8.0.1 released
29/07/2004 Public Security Advisory.


7. Thanks to:

Gigax.org people and Silence Team ;)

--

Rubén Molina
0xDEF3F700

Zure atera iristean ostikada jotzen nola irtengo zara?
Eskuak buru gainean ala pistolaren gatilvan?


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ